.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:06:25.580967819Z | 48 | PC: 21f24 | Get DOS version |
| 2018-12-17T23:06:25.583041765Z | 74 | PC: 12b51 | Reallocate memory |
| 2018-12-17T23:06:25.584539804Z | 44 | PC: 12b55 | Get time 0x12b55: mov word ptr cs:[0x6b6], dx 0x12b5a: or dl, 0x10 0x12b5d: mov byte ptr cs:[0x9e0], dl 0x12b62: mov byte ptr cs:[0x264], 0 0x12b68: mov byte ptr cs:[0x4fa], 0 0x12b6e: mov ah, 8 0x12b70: mov dl, 0x80 0x12b72: int 0x13 0x12b74: jb 0x12b7b 0x12b76: mov byte ptr cs:[0x4fa], dl 0x12b7b: sub ax, ax 0x12b7d: mov ds, ax 0x12b7f: mov word ptr [0x200], 0xaaaa 0x12b85: mov ax, word ptr [0x84] 0x12b88: mov word ptr cs:[0x26], ax 0x12b8c: mov word ptr cs:[0x22], ax 0x12b90: mov ax, word ptr [0x86] 0x12b93: mov word ptr cs:[0x28], ax 0x12b97: mov word ptr cs:[0x24], ax 0x12b9b: mov ax, word ptr [0x4c] |
| 2018-12-17T23:06:25.587686345Z | 51 | PC: 12bd2 | Get or set Ctrl-Break |
| 2018-12-17T23:06:25.60775086Z | 75 | PC: 12c23 | Execute program |
| 2018-12-17T23:06:25.627819616Z | 9 | PC: 135e5 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat F400H bytes long ') |
| 2018-12-17T23:06:25.634092678Z | 0 | PC: 135e9 | Program terminate |
| 2018-12-17T23:06:25.63689144Z | 49 | PC: 12c41 | Terminate and stay resident (Return code = '0' | Memory size = '176') |