.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:08:20.516884617Z | 77 | PC: 14554 | Get program return code |
| 2018-12-17T23:08:20.518600935Z | 98 | PC: 1455d | Get current PSP |
| 2018-12-17T23:08:20.519636947Z | 61 | PC: 14595 | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-17T23:08:20.525949421Z | 62 | PC: 1459e | Close file |
| 2018-12-17T23:08:20.529299897Z | 74 | PC: 13510 | Reallocate memory |
| 2018-12-17T23:08:20.53094901Z | 42 | PC: 132f8 | Get date 0x132f8: mov cx, dx 0x132fa: mov al, dh 0x132fc: dec al 0x132fe: xor ah, ah 0x13300: xor ch, ch 0x13302: xor dx, dx 0x13304: mov bx, 0x1e 0x13307: mul bx 0x13309: add ax, cx 0x1330b: mov dx, ax 0x1330d: mov ax, 0xffff 0x13310: mov ds, ax 0x13312: mov si, 5 0x13315: mov di, 0xeb2 0x13318: mov cx, 0xa 0x1331b: repe cmpsb byte ptr [si], byte ptr es:[di] 0x1331d: je 0x1333f 0x1331f: mov si, 5 0x13322: mov di, 0xeb2 0x13325: mov cx, 0xa |
| 2018-12-17T23:08:20.533115625Z | 82 | PC: 1334d | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T23:08:20.534405721Z | 53 | PC: 12a89 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:08:20.536451033Z | 75 | PC: 12a89 | Execute program |
| 2018-12-17T23:08:20.553651077Z | 9 | PC: 13be2 | Display string (String= 'Goat file (EXE). Size=000011A0h/0000004512d bytes. ') |
| 2018-12-17T23:08:20.55801067Z | 76 | PC: 13be6 | Terminate with return code (Return code = '36') |
| 2018-12-17T23:08:20.562464977Z | 73 | PC: 12a89 | Release memory |
| 2018-12-17T23:08:20.563824136Z | 82 | PC: 13435 | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T23:08:20.564924678Z | 49 | PC: 12a89 | Terminate and stay resident (Return code = '0' | Memory size = '272') |