.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:06:10.141149318Z | 48 | PC: 12baf | Get DOS version |
| 2018-12-17T23:06:10.143261028Z | 47 | PC: 12bbb | Get disk transfer address |
| 2018-12-17T23:06:10.145099785Z | 26 | PC: 12bc8 | Set disk transfer address |
| 2018-12-17T23:06:10.146941258Z | 78 | PC: 12c3b | Find first file |
| 2018-12-17T23:06:10.154891445Z | 67 | PC: 12c7a | Get or set file attributes |
| 2018-12-17T23:06:10.162444606Z | 67 | PC: 12c88 | Get or set file attributes |
| 2018-12-17T23:06:10.179794957Z | 61 | PC: 12c90 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:06:10.187228574Z | 87 | PC: 12c9c | Get or set file date and time |
| 2018-12-17T23:06:10.189919092Z | 44 | PC: 12ca6 | Get time 0x12ca6: mov ah, 0x3f 0x12ca8: mov cx, 3 0x12cab: lea dx, word ptr [si + 0x13] 0x12cae: int 0x21 0x12cb0: jb 0x12cf9 0x12cb2: cmp ax, 3 0x12cb5: jne 0x12cf9 0x12cb7: mov ax, 0x4202 0x12cba: xor cx, cx 0x12cbc: xor dx, dx 0x12cbe: int 0x21 0x12cc0: jb 0x12cf9 0x12cc2: mov cx, ax 0x12cc4: sub ax, 3 0x12cc7: mov word ptr [si + 0x17], ax 0x12cca: add cx, 0x2aa 0x12cce: mov word ptr [si - 0x1a9], cx 0x12cd2: mov ah, 0x40 0x12cd4: mov cx, 0x1ce 0x12cd7: nop |
| 2018-12-17T23:06:10.192468395Z | 63 | PC: 12cb0 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:06:10.199820428Z | 66 | PC: 12cc0 | Move file pointer |
| 2018-12-17T23:06:10.202080057Z | 64 | PC: 12cde | Write file or device (Write 462 bytes on handle 5) |
| 2018-12-17T23:06:10.211158846Z | 66 | PC: 12ced | Move file pointer |
| 2018-12-17T23:06:10.212896393Z | 64 | PC: 12cf9 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T23:06:10.220660501Z | 87 | PC: 12d0a | Get or set file date and time |
| 2018-12-17T23:06:10.222790436Z | 62 | PC: 12d0e | Close file |
| 2018-12-17T23:06:10.232041839Z | 67 | PC: 12d19 | Get or set file attributes |
| 2018-12-17T23:06:10.242861362Z | 26 | PC: 12d24 | Set disk transfer address |
| 2018-12-17T23:06:10.244938457Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ') |
| 2018-12-17T23:06:10.249615991Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |