.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T23:09:18.240025027Z | 44 | PC: 12a56 | Get time 0x12a56: or dl, dl
0x12a58: jne 0x12a5d
0x12a5a: call 0x12db3
0x12a5d: cmp dl, 0x20
0x12a60: jne 0x12a65
0x12a62: call 0x12e0b
0x12a65: mov ds, word ptr [0x2c]
0x12a69: xor di, di
0x12a6b: inc di
0x12a6c: cmp word ptr [di], 0
0x12a6f: jne 0x12a6b
0x12a71: scasw ax, word ptr es:[di]
0x12a72: scasw ax, word ptr es:[di]
0x12a73: mov dx, di
0x12a75: mov word ptr cs:[0x175], di
0x12a7a: mov ax, 0x3d00
0x12a7d: int 0x21
0x12a7f: push cs
0x12a80: pop ds
0x12a81: xchg ax, bx
|
| 2018-12-17T23:09:18.242093869Z | 61 | PC: 12a7f | Open file (Filename = '�') |
| 2018-12-17T23:09:18.246175118Z | 63 | PC: 12a8c | Read file or device (Read 32768 bytes on handle 5) |
| 2018-12-17T23:09:18.251523233Z | 62 | PC: 12a9b | Close file |
| 2018-12-17T23:09:18.25356215Z | 74 | PC: 12aa5 | Reallocate memory |
| 2018-12-17T23:09:18.254850715Z | 53 | PC: 12ad7 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:09:18.255931005Z | 53 | PC: 12ae3 | Get interrupt vector (Interrupt = '19' AKA 'Delete file') |
| 2018-12-17T23:09:18.257282488Z | 37 | PC: 12af5 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:09:18.258646608Z | 37 | PC: 12afc | Set interrupt vector (Interrupt = '19' AKA 'Delete file') |
| 2018-12-17T23:09:18.25978833Z | 75 | PC: 12b0b | Execute program |
| 2018-12-17T23:09:18.265976107Z | 73 | PC: 12b14 | Release memory |
| 2018-12-17T23:09:18.267220401Z | 77 | PC: 12b18 | Get program return code |
| 2018-12-17T23:09:18.268104409Z | 49 | PC: 12b23 | Terminate and stay resident (Return code = '0' | Memory size = '684') |
