.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:05:50.524330575Z | 42 | PC: 12a61 | Get date 0x12a61: mov byte ptr ds:[bp + 0x3f0], dl 0x12a66: mov byte ptr ds:[bp + 0x3ef], dh 0x12a6b: mov byte ptr ds:[bp + 0x3ee], al 0x12a70: cmp dl, 1 0x12a73: jne 0x12a7b 0x12a75: call 0x12bee 0x12a78: jmp 0x12ac4 0x12a7a: nop 0x12a7b: cmp al, 0 0x12a7d: je 0x12a89 0x12a7f: mov di, 0x100 0x12a82: lea si, word ptr [bp + 0x2f3] 0x12a86: push di 0x12a87: movsw word ptr es:[di], word ptr [si] 0x12a88: movsw word ptr es:[di], word ptr [si] 0x12a89: lea dx, word ptr [bp + 0x433] 0x12a8d: call 0x12b9e 0x12a90: jmp 0x12b89 0x12a93: cmp byte ptr ds:[bp + 0x3f0], 0x1b 0x12a99: jne 0x12aa6 |
| 2018-12-17T23:05:50.526318643Z | 26 | PC: 12ba2 | Set disk transfer address |
| 2018-12-17T23:05:50.528101075Z | 78 | PC: 12b94 | Find first file |
| 2018-12-17T23:05:50.532957335Z | 67 | PC: 12aeb | Get or set file attributes |
| 2018-12-17T23:05:50.538686228Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:50.559613025Z | 61 | PC: 12c32 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:05:50.567092459Z | 87 | PC: 12afb | Get or set file date and time |
| 2018-12-17T23:05:50.569144588Z | 63 | PC: 12b08 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:50.577545353Z | 66 | PC: 12ba8 | Move file pointer |
| 2018-12-17T23:05:50.579228418Z | 66 | PC: 12ba8 | Move file pointer |
| 2018-12-17T23:05:50.580824219Z | 64 | PC: 12be3 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:05:50.584795896Z | 66 | PC: 12ba8 | Move file pointer |
| 2018-12-17T23:05:50.586823739Z | 44 | PC: 12b3a | Get time 0x12b3a: mov word ptr ds:[bp + 0x41e], dx 0x12b3f: mov cx, 0x12 0x12b42: lea di, word ptr [bp + 0x45e] 0x12b46: lea si, word ptr [bp + 0x420] 0x12b4a: push cx 0x12b4b: push si 0x12b4c: rep movsb byte ptr es:[di], byte ptr [si] 0x12b4e: cmp byte ptr ds:[bp + 0x3ee], 0 0x12b54: jne 0x12b62 0x12b56: mov cx, 0xd 0x12b59: lea si, word ptr [bp + 0x273] 0x12b5d: rep movsb byte ptr es:[di], byte ptr [si] 0x12b5f: jmp 0x12b6b 0x12b61: nop 0x12b62: mov cx, 0xb 0x12b65: lea si, word ptr [bp + 0x179] 0x12b69: rep movsb byte ptr es:[di], byte ptr [si] 0x12b6b: pop si 0x12b6c: pop cx 0x12b6d: rep movsb byte ptr es:[di], byte ptr [si] |
| 2018-12-17T23:05:50.590275729Z | 64 | PC: 12dbb | Write file or device (Write 815 bytes on handle 5) |
| 2018-12-17T23:05:50.600591656Z | 87 | PC: 12b7c | Get or set file date and time |
| 2018-12-17T23:05:50.60967698Z | 62 | PC: 12b80 | Close file |
| 2018-12-17T23:05:50.618955155Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:50.630159151Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T23:05:50.634633364Z | 67 | PC: 12aeb | Get or set file attributes |
| 2018-12-17T23:05:50.64136432Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:50.652355486Z | 61 | PC: 12c32 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T23:05:50.667089099Z | 87 | PC: 12afb | Get or set file date and time |
| 2018-12-17T23:05:50.668996565Z | 63 | PC: 12b08 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:50.676239525Z | 87 | PC: 12b7c | Get or set file date and time |
| 2018-12-17T23:05:50.67877415Z | 62 | PC: 12b80 | Close file |
| 2018-12-17T23:05:50.693380193Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:50.704530399Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T23:05:50.708738712Z | 67 | PC: 12aeb | Get or set file attributes |
| 2018-12-17T23:05:50.71519955Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:50.727787268Z | 61 | PC: 12c32 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T23:05:50.738149051Z | 87 | PC: 12afb | Get or set file date and time |
| 2018-12-17T23:05:50.740493349Z | 63 | PC: 12b08 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:50.748606724Z | 66 | PC: 12ba8 | Move file pointer |
| 2018-12-17T23:05:50.75059361Z | 66 | PC: 12ba8 | Move file pointer |
| 2018-12-17T23:05:50.753278899Z | 64 | PC: 12be3 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:05:50.756678411Z | 66 | PC: 12ba8 | Move file pointer |
| 2018-12-17T23:05:50.758662131Z | 44 | PC: 12b3a | Get time 0x12b3a: mov word ptr ds:[bp + 0x41e], dx 0x12b3f: mov cx, 0x12 0x12b42: lea di, word ptr [bp + 0x45e] 0x12b46: lea si, word ptr [bp + 0x420] 0x12b4a: push cx 0x12b4b: push si 0x12b4c: rep movsb byte ptr es:[di], byte ptr [si] 0x12b4e: cmp byte ptr ds:[bp + 0x3ee], 0 0x12b54: jne 0x12b62 0x12b56: mov cx, 0xd 0x12b59: lea si, word ptr [bp + 0x273] 0x12b5d: rep movsb byte ptr es:[di], byte ptr [si] 0x12b5f: jmp 0x12b6b 0x12b61: nop 0x12b62: mov cx, 0xb 0x12b65: lea si, word ptr [bp + 0x179] 0x12b69: rep movsb byte ptr es:[di], byte ptr [si] 0x12b6b: pop si 0x12b6c: pop cx 0x12b6d: rep movsb byte ptr es:[di], byte ptr [si] |
| 2018-12-17T23:05:50.762258614Z | 64 | PC: 12dbb | Write file or device (Write 815 bytes on handle 5) |
| 2018-12-17T23:05:50.771708602Z | 87 | PC: 12b7c | Get or set file date and time |
