.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:04:33.257738776Z | 26 | PC: 12aa9 | Set disk transfer address |
| 2018-12-17T23:04:33.259916981Z | 78 | PC: 12ac0 | Find first file |
| 2018-12-17T23:04:33.273457695Z | 61 | PC: 12b47 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:04:33.280151681Z | 63 | PC: 12b55 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T23:04:33.286936854Z | 66 | PC: 12b70 | Move file pointer |
| 2018-12-17T23:04:33.288765225Z | 44 | PC: 12b7a | Get time 0x12b7a: mov byte ptr [bp + 0x277], dl 0x12b7e: call 0x12bae 0x12b81: mov ah, 0x40 0x12b83: mov cx, 0x138 0x12b86: lea dx, word ptr [bp + 0x148] 0x12b8a: int 0x21 0x12b8c: call 0x12bae 0x12b8f: mov ax, 0x4200 0x12b92: mov cx, 0 0x12b95: mov dx, 0 0x12b98: int 0x21 0x12b9a: mov ah, 0x40 0x12b9c: mov cx, 5 0x12b9f: lea dx, word ptr [bp + 0x1b6] 0x12ba3: int 0x21 0x12ba5: inc byte ptr [bp + 0x1aa] 0x12ba9: mov ah, 0x3e 0x12bab: int 0x21 0x12bad: ret 0x12bae: lea si, word ptr [bp + 0x155] |
| 2018-12-17T23:04:33.291259055Z | 64 | PC: 12b8c | Write file or device (Write 312 bytes on handle 5) |
| 2018-12-17T23:04:33.321467572Z | 66 | PC: 12b9a | Move file pointer |
| 2018-12-17T23:04:33.323598833Z | 64 | PC: 12ba5 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T23:04:33.330435388Z | 62 | PC: 12bad | Close file |
| 2018-12-17T23:04:33.35209869Z | 79 | PC: 12ac0 | Find next file |
| 2018-12-17T23:04:33.356765852Z | 61 | PC: 12b47 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T23:04:33.363286995Z | 63 | PC: 12b55 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T23:04:33.379762695Z | 66 | PC: 12b70 | Move file pointer |
| 2018-12-17T23:04:33.382475692Z | 44 | PC: 12b7a | Get time 0x12b7a: mov byte ptr [bp + 0x277], dl 0x12b7e: call 0x12bae 0x12b81: mov ah, 0x40 0x12b83: mov cx, 0x138 0x12b86: lea dx, word ptr [bp + 0x148] 0x12b8a: int 0x21 0x12b8c: call 0x12bae 0x12b8f: mov ax, 0x4200 0x12b92: mov cx, 0 0x12b95: mov dx, 0 0x12b98: int 0x21 0x12b9a: mov ah, 0x40 0x12b9c: mov cx, 5 0x12b9f: lea dx, word ptr [bp + 0x1b6] 0x12ba3: int 0x21 0x12ba5: inc byte ptr [bp + 0x1aa] 0x12ba9: mov ah, 0x3e 0x12bab: int 0x21 0x12bad: ret 0x12bae: lea si, word ptr [bp + 0x155] |
| 2018-12-17T23:04:33.38507498Z | 64 | PC: 12b8c | Write file or device (Write 312 bytes on handle 5) |
| 2018-12-17T23:04:33.38816914Z | 66 | PC: 12b9a | Move file pointer |
| 2018-12-17T23:04:33.391183011Z | 64 | PC: 12ba5 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T23:04:33.394363876Z | 62 | PC: 12bad | Close file |
| 2018-12-17T23:04:33.402191976Z | 79 | PC: 12ac0 | Find next file |
| 2018-12-17T23:04:33.405733249Z | 61 | PC: 12b47 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T23:04:33.412531488Z | 63 | PC: 12b55 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T23:04:33.41916514Z | 66 | PC: 12b70 | Move file pointer |
| 2018-12-17T23:04:33.421556124Z | 44 | PC: 12b7a | Get time 0x12b7a: mov byte ptr [bp + 0x277], dl 0x12b7e: call 0x12bae 0x12b81: mov ah, 0x40 0x12b83: mov cx, 0x138 0x12b86: lea dx, word ptr [bp + 0x148] 0x12b8a: int 0x21 0x12b8c: call 0x12bae 0x12b8f: mov ax, 0x4200 0x12b92: mov cx, 0 0x12b95: mov dx, 0 0x12b98: int 0x21 0x12b9a: mov ah, 0x40 0x12b9c: mov cx, 5 0x12b9f: lea dx, word ptr [bp + 0x1b6] 0x12ba3: int 0x21 0x12ba5: inc byte ptr [bp + 0x1aa] 0x12ba9: mov ah, 0x3e 0x12bab: int 0x21 0x12bad: ret 0x12bae: lea si, word ptr [bp + 0x155] |
