.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:16:12.759662358Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:16:12.761502077Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:16:12.763298174Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:16:12.765782212Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:16:12.768144073Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:16:12.769126781Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:16:12.770435617Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:16:12.771643464Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:16:12.773472294Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:16:12.774507475Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:16:12.775826406Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:16:12.779039221Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:16:12.780994121Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:16:12.782627759Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:16:12.79707493Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:16:12.798636305Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:16:12.799965494Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:16:12.813859881Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:16:12.815421836Z | 53 | PC: 132b2 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:16:12.817295143Z | 37 | PC: 132c7 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:16:12.819515776Z | 37 | PC: 132cf | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:16:12.821230245Z | 37 | PC: 132d7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:16:12.822899458Z | 37 | PC: 132df | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:16:12.82612285Z | 68 | PC: 1385f | I/O control for devices (Set for = '') |
| 2018-12-17T23:16:12.828037058Z | 42 | PC: 130d7 | Get date 0x130d7: xor ah, ah 0x130d9: les di, ptr [bp + 6] 0x130dc: stosw word ptr es:[di], ax 0x130dd: mov al, dl 0x130df: les di, ptr [bp + 0xa] 0x130e2: stosw word ptr es:[di], ax 0x130e3: mov al, dh 0x130e5: les di, ptr [bp + 0xe] 0x130e8: stosw word ptr es:[di], ax 0x130e9: xchg ax, cx 0x130ea: les di, ptr [bp + 0x12] 0x130ed: stosw word ptr es:[di], ax 0x130ee: pop bp 0x130ef: retf 0x10 0x130f2: push bp 0x130f3: mov bp, sp 0x130f5: mov cx, word ptr [bp + 0xa] 0x130f8: mov dh, byte ptr [bp + 8] 0x130fb: mov dl, byte ptr [bp + 6] 0x130fe: mov ah, 0x2b |
| 2018-12-17T23:16:12.830732637Z | 26 | PC: 13167 | Set disk transfer address |
| 2018-12-17T23:16:12.83354259Z | 78 | PC: 13173 | Find first file |
| 2018-12-17T23:16:12.839937161Z | 26 | PC: 1318b | Set disk transfer address |
| 2018-12-17T23:16:12.841275265Z | 79 | PC: 13190 | Find next file |
| 2018-12-17T23:16:12.845258686Z | 61 | PC: 13e4a | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T23:16:12.852949655Z | 63 | PC: 13f1d | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:16:12.859682835Z | 66 | PC: 13fe6 | Move file pointer |
| 2018-12-17T23:16:12.861134239Z | 66 | PC: 13ff4 | Move file pointer |
| 2018-12-17T23:16:12.863864735Z | 66 | PC: 14002 | Move file pointer |
| 2018-12-17T23:16:12.865329619Z | 62 | PC: 13e9a | Close file |
| 2018-12-17T23:16:12.867418047Z | 26 | PC: 1318b | Set disk transfer address |
| 2018-12-17T23:16:12.869228102Z | 79 | PC: 13190 | Find next file |
| 2018-12-17T23:16:12.871569446Z | 61 | PC: 13e4a | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T23:16:12.876167364Z | 63 | PC: 13f1d | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:16:12.880996052Z | 66 | PC: 13fe6 | Move file pointer |
| 2018-12-17T23:16:12.882632563Z | 66 | PC: 13ff4 | Move file pointer |
| 2018-12-17T23:16:12.883780133Z | 66 | PC: 14002 | Move file pointer |
| 2018-12-17T23:16:12.885492062Z | 62 | PC: 13e9a | Close file |
| 2018-12-17T23:16:12.886873261Z | 26 | PC: 1318b | Set disk transfer address |
| 2018-12-17T23:16:12.887847083Z | 79 | PC: 13190 | Find next file |
| 2018-12-17T23:16:12.890587055Z | 61 | PC: 13e4a | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T23:16:12.894885636Z | 63 | PC: 13f1d | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:16:12.899087862Z | 66 | PC: 13fe6 | Move file pointer |
| 2018-12-17T23:16:12.900870655Z | 66 | PC: 13ff4 | Move file pointer |
| 2018-12-17T23:16:12.902160844Z | 66 | PC: 14002 | Move file pointer |
| 2018-12-17T23:16:12.903569031Z | 62 | PC: 13e9a | Close file |
| 2018-12-17T23:16:12.90574399Z | 26 | PC: 1318b | Set disk transfer address |
| 2018-12-17T23:16:12.906734142Z | 79 | PC: 13190 | Find next file |
| 2018-12-17T23:16:12.909026371Z | 61 | PC: 13e4a | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T23:16:12.914026683Z | 63 | PC: 13f1d | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:16:12.918648625Z | 66 | PC: 13fe6 | Move file pointer |
| 2018-12-17T23:16:12.920240856Z | 66 | PC: 13ff4 | Move file pointer |
| 2018-12-17T23:16:12.922085625Z | 66 | PC: 14002 | Move file pointer |
