.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:07:08.337694668Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:07:08.339734607Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:07:08.340978522Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:07:08.342177672Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:07:08.344781898Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:07:08.346461206Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:07:08.34798224Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:07:08.349528168Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:07:08.35239027Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:07:08.354186124Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:07:08.355405005Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:07:08.357850789Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:07:08.359142436Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:07:08.360371151Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:07:08.362186829Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:07:08.363838947Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:07:08.365475573Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:07:08.368163262Z | 53 | PC: 13ae6 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:07:08.369819185Z | 37 | PC: 13afb | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:07:08.371294932Z | 37 | PC: 13b03 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:07:08.373899886Z | 37 | PC: 13b0b | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:07:08.375381299Z | 37 | PC: 13b13 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:07:08.377956555Z | 68 | PC: 1424d | I/O control for devices (Set for = '') |
| 2018-12-17T23:07:08.490315824Z | 37 | PC: 13517 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:07:08.49348072Z | 48 | PC: 14708 | Get DOS version |
| 2018-12-17T23:07:08.495081097Z | 26 | PC: 13391 | Set disk transfer address |
| 2018-12-17T23:07:08.496304694Z | 78 | PC: 1339d | Find first file |
| 2018-12-17T23:07:08.50270056Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.50360835Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.506100805Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.507353554Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.509830659Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.510921981Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.513911044Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.514820052Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.517249697Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.518869655Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.521244853Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.522118034Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.525049411Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.525949168Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.5282606Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.529567798Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.531978364Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.532892811Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.535653699Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.536545056Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.538976666Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.540386085Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.542763034Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.543513154Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.546248709Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.547138558Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.549622259Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.550855342Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.553280623Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.554232563Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.557081316Z | 44 | PC: 140e9 | Get time 0x140e9: mov word ptr [0x38], cx 0x140ed: mov word ptr [0x3a], dx 0x140f1: retf 0x140f2: mov bx, sp 0x140f4: push ds 0x140f5: les di, ptr ss:[bx + 8] 0x140f9: lds si, ptr ss:[bx + 4] 0x140fd: cld 0x140fe: xor ax, ax 0x14100: stosw word ptr es:[di], ax 0x14101: mov ax, 0xd7b0 0x14104: stosw word ptr es:[di], ax 0x14105: mov ax, 0x80 0x14108: stosw word ptr es:[di], ax 0x14109: xor ax, ax 0x1410b: stosw word ptr es:[di], ax 0x1410c: stosw word ptr es:[di], ax 0x1410d: stosw word ptr es:[di], ax 0x1410e: lea ax, word ptr [di + 0x74] 0x14111: stosw word ptr es:[di], ax |
| 2018-12-17T23:07:08.559223175Z | 26 | PC: 13391 | Set disk transfer address |
| 2018-12-17T23:07:08.560384418Z | 78 | PC: 1339d | Find first file |
| 2018-12-17T23:07:08.567335886Z | 26 | PC: 13391 | Set disk transfer address |
| 2018-12-17T23:07:08.56824341Z | 78 | PC: 1339d | Find first file |
| 2018-12-17T23:07:08.57452359Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.576598108Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.578893211Z | 44 | PC: 140e9 | Get time 0x140e9: mov word ptr [0x38], cx 0x140ed: mov word ptr [0x3a], dx 0x140f1: retf 0x140f2: mov bx, sp 0x140f4: push ds 0x140f5: les di, ptr ss:[bx + 8] 0x140f9: lds si, ptr ss:[bx + 4] 0x140fd: cld 0x140fe: xor ax, ax 0x14100: stosw word ptr es:[di], ax 0x14101: mov ax, 0xd7b0 0x14104: stosw word ptr es:[di], ax 0x14105: mov ax, 0x80 0x14108: stosw word ptr es:[di], ax 0x14109: xor ax, ax 0x1410b: stosw word ptr es:[di], ax 0x1410c: stosw word ptr es:[di], ax 0x1410d: stosw word ptr es:[di], ax 0x1410e: lea ax, word ptr [di + 0x74] 0x14111: stosw word ptr es:[di], ax |
| 2018-12-17T23:07:08.581210067Z | 26 | PC: 13391 | Set disk transfer address |
| 2018-12-17T23:07:08.582978346Z | 78 | PC: 1339d | Find first file |
| 2018-12-17T23:07:08.589516126Z | 61 | PC: 145ba | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:07:08.595768191Z | 61 | PC: 145ba | Open file (Filename = '\TEST.COM') |
| 2018-12-17T23:07:08.602083304Z | 60 | PC: 145ba | Create or truncate file |
| 2018-12-17T23:07:08.619577247Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.626164046Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.634498507Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.641224134Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.64889772Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.656551687Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.664155584Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.670811291Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.678581703Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.685823407Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.693249444Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.700680683Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.709167658Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.715846358Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.723731426Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.730875197Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.738443137Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.744894634Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.752409015Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.759378778Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.766968604Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.774580638Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.782422237Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.788877199Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.796569618Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.803085549Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.810555523Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.817825641Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.826102213Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.83277037Z | 64 | PC: 1468d | Write file or device (Write 512 bytes on handle 6) |
| 2018-12-17T23:07:08.84019176Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.843126877Z | 64 | PC: 1468d | Write file or device (Write 384 bytes on handle 6) |
| 2018-12-17T23:07:08.846845594Z | 63 | PC: 1468d | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T23:07:08.849505846Z | 62 | PC: 1460a | Close file |
| 2018-12-17T23:07:08.85193031Z | 62 | PC: 1460a | Close file |
| 2018-12-17T23:07:08.860685523Z | 26 | PC: 13391 | Set disk transfer address |
| 2018-12-17T23:07:08.862250132Z | 78 | PC: 1339d | Find first file |
| 2018-12-17T23:07:08.868044316Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.869021866Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.871840149Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.872750794Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.875181881Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.876625121Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.879097187Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.88005242Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.883828409Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.884861867Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.888016438Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.890189024Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.892778646Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.893852052Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.897163104Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.898474278Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.901138482Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.904139535Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.906680397Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.907570953Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.910732774Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.911983982Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.914688499Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.91684866Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.919608491Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.920799585Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.924500825Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.925864824Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.928798972Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.931248592Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.934046218Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.935382306Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.942529394Z | 44 | PC: 140e9 | Get time 0x140e9: mov word ptr [0x38], cx 0x140ed: mov word ptr [0x3a], dx 0x140f1: retf 0x140f2: mov bx, sp 0x140f4: push ds 0x140f5: les di, ptr ss:[bx + 8] 0x140f9: lds si, ptr ss:[bx + 4] 0x140fd: cld 0x140fe: xor ax, ax 0x14100: stosw word ptr es:[di], ax 0x14101: mov ax, 0xd7b0 0x14104: stosw word ptr es:[di], ax 0x14105: mov ax, 0x80 0x14108: stosw word ptr es:[di], ax 0x14109: xor ax, ax 0x1410b: stosw word ptr es:[di], ax 0x1410c: stosw word ptr es:[di], ax 0x1410d: stosw word ptr es:[di], ax 0x1410e: lea ax, word ptr [di + 0x74] 0x14111: stosw word ptr es:[di], ax |
| 2018-12-17T23:07:08.945047052Z | 26 | PC: 13391 | Set disk transfer address |
| 2018-12-17T23:07:08.946510416Z | 78 | PC: 1339d | Find first file |
| 2018-12-17T23:07:08.953842501Z | 26 | PC: 13391 | Set disk transfer address |
| 2018-12-17T23:07:08.955275436Z | 78 | PC: 1339d | Find first file |
| 2018-12-17T23:07:08.961314611Z | 26 | PC: 133b5 | Set disk transfer address |
| 2018-12-17T23:07:08.963597415Z | 79 | PC: 133ba | Find next file |
| 2018-12-17T23:07:08.967072629Z | 44 | PC: 140e9 | Get time 0x140e9: mov word ptr [0x38], cx 0x140ed: mov word ptr [0x3a], dx 0x140f1: retf 0x140f2: mov bx, sp 0x140f4: push ds 0x140f5: les di, ptr ss:[bx + 8] 0x140f9: lds si, ptr ss:[bx + 4] 0x140fd: cld 0x140fe: xor ax, ax 0x14100: stosw word ptr es:[di], ax 0x14101: mov ax, 0xd7b0 0x14104: stosw word ptr es:[di], ax 0x14105: mov ax, 0x80 0x14108: stosw word ptr es:[di], ax 0x14109: xor ax, ax 0x1410b: stosw word ptr es:[di], ax 0x1410c: stosw word ptr es:[di], ax 0x1410d: stosw word ptr es:[di], ax 0x1410e: lea ax, word ptr [di + 0x74] 0x14111: stosw word ptr es:[di], ax |
| 2018-12-17T23:07:08.969802612Z | 26 | PC: 13391 | Set disk transfer address |
| 2018-12-17T23:07:08.971332597Z | 78 | PC: 1339d | Find first file |
| 2018-12-17T23:07:08.978359048Z | 86 | PC: 13345 | Rename file |
| 2018-12-17T23:07:08.986101433Z | 61 | PC: 14234 | Open file (Filename = '\virus.trp') |
| 2018-12-17T23:07:08.996212738Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:07:08.997459977Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:07:08.998482254Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:07:08.999963271Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:07:09.001344598Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:07:09.005624053Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:07:09.007258987Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:07:09.008621983Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:07:09.009969691Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:07:09.011562242Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:07:09.013217098Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:07:09.014594759Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:07:09.016769508Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:07:09.018606313Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:07:09.019988437Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:07:09.022167329Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:07:09.023987994Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:07:09.025401232Z | 37 | PC: 13bf5 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:07:09.027041189Z | 76 | PC: 13c34 | Terminate with return code (Return code = '0') |