| 2018-12-17T23:04:33.424007357Z | 64 | PC: 12b8c | Write file or device (Write 312 bytes on handle 5) |
| 2018-12-17T23:04:33.427034225Z | 66 | PC: 12b9a | Move file pointer |
| 2018-12-17T23:04:33.429422951Z | 64 | PC: 12ba5 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T23:04:33.438691246Z | 62 | PC: 12bad | Close file |
| 2018-12-17T23:04:33.44668534Z | 79 | PC: 12ac0 | Find next file |
| 2018-12-17T23:04:33.449301934Z | 61 | PC: 12b47 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T23:04:33.455981144Z | 63 | PC: 12b55 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T23:04:33.462942162Z | 66 | PC: 12b70 | Move file pointer |
| 2018-12-17T23:04:33.46427546Z | 44 | PC: 12b7a | Get time 0x12b7a: mov byte ptr [bp + 0x277], dl 0x12b7e: call 0x12bae 0x12b81: mov ah, 0x40 0x12b83: mov cx, 0x138 0x12b86: lea dx, word ptr [bp + 0x148] 0x12b8a: int 0x21 0x12b8c: call 0x12bae 0x12b8f: mov ax, 0x4200 0x12b92: mov cx, 0 0x12b95: mov dx, 0 0x12b98: int 0x21 0x12b9a: mov ah, 0x40 0x12b9c: mov cx, 5 0x12b9f: lea dx, word ptr [bp + 0x1b6] 0x12ba3: int 0x21 0x12ba5: inc byte ptr [bp + 0x1aa] 0x12ba9: mov ah, 0x3e 0x12bab: int 0x21 0x12bad: ret 0x12bae: lea si, word ptr [bp + 0x155] |
| 2018-12-17T23:04:33.467193769Z | 64 | PC: 12b8c | Write file or device (Write 312 bytes on handle 5) |
| 2018-12-17T23:04:33.470105287Z | 66 | PC: 12b9a | Move file pointer |
| 2018-12-17T23:04:33.47166541Z | 64 | PC: 12ba5 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T23:04:33.475070513Z | 62 | PC: 12bad | Close file |
| 2018-12-17T23:04:33.483829128Z | 79 | PC: 12ac0 | Find next file |
| 2018-12-17T23:04:33.486384158Z | 61 | PC: 12b47 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T23:04:33.494726684Z | 63 | PC: 12b55 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T23:04:33.501144597Z | 66 | PC: 12b70 | Move file pointer |
| 2018-12-17T23:04:33.502863386Z | 44 | PC: 12b7a | Get time 0x12b7a: mov byte ptr [bp + 0x277], dl 0x12b7e: call 0x12bae 0x12b81: mov ah, 0x40 0x12b83: mov cx, 0x138 0x12b86: lea dx, word ptr [bp + 0x148] 0x12b8a: int 0x21 0x12b8c: call 0x12bae 0x12b8f: mov ax, 0x4200 0x12b92: mov cx, 0 0x12b95: mov dx, 0 0x12b98: int 0x21 0x12b9a: mov ah, 0x40 0x12b9c: mov cx, 5 0x12b9f: lea dx, word ptr [bp + 0x1b6] 0x12ba3: int 0x21 0x12ba5: inc byte ptr [bp + 0x1aa] 0x12ba9: mov ah, 0x3e 0x12bab: int 0x21 0x12bad: ret 0x12bae: lea si, word ptr [bp + 0x155] |
| 2018-12-17T23:04:33.505781091Z | 64 | PC: 12b8c | Write file or device (Write 312 bytes on handle 5) |
| 2018-12-17T23:04:33.508839956Z | 66 | PC: 12b9a | Move file pointer |
| 2018-12-17T23:04:33.510462579Z | 64 | PC: 12ba5 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T23:04:33.514760923Z | 62 | PC: 12bad | Close file |
| 2018-12-17T23:04:33.522727386Z | 26 | PC: 12ad0 | Set disk transfer address |
| 2018-12-17T23:04:33.524131483Z | 44 | PC: 12ad4 | Get time 0x12ad4: cmp dl, 0xf 0x12ad7: jge 0x12ae5 0x12ad9: mov ah, 9 0x12adb: lea dx, word ptr [bp + 0x1bb] 0x12adf: int 0x21 0x12ae1: mov ah, 7 0x12ae3: int 0x21 0x12ae5: mov di, 0x100 0x12ae8: push di 0x12ae9: ret 0x12aea: add ax, 0x2e2a 0x12aed: inc bx 0x12aee: dec di 0x12aef: dec bp 0x12af0: add byte ptr [bp + si + 0x10d], bh 0x12af4: mov ah, 9 0x12af6: jmp 0x12b13 0x12af9: inc di 0x12afa: dec si 0x12afb: inc sp |
| 2018-12-17T23:04:33.526794443Z | 9 | PC: 12a4e | Display string (String= 'This is a dropper of: Conjurer: The Next Generation! ') |