| 2018-12-17T23:05:50.773777682Z | 62 | PC: 12b80 | Close file |
| 2018-12-17T23:05:50.783128865Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:50.793929674Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T23:05:50.797153655Z | 67 | PC: 12aeb | Get or set file attributes |
| 2018-12-17T23:05:50.805290324Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:50.832349563Z | 61 | PC: 12c32 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T23:05:50.839496772Z | 87 | PC: 12afb | Get or set file date and time |
| 2018-12-17T23:05:50.842189585Z | 63 | PC: 12b08 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:50.84970198Z | 87 | PC: 12b7c | Get or set file date and time |
| 2018-12-17T23:05:50.851556337Z | 62 | PC: 12b80 | Close file |
| 2018-12-17T23:05:50.860041581Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:50.882578827Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T23:05:50.887910983Z | 67 | PC: 12aeb | Get or set file attributes |
| 2018-12-17T23:05:50.899910065Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:50.914919927Z | 61 | PC: 12c32 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T23:05:50.923201428Z | 87 | PC: 12afb | Get or set file date and time |
| 2018-12-17T23:05:50.925346391Z | 63 | PC: 12b08 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:50.933808994Z | 87 | PC: 12b7c | Get or set file date and time |
| 2018-12-17T23:05:50.93573223Z | 62 | PC: 12b80 | Close file |
| 2018-12-17T23:05:50.943625451Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:50.955843394Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T23:05:50.959261802Z | 67 | PC: 12aeb | Get or set file attributes |
| 2018-12-17T23:05:50.966953063Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:50.979012508Z | 61 | PC: 12c32 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T23:05:50.993045144Z | 87 | PC: 12afb | Get or set file date and time |
| 2018-12-17T23:05:50.994960465Z | 63 | PC: 12b08 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:51.003322127Z | 66 | PC: 12ba8 | Move file pointer |
| 2018-12-17T23:05:51.00528636Z | 66 | PC: 12ba8 | Move file pointer |
| 2018-12-17T23:05:51.007183397Z | 64 | PC: 12be3 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:05:51.01032277Z | 66 | PC: 12ba8 | Move file pointer |
| 2018-12-17T23:05:51.013222682Z | 44 | PC: 12b3a | Get time 0x12b3a: mov word ptr ds:[bp + 0x41e], dx 0x12b3f: mov cx, 0x12 0x12b42: lea di, word ptr [bp + 0x45e] 0x12b46: lea si, word ptr [bp + 0x420] 0x12b4a: push cx 0x12b4b: push si 0x12b4c: rep movsb byte ptr es:[di], byte ptr [si] 0x12b4e: cmp byte ptr ds:[bp + 0x3ee], 0 0x12b54: jne 0x12b62 0x12b56: mov cx, 0xd 0x12b59: lea si, word ptr [bp + 0x273] 0x12b5d: rep movsb byte ptr es:[di], byte ptr [si] 0x12b5f: jmp 0x12b6b 0x12b61: nop 0x12b62: mov cx, 0xb 0x12b65: lea si, word ptr [bp + 0x179] 0x12b69: rep movsb byte ptr es:[di], byte ptr [si] 0x12b6b: pop si 0x12b6c: pop cx 0x12b6d: rep movsb byte ptr es:[di], byte ptr [si] |
| 2018-12-17T23:05:51.016447726Z | 64 | PC: 12dbb | Write file or device (Write 815 bytes on handle 5) |
| 2018-12-17T23:05:51.026742503Z | 87 | PC: 12b7c | Get or set file date and time |
| 2018-12-17T23:05:51.029789372Z | 62 | PC: 12b80 | Close file |
| 2018-12-17T23:05:51.038636237Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:51.050864018Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T23:05:51.055014903Z | 67 | PC: 12aeb | Get or set file attributes |
| 2018-12-17T23:05:51.063123329Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:51.074839548Z | 61 | PC: 12c32 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T23:05:51.083649693Z | 87 | PC: 12afb | Get or set file date and time |
| 2018-12-17T23:05:51.086049576Z | 63 | PC: 12b08 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:51.093924443Z | 87 | PC: 12b7c | Get or set file date and time |
| 2018-12-17T23:05:51.09588004Z | 62 | PC: 12b80 | Close file |
| 2018-12-17T23:05:51.105436268Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:51.118963342Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T23:05:51.122208334Z | 67 | PC: 12aeb | Get or set file attributes |
| 2018-12-17T23:05:51.129659314Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:51.1406347Z | 61 | PC: 12c32 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T23:05:51.14833566Z | 87 | PC: 12afb | Get or set file date and time |
| 2018-12-17T23:05:51.150974642Z | 63 | PC: 12b08 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:05:51.158229854Z | 87 | PC: 12b7c | Get or set file date and time |
| 2018-12-17T23:05:51.160402449Z | 62 | PC: 12b80 | Close file |
| 2018-12-17T23:05:51.169064366Z | 67 | PC: 12c2a | Get or set file attributes |
| 2018-12-17T23:05:51.180194323Z | 79 | PC: 12b94 | Find next file |
| 2018-12-17T23:05:51.183471284Z | 26 | PC: 12ba2 | Set disk transfer address |