.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T23:05:42.27028306Z | 48 | PC: 12a4c | Get DOS version |
| 2018-12-17T23:05:42.272200868Z | 53 | PC: 12ba8 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:05:42.273378663Z | 53 | PC: 12bb5 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T23:05:42.274525767Z | 53 | PC: 12bc2 | Get interrupt vector (Interrupt = '5' AKA 'Printer output') |
| 2018-12-17T23:05:42.276644915Z | 53 | PC: 12bcf | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O') |
| 2018-12-17T23:05:42.277826128Z | 37 | PC: 12be3 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:05:42.279067666Z | 74 | PC: 12b19 | Reallocate memory |
| 2018-12-17T23:05:42.283035588Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.289205406Z | 61 | PC: 138c4 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:05:42.295581622Z | 68 | PC: 13b90 | I/O control for devices (Set for = '') |
| 2018-12-17T23:05:42.296950906Z | 68 | PC: 13bb1 | I/O control for devices (Set for = 'Path not found�Insufficient memory�Extended Error %1���>����^��������') |
| 2018-12-17T23:05:42.299286151Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.310938273Z | 60 | PC: 13732 | Create or truncate file |
| 2018-12-17T23:05:42.328124354Z | 68 | PC: 13bb1 | I/O control for devices (Set for = 'Path not found�Insufficient memory�Extended Error %1���>����^��������') |
| 2018-12-17T23:05:42.330955473Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.341934998Z | 60 | PC: 13732 | Create or truncate file |
| 2018-12-17T23:05:42.35258557Z | 68 | PC: 13bb1 | I/O control for devices (Set for = 'Path not found�Insufficient memory�Extended Error %1���>����^��������') |
| 2018-12-17T23:05:42.355749512Z | 63 | PC: 13fde | Read file or device (Read 17920 bytes on handle 5) |
| 2018-12-17T23:05:42.363727455Z | 63 | PC: 13fde | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:05:42.370952945Z | 64 | PC: 141ad | Write file or device (Write 18078 bytes on handle 7) |
| 2018-12-17T23:05:42.381182759Z | 63 | PC: 13fde | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:05:42.385715101Z | 64 | PC: 141ad | Write file or device (Write 1000 bytes on handle 6) |
| 2018-12-17T23:05:42.394319748Z | 62 | PC: 13d44 | Close file |
| 2018-12-17T23:05:42.398472555Z | 62 | PC: 13d44 | Close file |
| 2018-12-17T23:05:42.404173039Z | 62 | PC: 13d44 | Close file |
| 2018-12-17T23:05:42.409159916Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.414064518Z | 60 | PC: 13732 | Create or truncate file |
| 2018-12-17T23:05:42.42119707Z | 68 | PC: 13bb1 | I/O control for devices (Set for = 't
3�&� C&:�t���<
Y[�SQ.��[� .�&a��< t6< t2<,t1< u��< u�� F:���&�}��r�3�&�M���t���') |
| 2018-12-17T23:05:42.422757402Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.427384036Z | 60 | PC: 13732 | Create or truncate file |
| 2018-12-17T23:05:42.436077384Z | 68 | PC: 13bb1 | I/O control for devices (Set for = 't
3�&� C&:�t���<
Y[�SQ.��[� .�&a��< t6< t2<,t1< u��< u�� F:���&�}��r�3�&�M���t���') |
| 2018-12-17T23:05:42.449781268Z | 26 | PC: 14f3a | Set disk transfer address |
| 2018-12-17T23:05:42.451779163Z | 78 | PC: 14f44 | Find first file |
| 2018-12-17T23:05:42.467923856Z | 61 | PC: 138c4 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T23:05:42.475837636Z | 68 | PC: 13b90 | I/O control for devices (Set for = '') |
| 2018-12-17T23:05:42.478470686Z | 68 | PC: 13bb1 | I/O control for devices (Set for = 'Path not found�Insufficient memory�Extended Error %1���>����^��������') |
| 2018-12-17T23:05:42.480472297Z | 66 | PC: 1421d | Move file pointer |
| 2018-12-17T23:05:42.482305455Z | 63 | PC: 13fde | Read file or device (Read 512 bytes on handle 7) |
| 2018-12-17T23:05:42.49122766Z | 62 | PC: 13d44 | Close file |
| 2018-12-17T23:05:42.493911717Z | 26 | PC: 14f5c | Set disk transfer address |
| 2018-12-17T23:05:42.495267335Z | 79 | PC: 14f60 | Find next file |
| 2018-12-17T23:05:42.503071692Z | 61 | PC: 138c4 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T23:05:42.510372493Z | 68 | PC: 13b90 | I/O control for devices (Set for = '') |
| 2018-12-17T23:05:42.512114792Z | 68 | PC: 13bb1 | I/O control for devices (Set for = 'Path not found�Insufficient memory�Extended Error %1���>����^��������') |
| 2018-12-17T23:05:42.514745508Z | 66 | PC: 1421d | Move file pointer |
| 2018-12-17T23:05:42.517324476Z | 63 | PC: 13fde | Read file or device (Read 512 bytes on handle 7) |
| 2018-12-17T23:05:42.524728435Z | 62 | PC: 13d44 | Close file |
| 2018-12-17T23:05:42.527655947Z | 26 | PC: 14f3a | Set disk transfer address |
| 2018-12-17T23:05:42.52971745Z | 78 | PC: 14f44 | Find first file |
| 2018-12-17T23:05:42.540567365Z | 61 | PC: 138c4 | Open file (Filename = 'C:\DOS\ATTRIB.EXE') |
| 2018-12-17T23:05:42.547847763Z | 68 | PC: 13b90 | I/O control for devices (Set for = '') |
| 2018-12-17T23:05:42.550538324Z | 68 | PC: 13bb1 | I/O control for devices (Set for = 'Path not found�Insufficient memory�Extended Error %1���>����^��������') |
| 2018-12-17T23:05:42.552423834Z | 66 | PC: 1421d | Move file pointer |
| 2018-12-17T23:05:42.553895599Z | 63 | PC: 13fde | Read file or device (Read 512 bytes on handle 7) |
| 2018-12-17T23:05:42.560850449Z | 62 | PC: 13d44 | Close file |
| 2018-12-17T23:05:42.562679228Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.568694834Z | 26 | PC: 14f5c | Set disk transfer address |
| 2018-12-17T23:05:42.570232435Z | 79 | PC: 14f60 | Find next file |
| 2018-12-17T23:05:42.574642378Z | 61 | PC: 138c4 | Open file (Filename = '��o����u��,\CHKDSK.EXE') |
| 2018-12-17T23:05:42.579410817Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.584342618Z | 26 | PC: 14f5c | Set disk transfer address |
| 2018-12-17T23:05:42.586254333Z | 79 | PC: 14f60 | Find next file |
| 2018-12-17T23:05:42.590213076Z | 61 | PC: 138c4 | Open file (Filename = '\DEBUG.EXE') |
| 2018-12-17T23:05:42.598455832Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.602516277Z | 26 | PC: 14f5c | Set disk transfer address |
| 2018-12-17T23:05:42.603786026Z | 79 | PC: 14f60 | Find next file |
| 2018-12-17T23:05:42.609095297Z | 61 | PC: 138c4 | Open file (Filename = '����/��5��>3���=��1��>/���M��>K���=��E��>C��.����/��Y��>W���r�
����$��w�\EXPAND.EXE') |
| 2018-12-17T23:05:42.613975712Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.618267365Z | 26 | PC: 14f5c | Set disk transfer address |
| 2018-12-17T23:05:42.620261339Z | 79 | PC: 14f60 | Find next file |
| 2018-12-17T23:05:42.624705516Z | 61 | PC: 138c4 | Open file (Filename = 'F����w�r���s��v��v��v
