.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:04:44.912712838Z | 26 | PC: 12a64 | Set disk transfer address |
| 2018-12-17T22:04:44.914167332Z | 78 | PC: 12a78 | Find first file |
| 2018-12-17T22:04:44.920406335Z | 61 | PC: 12bed | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:04:44.927357203Z | 63 | PC: 12bfc | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:04:44.933693693Z | 66 | PC: 12c0b | Move file pointer |
| 2018-12-17T22:04:44.935401342Z | 66 | PC: 12c1a | Move file pointer |
| 2018-12-17T22:04:44.936731015Z | 64 | PC: 12c26 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:04:44.939877903Z | 66 | PC: 12c32 | Move file pointer |
| 2018-12-17T22:04:44.941936915Z | 44 | PC: 12c36 | Get time 0x12c36: mov byte ptr [bp + 0x219], dl 0x12c3a: call 0x12c50 0x12c3d: mov ah, 0x40 0x12c3f: mov cx, 0x219 0x12c42: lea dx, word ptr [bp + 6] 0x12c46: int 0x21 0x12c48: call 0x12c50 0x12c4b: mov ah, 0x3e 0x12c4d: int 0x21 0x12c4f: ret 0x12c50: lea si, word ptr [bp + 0x11] 0x12c54: mov cx, 0x1e9 0x12c57: xor byte ptr [si], 0 0x12c5a: inc si 0x12c5b: dec cx 0x12c5c: jne 0x12c57 0x12c5e: ret 0x12c5f: add word ptr [bx], di 0x12c61: aas 0x12c62: aas |
| 2018-12-17T22:04:44.944191389Z | 64 | PC: 12c48 | Write file or device (Write 537 bytes on handle 5) |
| 2018-12-17T22:04:44.95893551Z | 62 | PC: 12c4f | Close file |
| 2018-12-17T22:04:44.967192386Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T22:04:44.969736623Z | 61 | PC: 12bed | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:04:44.976022851Z | 63 | PC: 12bfc | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:04:44.983756887Z | 66 | PC: 12c0b | Move file pointer |
| 2018-12-17T22:04:44.985134989Z | 66 | PC: 12c1a | Move file pointer |
| 2018-12-17T22:04:44.986472139Z | 64 | PC: 12c26 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:04:44.989482801Z | 66 | PC: 12c32 | Move file pointer |
| 2018-12-17T22:04:44.990809186Z | 44 | PC: 12c36 | Get time 0x12c36: mov byte ptr [bp + 0x219], dl 0x12c3a: call 0x12c50 0x12c3d: mov ah, 0x40 0x12c3f: mov cx, 0x219 0x12c42: lea dx, word ptr [bp + 6] 0x12c46: int 0x21 0x12c48: call 0x12c50 0x12c4b: mov ah, 0x3e 0x12c4d: int 0x21 0x12c4f: ret 0x12c50: lea si, word ptr [bp + 0x11] 0x12c54: mov cx, 0x1e9 0x12c57: xor byte ptr [si], 0x3b 0x12c5a: inc si 0x12c5b: dec cx 0x12c5c: jne 0x12c57 0x12c5e: ret 0x12c5f: add word ptr [bx], di 0x12c61: aas 0x12c62: aas |
| 2018-12-17T22:04:44.99296666Z | 64 | PC: 12c48 | Write file or device (Write 537 bytes on handle 5) |
| 2018-12-17T22:04:45.001855095Z | 62 | PC: 12c4f | Close file |
| 2018-12-17T22:04:45.010277908Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T22:04:45.012877734Z | 61 | PC: 12bed | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:04:45.020140893Z | 63 | PC: 12bfc | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:04:45.026243282Z | 66 | PC: 12c0b | Move file pointer |
| 2018-12-17T22:04:45.027471769Z | 66 | PC: 12c1a | Move file pointer |
| 2018-12-17T22:04:45.029263626Z | 64 | PC: 12c26 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:04:45.031503738Z | 66 | PC: 12c32 | Move file pointer |