| 2018-12-17T23:16:12.923176333Z | 62 | PC: 13e9a | Close file |
| 2018-12-17T23:16:12.924632059Z | 26 | PC: 1318b | Set disk transfer address |
| 2018-12-17T23:16:12.926216074Z | 79 | PC: 13190 | Find next file |
| 2018-12-17T23:16:12.92823728Z | 61 | PC: 13e4a | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T23:16:12.932674143Z | 63 | PC: 13f1d | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:16:12.938072789Z | 66 | PC: 13fe6 | Move file pointer |
| 2018-12-17T23:16:12.939186701Z | 66 | PC: 13ff4 | Move file pointer |
| 2018-12-17T23:16:12.940783135Z | 66 | PC: 14002 | Move file pointer |
| 2018-12-17T23:16:12.942999094Z | 62 | PC: 13e9a | Close file |
| 2018-12-17T23:16:12.944870317Z | 26 | PC: 1318b | Set disk transfer address |
| 2018-12-17T23:16:12.94582292Z | 79 | PC: 13190 | Find next file |
| 2018-12-17T23:16:12.949210605Z | 61 | PC: 13e4a | Open file (Filename = 'PAH.COM') |
| 2018-12-17T23:16:12.95355724Z | 63 | PC: 13f1d | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:16:12.958001978Z | 66 | PC: 13fe6 | Move file pointer |
| 2018-12-17T23:16:12.959929263Z | 66 | PC: 13ff4 | Move file pointer |
| 2018-12-17T23:16:12.961012467Z | 66 | PC: 14002 | Move file pointer |
| 2018-12-17T23:16:12.962157107Z | 62 | PC: 13e9a | Close file |
| 2018-12-17T23:16:12.964008502Z | 26 | PC: 1318b | Set disk transfer address |
| 2018-12-17T23:16:12.965279996Z | 79 | PC: 13190 | Find next file |
| 2018-12-17T23:16:12.96719352Z | 61 | PC: 13e4a | Open file (Filename = 'PAH.COM') |
| 2018-12-17T23:16:12.972016717Z | 63 | PC: 13f1d | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:16:12.973806558Z | 66 | PC: 13fe6 | Move file pointer |
| 2018-12-17T23:16:12.974881395Z | 66 | PC: 13ff4 | Move file pointer |
| 2018-12-17T23:16:12.976691485Z | 66 | PC: 14002 | Move file pointer |
| 2018-12-17T23:16:12.978069118Z | 62 | PC: 13e9a | Close file |
| 2018-12-17T23:16:12.979729042Z | 26 | PC: 13167 | Set disk transfer address |
| 2018-12-17T23:16:12.980933161Z | 78 | PC: 13173 | Find first file |
| 2018-12-17T23:16:12.985170985Z | 26 | PC: 1318b | Set disk transfer address |
| 2018-12-17T23:16:12.986373908Z | 79 | PC: 13190 | Find next file |
| 2018-12-17T23:16:12.989412664Z | 61 | PC: 13e4a | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T23:16:12.99553667Z | 63 | PC: 13f1d | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:16:12.998722791Z | 62 | PC: 13e9a | Close file |
| 2018-12-17T23:16:13.001687257Z | 48 | PC: 1408a | Get DOS version |
| 2018-12-17T23:16:13.003108052Z | 61 | PC: 13e4a | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:16:13.00916241Z | 66 | PC: 13fe6 | Move file pointer |
| 2018-12-17T23:16:13.010878144Z | 66 | PC: 13ff4 | Move file pointer |
| 2018-12-17T23:16:13.012747946Z | 66 | PC: 14002 | Move file pointer |
| 2018-12-17T23:16:13.014052615Z | 63 | PC: 13f1d | Read file or device (Read 4745 bytes on handle 5) |
| 2018-12-17T23:16:13.021399081Z | 62 | PC: 13e9a | Close file |
| 2018-12-17T23:16:13.023205791Z | 60 | PC: 13e4a | Create or truncate file |
| 2018-12-17T23:16:13.037237508Z | 62 | PC: 13e9a | Close file |
| 2018-12-17T23:16:13.039730928Z | 41 | PC: 1321e | Parse filename |
| 2018-12-17T23:16:13.040994914Z | 41 | PC: 1322c | Parse filename |
| 2018-12-17T23:16:13.042098468Z | 75 | PC: 13237 | Execute program |
| 2018-12-17T23:16:13.048143523Z | 65 | PC: 1401f | Delete file (Filename = 'temp.com') |
| 2018-12-17T23:16:13.055806785Z | 64 | PC: 13962 | Write file or device (Write 0 bytes on handle 1) |
| 2018-12-17T23:16:13.057045366Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:16:13.058559468Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:16:13.059630629Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:16:13.060596664Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:16:13.062113707Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:16:13.062980179Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:16:13.064084001Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:16:13.065333675Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:16:13.066414981Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:16:13.068288101Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:16:13.069581264Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:16:13.070994119Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:16:13.071999523Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:16:13.074042626Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:16:13.075282042Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:16:13.076257246Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:16:13.077692536Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:16:13.078803007Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:16:13.079983775Z | 37 | PC: 133c6 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:16:13.082443274Z | 76 | PC: 13405 | Terminate with return code (Return code = '0') |