.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:09:16.138722812Z | 44 | PC: 12a48 | Get time 0x12a48: cmp dl, 9 0x12a4b: jbe 0x12a50 0x12a4d: jmp 0x12ae9 0x12a50: mov ah, 0xf 0x12a52: int 0x10 0x12a54: xor ah, ah 0x12a56: int 0x10 0x12a58: mov ah, 1 0x12a5a: mov cx, 0x2607 0x12a5d: int 0x10 0x12a5f: mov ax, 0xb800 0x12a62: mov es, ax 0x12a64: mov cx, 0x2f7 0x12a67: mov si, 0x2e1 0x12a6a: xor di, di 0x12a6c: xor dx, dx 0x12a6e: xor ax, ax 0x12a70: cld 0x12a71: lodsb al, byte ptr [si] 0x12a72: cmp al, 0x20 |
| 2018-12-17T23:09:16.142394214Z | 74 | PC: 12af7 | Reallocate memory |
| 2018-12-17T23:09:16.143985357Z | 75 | PC: 12b15 | Execute program |
| 2018-12-17T23:09:16.150994681Z | 26 | PC: 12b2c | Set disk transfer address |
| 2018-12-17T23:09:16.152145823Z | 53 | PC: 12b31 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:09:16.153682993Z | 37 | PC: 12b41 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:09:16.155001246Z | 78 | PC: 12b66 | Find first file |
| 2018-12-17T23:09:16.161409549Z | 61 | PC: 12b70 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:09:16.175279688Z | 63 | PC: 12b7b | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T23:09:16.183248836Z | 62 | PC: 12b7f | Close file |
| 2018-12-17T23:09:16.18599325Z | 90 | PC: 12bc9 | Create unique file |
| 2018-12-17T23:09:16.358470382Z | 65 | PC: 12bcd | Delete file (Filename = '\ABBCCIDO') |
| 2018-12-17T23:09:16.371107007Z | 67 | PC: 12bda | Get or set file attributes |
| 2018-12-17T23:09:16.382555936Z | 86 | PC: 12be1 | Rename file |
| 2018-12-17T23:09:16.397020666Z | 60 | PC: 12bec | Create or truncate file |
| 2018-12-17T23:09:16.411389479Z | 44 | PC: 12bf1 | Get time 0x12bf1: mov ax, 0x514 0x12bf4: add ax, dx 0x12bf6: push ax 0x12bf7: mov ax, 0x100 0x12bfa: push ax 0x12bfb: mov ah, 0x40 0x12bfd: push ax 0x12bfe: mov ah, 0x2c 0x12c00: int 0x21 0x12c02: mov word ptr [0x5ff], dx 0x12c06: jmp 0x12f45 0x12c09: mov ax, 0x5701 0x12c0c: mov di, 0x96 0x12c0f: mov cx, word ptr [di] 0x12c11: mov dx, word ptr [di + 2] 0x12c14: int 0x21 0x12c16: mov ah, 0x3e 0x12c18: int 0x21 0x12c1a: jmp 0x12b4f 0x12c1d: ret |
| 2018-12-17T23:09:16.414020363Z | 44 | PC: 12c02 | Get time 0x12c02: mov word ptr [0x5ff], dx 0x12c06: jmp 0x12f45 0x12c09: mov ax, 0x5701 0x12c0c: mov di, 0x96 0x12c0f: mov cx, word ptr [di] 0x12c11: mov dx, word ptr [di + 2] 0x12c14: int 0x21 0x12c16: mov ah, 0x3e 0x12c18: int 0x21 0x12c1a: jmp 0x12b4f 0x12c1d: ret 0x12c1e: mov al, 3 0x12c20: iret 0x12c21: pop es 0x12c22: adc byte ptr [bx + si], bl 0x12c24: sbb byte ptr [bx + si], bl 0x12c26: sbb word ptr [bp + si], cx 0x12c28: sbb cl, byte ptr [bx + di] 0x12c2a: sbb byte ptr cs:[bx + di], bl 0x12c2d: push es |
| 2018-12-17T23:09:16.416894733Z | 64 | PC: 12f4e | Write file or device (Write 11613 bytes on handle 6) |
| 2018-12-17T23:09:16.430057424Z | 87 | PC: 12c16 | Get or set file date and time |
| 2018-12-17T23:09:16.432244521Z | 62 | PC: 12c1a | Close file |
| 2018-12-17T23:09:16.44215162Z | 37 | PC: 12b5e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |