.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:04:14.170891176Z | 78 | PC: 12a83 | Find first file |
| 2018-12-17T22:04:14.175437445Z | 67 | PC: 12ad3 | Get or set file attributes |
| 2018-12-17T22:04:14.190918679Z | 61 | PC: 12ae0 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:04:14.197894072Z | 63 | PC: 12af8 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:04:14.202932914Z | 66 | PC: 12b0d | Move file pointer |
| 2018-12-17T22:04:14.204299128Z | 66 | PC: 12b47 | Move file pointer |
| 2018-12-17T22:04:14.205358914Z | 63 | PC: 12b5a | Read file or device (Read 1 bytes on handle 5) |
| 2018-12-17T22:04:14.207427635Z | 66 | PC: 12b9c | Move file pointer |
| 2018-12-17T22:04:14.208711573Z | 64 | PC: 12bb0 | Write file or device (Write 797 bytes on handle 5) |
| 2018-12-17T22:04:14.214878028Z | 66 | PC: 12bc5 | Move file pointer |
| 2018-12-17T22:04:14.216230647Z | 64 | PC: 12bd8 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:04:14.222083509Z | 42 | PC: 12be1 | Get date 0x12be1: cmp cx, dx 0x12be3: jne 0x12bf0 0x12be5: mov ah, 3 0x12be7: int 0x13 0x12be9: mov ah, 9 0x12beb: mov dx, 0x413 0x12bee: int 0x21 0x12bf0: cmp word ptr [0x309], -1 0x12bf5: je 0x12bff 0x12bf7: mov bx, word ptr [0x309] 0x12bfb: mov ah, 0x3e 0x12bfd: int 0x21 0x12bff: cmp word ptr cs:[0x103], -1 0x12c05: je 0x12c22 0x12c07: mov cx, 0x100 0x12c0a: mov bx, 0 0x12c0d: mov al, byte ptr [bx + 0x312] 0x12c11: mov byte ptr cs:[bx], al 0x12c14: inc bx 0x12c15: loop 0x12c0d |
| 2018-12-17T22:04:14.223970395Z | 62 | PC: 12bff | Close file |
| 2018-12-17T22:04:14.231541047Z | 76 | PC: 12c27 | Terminate with return code (Return code = '0') |