.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:07:35.396722886Z | 26 | PC: 12afa | Set disk transfer address |
| 2018-12-17T23:07:35.398372378Z | 78 | PC: 12aa6 | Find first file |
| 2018-12-17T23:07:35.404433754Z | 78 | PC: 12b05 | Find first file |
| 2018-12-17T23:07:35.410378681Z | 47 | PC: 12b11 | Get disk transfer address |
| 2018-12-17T23:07:35.412553139Z | 61 | PC: 12b21 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:07:35.419332229Z | 87 | PC: 12b27 | Get or set file date and time |
| 2018-12-17T23:07:35.42058854Z | 63 | PC: 12b47 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:07:35.426904039Z | 66 | PC: 12b59 | Move file pointer |
| 2018-12-17T23:07:35.428650524Z | 64 | PC: 12b64 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:07:35.431610654Z | 66 | PC: 12b6d | Move file pointer |
| 2018-12-17T23:07:35.433300191Z | 44 | PC: 12a75 | Get time 0x12a75: mov byte ptr [bp + 0x12d], cl 0x12a79: mov cx, 0x130 0x12a7c: lea si, word ptr [bp + 0x15e] 0x12a80: lea di, word ptr [bp + 0x276] 0x12a84: movsb byte ptr es:[di], byte ptr [si] 0x12a85: mov al, byte ptr [bp + 0x276] 0x12a89: xor al, byte ptr [bp + 0x12d] 0x12a8d: mov byte ptr [bp + 0x276], al 0x12a91: lea di, word ptr [si - 1] 0x12a94: lea si, word ptr [bp + 0x276] 0x12a98: movsb byte ptr es:[di], byte ptr [si] 0x12a99: mov si, di 0x12a9b: loop 0x12a80 0x12a9d: ret 0x12a9e: mov ah, 0x4e 0x12aa0: lea dx, word ptr [bp + 0x270] 0x12aa4: int 0x21 0x12aa6: jb 0x12ae6 0x12aa8: lea dx, word ptr [bp + 0x2ac] 0x12aac: mov cl, 0x7a |
| 2018-12-17T23:07:35.436681239Z | 64 | PC: 12a60 | Write file or device (Write 398 bytes on handle 5) |
| 2018-12-17T23:07:35.706861543Z | 87 | PC: 12b7f | Get or set file date and time |
| 2018-12-17T23:07:35.708688958Z | 62 | PC: 12b83 | Close file |
| 2018-12-17T23:07:35.716855035Z | 79 | PC: 12b05 | Find next file |
| 2018-12-17T23:07:35.719689959Z | 47 | PC: 12b11 | Get disk transfer address |
| 2018-12-17T23:07:35.7210782Z | 61 | PC: 12b21 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T23:07:35.729055502Z | 87 | PC: 12b27 | Get or set file date and time |
| 2018-12-17T23:07:35.730930216Z | 63 | PC: 12b47 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:07:35.737394935Z | 66 | PC: 12b59 | Move file pointer |
| 2018-12-17T23:07:35.739988618Z | 64 | PC: 12b64 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:07:35.742885202Z | 66 | PC: 12b6d | Move file pointer |
| 2018-12-17T23:07:35.744504274Z | 44 | PC: 12a75 | Get time 0x12a75: mov byte ptr [bp + 0x12d], cl 0x12a79: mov cx, 0x130 0x12a7c: lea si, word ptr [bp + 0x15e] 0x12a80: lea di, word ptr [bp + 0x276] 0x12a84: movsb byte ptr es:[di], byte ptr [si] 0x12a85: mov al, byte ptr [bp + 0x276] 0x12a89: xor al, byte ptr [bp + 0x12d] 0x12a8d: mov byte ptr [bp + 0x276], al 0x12a91: lea di, word ptr [si - 1] 0x12a94: lea si, word ptr [bp + 0x276] 0x12a98: movsb byte ptr es:[di], byte ptr [si] 0x12a99: mov si, di 0x12a9b: loop 0x12a80 0x12a9d: ret 0x12a9e: mov ah, 0x4e 0x12aa0: lea dx, word ptr [bp + 0x270] 0x12aa4: int 0x21 0x12aa6: jb 0x12ae6 0x12aa8: lea dx, word ptr [bp + 0x2ac] 0x12aac: mov cl, 0x7a |
| 2018-12-17T23:07:35.747985113Z | 64 | PC: 12a60 | Write file or device (Write 398 bytes on handle 5) |
| 2018-12-17T23:07:35.751097998Z | 87 | PC: 12b7f | Get or set file date and time |
| 2018-12-17T23:07:35.752838121Z | 62 | PC: 12b83 | Close file |
| 2018-12-17T23:07:35.760633649Z | 79 | PC: 12b05 | Find next file |
| 2018-12-17T23:07:35.763917103Z | 47 | PC: 12b11 | Get disk transfer address |
| 2018-12-17T23:07:35.76528398Z | 61 | PC: 12b21 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T23:07:35.771898007Z | 87 | PC: 12b27 | Get or set file date and time |
| 2018-12-17T23:07:35.77443255Z | 63 | PC: 12b47 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:07:35.782160447Z | 66 | PC: 12b59 | Move file pointer |
| 2018-12-17T23:07:35.783697745Z | 64 | PC: 12b64 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:07:35.788029737Z | 66 | PC: 12b6d | Move file pointer |
| 2018-12-17T23:07:35.789701783Z | 44 | PC: 12a75 | Get time 0x12a75: mov byte ptr [bp + 0x12d], cl 0x12a79: mov cx, 0x130 0x12a7c: lea si, word ptr [bp + 0x15e] 0x12a80: lea di, word ptr [bp + 0x276] 0x12a84: movsb byte ptr es:[di], byte ptr [si] 0x12a85: mov al, byte ptr [bp + 0x276] 0x12a89: xor al, byte ptr [bp + 0x12d] 0x12a8d: mov byte ptr [bp + 0x276], al 0x12a91: lea di, word ptr [si - 1] 0x12a94: lea si, word ptr [bp + 0x276] 0x12a98: movsb byte ptr es:[di], byte ptr [si] 0x12a99: mov si, di 0x12a9b: loop 0x12a80 0x12a9d: ret 0x12a9e: mov ah, 0x4e 0x12aa0: lea dx, word ptr [bp + 0x270] 0x12aa4: int 0x21 0x12aa6: jb 0x12ae6 0x12aa8: lea dx, word ptr [bp + 0x2ac] 0x12aac: mov cl, 0x7a |
| 2018-12-17T23:07:35.792407598Z | 64 | PC: 12a60 | Write file or device (Write 398 bytes on handle 5) |
| 2018-12-17T23:07:35.796471804Z | 87 | PC: 12b7f | Get or set file date and time |
| 2018-12-17T23:07:35.798570486Z | 62 | PC: 12b83 | Close file |
| 2018-12-17T23:07:35.806177005Z | 26 | PC: 12b97 | Set disk transfer address |