.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T21:51:43.81127238Z | 82 | PC: 1385e | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T21:51:43.813463173Z | 74 | PC: 138b0 | Reallocate memory |
| 2018-12-17T21:51:43.814757324Z | 72 | PC: 138b9 | Allocate memory |
| 2018-12-17T21:51:43.816301726Z | 42 | PC: 9f8ef | Get date 0x9f8ef: mov al, dh
0x9f8f1: sub cx, 0x76c
0x9f8f5: mov ah, cl
0x9f8f7: ret
0x9f8f8: push ax
0x9f8f9: push bx
0x9f8fa: mov ah, 0x35
0x9f8fc: int 0x21
0x9f8fe: mov ax, es
0x9f900: mov word ptr cs:[bp + 2], ax
0x9f904: mov word ptr cs:[bp], bx
0x9f908: pop bx
0x9f909: pop ax
0x9f90a: mov ah, 0x25
0x9f90c: int 0x21
0x9f90e: ret
0x9f90f: mov ax, 0xffff
0x9f912: mov ds, ax
0x9f914: cmp byte ptr [0xe], 0xfc
0x9f919: push cs
|
| 2018-12-17T21:51:43.819181773Z | 53 | PC: 9f8fe | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T21:51:43.820328932Z | 37 | PC: 9f90e | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T21:51:43.821603839Z | 53 | PC: 9f8fe | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:51:43.827634273Z | 37 | PC: 9f90e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:51:43.829260365Z | 67 | PC: 9fa28 | Get or set file attributes |
| 2018-12-17T21:51:43.838140505Z | 61 | PC: 9fa46 | Open file (Filename = 'C:\DOS\FORMAT.COM') |
| 2018-12-17T21:51:43.845408226Z | 87 | PC: 9fa54 | Get or set file date and time |
| 2018-12-17T21:51:43.847001452Z | 63 | PC: 9fa69 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T21:51:43.852467497Z | 66 | PC: 9fa74 | Move file pointer |
| 2018-12-17T21:51:43.853925566Z | 66 | PC: 9fa95 | Move file pointer |
| 2018-12-17T21:51:43.856975377Z | 63 | PC: 9faa0 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T21:51:43.86362542Z | 42 | PC: 9f8ef | Get date 0x9f8ef: mov al, dh
0x9f8f1: sub cx, 0x76c
0x9f8f5: mov ah, cl
0x9f8f7: ret
0x9f8f8: push ax
0x9f8f9: push bx
0x9f8fa: mov ah, 0x35
0x9f8fc: int 0x21
0x9f8fe: mov ax, es
0x9f900: mov word ptr cs:[bp + 2], ax
0x9f904: mov word ptr cs:[bp], bx
0x9f908: pop bx
0x9f909: pop ax
0x9f90a: mov ah, 0x25
0x9f90c: int 0x21
0x9f90e: ret
0x9f90f: mov ax, 0xffff
0x9f912: mov ds, ax
0x9f914: cmp byte ptr [0xe], 0xfc
0x9f919: push cs
|
| 2018-12-17T21:51:43.865897056Z | 64 | PC: 9fac8 | Write file or device (Write 957 bytes on handle 5) |
| 2018-12-17T21:51:44.228277085Z | 66 | PC: 9fad3 | Move file pointer |
| 2018-12-17T21:51:44.230112761Z | 64 | PC: 9fae6 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T21:51:44.233370309Z | 87 | PC: 9faf3 | Get or set file date and time |
| 2018-12-17T21:51:44.23619641Z | 62 | PC: 9faf7 | Close file |
| 2018-12-17T21:51:44.25082763Z | 37 | PC: 9fb1a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:51:44.252184769Z | 53 | PC: 9f8fe | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:51:44.254261232Z | 37 | PC: 9f90e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:51:44.262749713Z | 67 | PC: 9fa28 | Get or set file attributes |
| 2018-12-17T21:51:44.276703932Z | 37 | PC: 9fb1a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:51:44.279132557Z | 53 | PC: 9f8fe | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:51:44.281790096Z | 37 | PC: 9f90e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:51:44.285092124Z | 67 | PC: 9fa28 | Get or set file attributes |
| 2018-12-17T21:51:44.311362479Z | 61 | PC: 9fa46 | Open file (Filename = 'C:\DOS\KEYB.COM') |
| 2018-12-17T21:51:44.31856601Z | 87 | PC: 9fa54 | Get or set file date and time |
| 2018-12-17T21:51:44.320280353Z | 63 | PC: 9fa69 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T21:51:44.329063153Z | 66 | PC: 9fa74 | Move file pointer |
| 2018-12-17T21:51:44.331587733Z | 66 | PC: 9fa95 | Move file pointer |
| 2018-12-17T21:51:44.333297819Z | 63 | PC: 9faa0 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T21:51:44.347858581Z | 42 | PC: 9f8ef | Get date 0x9f8ef: mov al, dh
0x9f8f1: sub cx, 0x76c
0x9f8f5: mov ah, cl
0x9f8f7: ret
0x9f8f8: push ax
0x9f8f9: push bx
0x9f8fa: mov ah, 0x35
0x9f8fc: int 0x21
0x9f8fe: mov ax, es
0x9f900: mov word ptr cs:[bp + 2], ax
0x9f904: mov word ptr cs:[bp], bx
0x9f908: pop bx
0x9f909: pop ax
0x9f90a: mov ah, 0x25
0x9f90c: int 0x21
0x9f90e: ret
0x9f90f: mov ax, 0xffff
0x9f912: mov ds, ax
0x9f914: cmp byte ptr [0xe], 0xfc
0x9f919: push cs
|
| 2018-12-17T21:51:44.351123982Z | 64 | PC: 9fac8 | Write file or device (Write 957 bytes on handle 5) |
| 2018-12-17T21:51:44.361037939Z | 66 | PC: 9fad3 | Move file pointer |
| 2018-12-17T21:51:44.362661206Z | 64 | PC: 9fae6 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T21:51:44.366632345Z | 87 | PC: 9faf3 | Get or set file date and time |
| 2018-12-17T21:51:44.368427372Z | 62 | PC: 9faf7 | Close file |
| 2018-12-17T21:51:44.375568422Z | 37 | PC: 9fb1a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:51:44.377661631Z | 53 | PC: 9f8fe | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:51:44.379137132Z | 37 | PC: 9f90e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:51:44.380772247Z | 67 | PC: 9fa28 | Get or set file attributes |
| 2018-12-17T21:51:44.38740759Z | 37 | PC: 9fb1a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:51:44.388893118Z | 48 | PC: 1369b | Get DOS version |
| 2018-12-17T21:51:44.390741454Z | 9 | PC: 136a7 | Display string (String= '
Incorrect DOS version
�') |