��3����8�63��(�v�V�v
��3҉V��F���3�;�u�;�t��������v�G;~�rӋF��\FDISK.EXE') |
| 2018-12-17T23:05:42.629633351Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.634393748Z | 26 | PC: 14f5c | Set disk transfer address |
| 2018-12-17T23:05:42.635628379Z | 79 | PC: 14f60 | Find next file |
| 2018-12-17T23:05:42.639905319Z | 61 | PC: 138c4 | Open file (Filename = 'FILES2\MEM.EXE') |
| 2018-12-17T23:05:42.647134162Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.653085994Z | 26 | PC: 14f5c | Set disk transfer address |
| 2018-12-17T23:05:42.654057862Z | 79 | PC: 14f60 | Find next file |
| 2018-12-17T23:05:42.661669522Z | 61 | PC: 138c4 | Open file (Filename = '����>r���\NLSFUNC.EXE') |
| 2018-12-17T23:05:42.666867049Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.670776305Z | 26 | PC: 14f5c | Set disk transfer address |
| 2018-12-17T23:05:42.672167481Z | 79 | PC: 14f60 | Find next file |
| 2018-12-17T23:05:42.676457424Z | 61 | PC: 138c4 | Open file (Filename = '\QBASIC.EXE') |
| 2018-12-17T23:05:42.683135482Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.687765278Z | 26 | PC: 14f5c | Set disk transfer address |
| 2018-12-17T23:05:42.688795687Z | 79 | PC: 14f60 | Find next file |
| 2018-12-17T23:05:42.692847671Z | 61 | PC: 138c4 | Open file (Filename = '��\REPLACE.EXE') |
| 2018-12-17T23:05:42.698135775Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.703557839Z | 26 | PC: 14f5c | Set disk transfer address |
| 2018-12-17T23:05:42.704862377Z | 79 | PC: 14f60 | Find next file |
| 2018-12-17T23:05:42.709214055Z | 61 | PC: 138c4 | Open file (Filename = '=�\RESTORE.EXE') |
| 2018-12-17T23:05:42.715611588Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.719881096Z | 26 | PC: 14f5c | Set disk transfer address |
| 2018-12-17T23:05:42.721173515Z | 79 | PC: 14f60 | Find next file |
| 2018-12-17T23:05:42.726332564Z | 61 | PC: 138c4 | Open file (Filename = '=�\SCANDISK.EXE') |
| 2018-12-17T23:05:42.73105656Z | 67 | PC: 144a3 | Get or set file attributes |
| 2018-12-17T23:05:42.735923632Z | 26 | PC: 14f5c | Set disk transfer address |
| 2018-12-17T23:05:42.73868377Z | 79 | PC: 14f60 | Find next file |
| 2018-12-17T23:05:42.764563205Z | 48 | PC: 12a4c | Get DOS version |
| 2018-12-17T23:05:42.765687048Z | 53 | PC: 12ba8 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:05:42.767790807Z | 53 | PC: 12bb5 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T23:05:42.768889688Z | 53 | PC: 12bc2 | Get interrupt vector (Interrupt = '5' AKA 'Printer output') |
| 2018-12-17T23:05:42.769977744Z | 53 | PC: 12bcf | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O') |
| 2018-12-17T23:05:42.77186772Z | 37 | PC: 12be3 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:05:42.773271532Z | 64 | PC: 12c21 | Write file or device (Write 30 bytes on handle 2) |
| 2018-12-17T23:05:42.776043868Z | 37 | PC: 12bef | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:05:42.778039786Z | 37 | PC: 12bfa | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T23:05:42.779096275Z | 37 | PC: 12c05 | Set interrupt vector (Interrupt = '5' AKA 'Printer output') |
| 2018-12-17T23:05:42.780141292Z | 37 | PC: 12c10 | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O') |
