.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:07:35.891533333Z | 53 | PC: 15156 | Get interrupt vector (Interrupt = '233' AKA 'UNKNOWN!') |
| 2018-12-17T23:07:35.893797339Z | 81 | PC: 1515b | Get current PSP |
| 2018-12-17T23:07:35.898831251Z | 84 | PC: 15182 | Get verify flag |
| 2018-12-17T23:07:35.900565822Z | 98 | PC: 151b1 | Get current PSP |
| 2018-12-17T23:07:35.902833915Z | 47 | PC: 151be | Get disk transfer address |
| 2018-12-17T23:07:35.904451596Z | 47 | PC: 151ec | Get disk transfer address |
| 2018-12-17T23:07:35.905749936Z | 77 | PC: 15215 | Get program return code |
| 2018-12-17T23:07:35.907836278Z | 44 | PC: 1521d | Get time 0x1521d: lodsw ax, word ptr es:[si] 0x1521f: call 0x1523c 0x15222: cdq 0x15223: call 0x2515f 0x15226: dec dl 0x15228: inc di 0x15229: call 0x251c2 0x1522c: cmp al, 0x72 0x1522e: neg dh 0x15230: sub ax, 0xf7ed 0x15234: call 0x251f1 0x15237: cmp ax, 0x102b 0x1523b: ret 0x1523c: sub sp, -2 0x1523f: call 0x251c2 0x15242: dec dx 0x15243: call 0x1524f 0x15247: lodsw ax, word ptr [si] 0x15248: call 0x2515f 0x1524b: lodsb al, byte ptr [si] |
| 2018-12-17T23:07:35.960341536Z | 47 | PC: 15338 | Get disk transfer address |
| 2018-12-17T23:07:35.961918271Z | 26 | PC: 1534a | Set disk transfer address |
| 2018-12-17T23:07:35.963389446Z | 78 | PC: 15355 | Find first file |
| 2018-12-17T23:07:35.971303262Z | 61 | PC: 15360 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:07:35.97848402Z | 63 | PC: 1536d | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:07:35.985929266Z | 66 | PC: 1537d | Move file pointer |
| 2018-12-17T23:07:35.988877638Z | 62 | PC: 153be | Close file |
| 2018-12-17T23:07:35.991079376Z | 79 | PC: 153c2 | Find next file |
| 2018-12-17T23:07:35.994133427Z | 61 | PC: 15360 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T23:07:36.001889677Z | 63 | PC: 1536d | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:07:36.009341836Z | 66 | PC: 1537d | Move file pointer |
| 2018-12-17T23:07:36.010984353Z | 62 | PC: 153be | Close file |
| 2018-12-17T23:07:36.014153921Z | 79 | PC: 153c2 | Find next file |
| 2018-12-17T23:07:36.017383732Z | 61 | PC: 15360 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T23:07:36.024859415Z | 63 | PC: 1536d | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:07:36.032704201Z | 66 | PC: 1537d | Move file pointer |
| 2018-12-17T23:07:36.034600085Z | 62 | PC: 153be | Close file |
| 2018-12-17T23:07:36.036876985Z | 79 | PC: 153c2 | Find next file |
| 2018-12-17T23:07:36.039175095Z | 61 | PC: 15360 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T23:07:36.044809286Z | 63 | PC: 1536d | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:07:36.050018227Z | 66 | PC: 1537d | Move file pointer |
| 2018-12-17T23:07:36.051396608Z | 62 | PC: 153be | Close file |
| 2018-12-17T23:07:36.053975736Z | 79 | PC: 153c2 | Find next file |
| 2018-12-17T23:07:36.056260742Z | 61 | PC: 15360 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T23:07:36.061348606Z | 63 | PC: 1536d | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:07:36.06716497Z | 66 | PC: 1537d | Move file pointer |
| 2018-12-17T23:07:36.068606589Z | 62 | PC: 153be | Close file |
| 2018-12-17T23:07:36.070243797Z | 79 | PC: 153c2 | Find next file |
| 2018-12-17T23:07:36.073131846Z | 61 | PC: 15360 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T23:07:36.078414886Z | 63 | PC: 1536d | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:07:36.083724537Z | 66 | PC: 1537d | Move file pointer |
| 2018-12-17T23:07:36.086245576Z | 62 | PC: 153be | Close file |
| 2018-12-17T23:07:36.08801365Z | 79 | PC: 153c2 | Find next file |
| 2018-12-17T23:07:36.091431595Z | 61 | PC: 15360 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T23:07:36.097401908Z | 63 | PC: 1536d | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:07:36.102493198Z | 66 | PC: 1537d | Move file pointer |
| 2018-12-17T23:07:36.103925701Z | 62 | PC: 153be | Close file |
| 2018-12-17T23:07:36.105974051Z | 79 | PC: 153c2 | Find next file |
| 2018-12-17T23:07:36.109005028Z | 61 | PC: 15360 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T23:07:36.114902144Z | 63 | PC: 1536d | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:07:36.119302866Z | 62 | PC: 153be | Close file |
| 2018-12-17T23:07:36.121800692Z | 79 | PC: 153c2 | Find next file |
| 2018-12-17T23:07:36.124943209Z | 26 | PC: 153d0 | Set disk transfer address |
| 2018-12-17T23:07:36.127686736Z | 9 | PC: 12e5b | Display string (String= '(VBA32 DUMMY FILE)') |
| 2018-12-17T23:07:36.131665495Z | 76 | PC: 12e60 | Terminate with return code (Return code = '0') |