| 2018-12-17T22:04:45.032899664Z | 44 | PC: 12c36 | Get time 0x12c36: mov byte ptr [bp + 0x219], dl 0x12c3a: call 0x12c50 0x12c3d: mov ah, 0x40 0x12c3f: mov cx, 0x219 0x12c42: lea dx, word ptr [bp + 6] 0x12c46: int 0x21 0x12c48: call 0x12c50 0x12c4b: mov ah, 0x3e 0x12c4d: int 0x21 0x12c4f: ret 0x12c50: lea si, word ptr [bp + 0x11] 0x12c54: mov cx, 0x1e9 0x12c57: xor byte ptr [si], 0x41 0x12c5a: inc si 0x12c5b: dec cx 0x12c5c: jne 0x12c57 0x12c5e: ret 0x12c5f: add word ptr [bx], di 0x12c61: aas 0x12c62: aas |
| 2018-12-17T22:04:45.035453315Z | 64 | PC: 12c48 | Write file or device (Write 537 bytes on handle 5) |
| 2018-12-17T22:04:45.043848409Z | 62 | PC: 12c4f | Close file |
| 2018-12-17T22:04:45.051722785Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T22:04:45.054475444Z | 61 | PC: 12bed | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:04:45.061346151Z | 63 | PC: 12bfc | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:04:45.067864056Z | 66 | PC: 12c0b | Move file pointer |
| 2018-12-17T22:04:45.069597178Z | 66 | PC: 12c1a | Move file pointer |
| 2018-12-17T22:04:45.07189797Z | 64 | PC: 12c26 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:04:45.074439471Z | 66 | PC: 12c32 | Move file pointer |
| 2018-12-17T22:04:45.075782259Z | 44 | PC: 12c36 | Get time 0x12c36: mov byte ptr [bp + 0x219], dl 0x12c3a: call 0x12c50 0x12c3d: mov ah, 0x40 0x12c3f: mov cx, 0x219 0x12c42: lea dx, word ptr [bp + 6] 0x12c46: int 0x21 0x12c48: call 0x12c50 0x12c4b: mov ah, 0x3e 0x12c4d: int 0x21 0x12c4f: ret 0x12c50: lea si, word ptr [bp + 0x11] 0x12c54: mov cx, 0x1e9 0x12c57: xor byte ptr [si], 0x46 0x12c5a: inc si 0x12c5b: dec cx 0x12c5c: jne 0x12c57 0x12c5e: ret 0x12c5f: add word ptr [bx], di 0x12c61: aas 0x12c62: aas |
| 2018-12-17T22:04:45.090069483Z | 64 | PC: 12c48 | Write file or device (Write 537 bytes on handle 5) |
| 2018-12-17T22:04:45.095507094Z | 62 | PC: 12c4f | Close file |
| 2018-12-17T22:04:45.100541274Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T22:04:45.103723277Z | 61 | PC: 12bed | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:04:45.10811203Z | 63 | PC: 12bfc | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:04:45.113167115Z | 66 | PC: 12c0b | Move file pointer |
| 2018-12-17T22:04:45.114885445Z | 66 | PC: 12c1a | Move file pointer |
| 2018-12-17T22:04:45.115936683Z | 64 | PC: 12c26 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:04:45.117787843Z | 66 | PC: 12c32 | Move file pointer |
| 2018-12-17T22:04:45.119657546Z | 44 | PC: 12c36 | Get time 0x12c36: mov byte ptr [bp + 0x219], dl 0x12c3a: call 0x12c50 0x12c3d: mov ah, 0x40 0x12c3f: mov cx, 0x219 0x12c42: lea dx, word ptr [bp + 6] 0x12c46: int 0x21 0x12c48: call 0x12c50 0x12c4b: mov ah, 0x3e 0x12c4d: int 0x21 0x12c4f: ret 0x12c50: lea si, word ptr [bp + 0x11] 0x12c54: mov cx, 0x1e9 0x12c57: xor byte ptr [si], 0x46 0x12c5a: inc si 0x12c5b: dec cx 0x12c5c: jne 0x12c57 0x12c5e: ret 0x12c5f: add word ptr [bx], di 0x12c61: aas 0x12c62: aas |
| 2018-12-17T22:04:45.121908567Z | 64 | PC: 12c48 | Write file or device (Write 537 bytes on handle 5) |
| 2018-12-17T22:04:45.129785423Z | 62 | PC: 12c4f | Close file |
| 2018-12-17T22:04:45.138207757Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T22:04:45.141291317Z | 61 | PC: 12bed | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:04:45.147663068Z | 63 | PC: 12bfc | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:04:45.154600139Z | 66 | PC: 12c0b | Move file pointer |
| 2018-12-17T22:04:45.156057288Z | 66 | PC: 12c1a | Move file pointer |
| 2018-12-17T22:04:45.157460258Z | 64 | PC: 12c26 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:04:45.16120189Z | 66 | PC: 12c32 | Move file pointer |
| 2018-12-17T22:04:45.162733702Z | 44 | PC: 12c36 | Get time 0x12c36: mov byte ptr [bp + 0x219], dl 0x12c3a: call 0x12c50 0x12c3d: mov ah, 0x40 0x12c3f: mov cx, 0x219 0x12c42: lea dx, word ptr [bp + 6] 0x12c46: int 0x21 0x12c48: call 0x12c50 0x12c4b: mov ah, 0x3e 0x12c4d: int 0x21 0x12c4f: ret 0x12c50: lea si, word ptr [bp + 0x11] 0x12c54: mov cx, 0x1e9 0x12c57: xor byte ptr [si], 0x4c 0x12c5a: inc si 0x12c5b: dec cx 0x12c5c: jne 0x12c57 0x12c5e: ret 0x12c5f: add word ptr [bx], di 0x12c61: aas 0x12c62: aas |
| 2018-12-17T22:04:45.164994429Z | 64 | PC: 12c48 | Write file or device (Write 537 bytes on handle 5) |
| 2018-12-17T22:04:45.176590805Z | 62 | PC: 12c4f | Close file |
| 2018-12-17T22:04:45.184878421Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T22:04:45.187415965Z | 61 | PC: 12bed | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:04:45.194251287Z | 63 | PC: 12bfc | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:04:45.20030393Z | 66 | PC: 12c0b | Move file pointer |
| 2018-12-17T22:04:45.201722813Z | 66 | PC: 12c1a | Move file pointer |
| 2018-12-17T22:04:45.203657435Z | 64 | PC: 12c26 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:04:45.206248802Z | 66 | PC: 12c32 | Move file pointer |
| 2018-12-17T22:04:45.207481182Z | 44 | PC: 12c36 | Get time 0x12c36: mov byte ptr [bp + 0x219], dl 0x12c3a: call 0x12c50 0x12c3d: mov ah, 0x40 0x12c3f: mov cx, 0x219 0x12c42: lea dx, word ptr [bp + 6] 0x12c46: int 0x21 0x12c48: call 0x12c50 0x12c4b: mov ah, 0x3e 0x12c4d: int 0x21 0x12c4f: ret 0x12c50: lea si, word ptr [bp + 0x11] 0x12c54: mov cx, 0x1e9 0x12c57: xor byte ptr [si], 0x4c 0x12c5a: inc si 0x12c5b: dec cx 0x12c5c: jne 0x12c57 0x12c5e: ret 0x12c5f: add word ptr [bx], di 0x12c61: aas 0x12c62: aas |
| 2018-12-17T22:04:45.210216297Z | 64 | PC: 12c48 | Write file or device (Write 537 bytes on handle 5) |
| 2018-12-17T22:04:45.508641548Z | 62 | PC: 12c4f | Close file |
| 2018-12-17T22:04:45.744724037Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T22:04:45.747840082Z | 61 | PC: 12bed | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:04:45.754221357Z | 63 | PC: 12bfc | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:04:45.756598511Z | 62 | PC: 12c4f | Close file |
| 2018-12-17T22:04:45.759596498Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T22:04:45.761935264Z | 26 | PC: 12a88 | Set disk transfer address |
| 2018-12-17T22:04:45.763260429Z | 9 | PC: 12aa6 | Display string (String= ' When I was young I had not given a penny for song Did not the poet sing it with such airs That one believed he had a sword upstairs All Things can Tempt me, by W.B. Yeats ') |