.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:09:24.203349184Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:09:24.204716982Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:09:24.206182708Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:09:24.207060575Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:09:24.208980983Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:09:24.209973378Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:09:24.21088989Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:09:24.212362453Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:09:24.213860088Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:09:24.215337543Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:09:24.216985863Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:09:24.218499181Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:09:24.224428526Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:09:24.225642573Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:09:24.226640138Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:09:24.227648012Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:09:24.228814481Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:09:24.229846668Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:09:24.230837918Z | 53 | PC: 13282 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:09:24.232259365Z | 37 | PC: 13297 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:09:24.233254325Z | 37 | PC: 1329f | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:09:24.234245037Z | 37 | PC: 132a7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:09:24.235777433Z | 37 | PC: 132af | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:09:24.23706026Z | 68 | PC: 1361f | I/O control for devices (Set for = '') |
| 2018-12-17T23:09:24.238636059Z | 48 | PC: 13eb1 | Get DOS version |
| 2018-12-17T23:09:24.240544959Z | 61 | PC: 13c71 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:09:24.247190639Z | 60 | PC: 13c71 | Create or truncate file |
| 2018-12-17T23:09:24.263643369Z | 63 | PC: 13d44 | Read file or device (Read 5904 bytes on handle 5) |
| 2018-12-17T23:09:24.268497908Z | 63 | PC: 13d44 | Read file or device (Read 55000 bytes on handle 5) |
| 2018-12-17T23:09:24.26994551Z | 62 | PC: 13cc1 | Close file |
| 2018-12-17T23:09:24.271225106Z | 62 | PC: 13cc1 | Close file |
| 2018-12-17T23:09:24.273021718Z | 65 | PC: 13e46 | Delete file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:09:24.280918428Z | 48 | PC: 13eb1 | Get DOS version |
| 2018-12-17T23:09:24.282208558Z | 86 | PC: 13e7c | Rename file |
| 2018-12-17T23:09:24.295062702Z | 44 | PC: 13bf2 | Get time 0x13bf2: mov word ptr [0x3e], cx 0x13bf6: mov word ptr [0x40], dx 0x13bfa: retf 0x13bfb: mov bx, sp 0x13bfd: push ds 0x13bfe: les di, ptr ss:[bx + 8] 0x13c02: lds si, ptr ss:[bx + 4] 0x13c06: cld 0x13c07: xor ax, ax 0x13c09: stosw word ptr es:[di], ax 0x13c0a: mov ax, 0xd7b0 0x13c0d: stosw word ptr es:[di], ax 0x13c0e: xor ax, ax 0x13c10: mov cx, 0x16 0x13c13: rep stosd dword ptr es:[di], eax 0x13c15: lodsb al, byte ptr [si] 0x13c16: cmp al, 0x4f 0x13c18: jbe 0x13c1c 0x13c1a: mov al, 0x4f 0x13c1c: mov cl, al |
| 2018-12-17T23:09:24.297363614Z | 26 | PC: 13105 | Set disk transfer address |
| 2018-12-17T23:09:24.298303774Z | 78 | PC: 13111 | Find first file |
| 2018-12-17T23:09:24.304682313Z | 26 | PC: 13129 | Set disk transfer address |
| 2018-12-17T23:09:24.305972842Z | 79 | PC: 1312e | Find next file |
| 2018-12-17T23:09:24.308802111Z | 26 | PC: 13129 | Set disk transfer address |
| 2018-12-17T23:09:24.310288607Z | 79 | PC: 1312e | Find next file |
| 2018-12-17T23:09:24.312615635Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:09:24.31386892Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:09:24.31522884Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:09:24.316425312Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:09:24.317439585Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:09:24.318899872Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:09:24.319858258Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:09:24.320837949Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:09:24.322298217Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:09:24.323280813Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:09:24.324193071Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:09:24.326116784Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:09:24.327903389Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:09:24.331670698Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:09:24.334761835Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:09:24.336351005Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:09:24.337915253Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:09:24.340108658Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:09:24.341450948Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:09:24.342857744Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:09:24.344059214Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:09:24.345521382Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:09:24.346481535Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:09:24.347502635Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:09:24.348640555Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:09:24.349627557Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:09:24.350582597Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:09:24.352370572Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:09:24.353328704Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:09:24.354269397Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:09:24.35751907Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:09:24.358584953Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:09:24.359506013Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:09:24.360994434Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:09:24.361916192Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:09:24.363054797Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:09:24.364477856Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:09:24.365727731Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:09:24.366956939Z | 48 | PC: 13eb1 | Get DOS version |
| 2018-12-17T23:09:24.368804204Z | 41 | PC: 131f5 | Parse filename |
| 2018-12-17T23:09:24.370086945Z | 41 | PC: 13203 | Parse filename |
| 2018-12-17T23:09:24.371361824Z | 75 | PC: 1320e | Execute program |
| 2018-12-17T23:09:24.383358964Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:09:24.384705906Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:09:24.386005942Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:09:24.388620043Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:09:24.389967542Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:09:24.391278804Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:09:24.393292003Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:09:24.394716151Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:09:24.396067476Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:09:24.39871981Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:09:24.400456783Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:09:24.401800575Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:09:24.403764484Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:09:24.404908919Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:09:24.406088747Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:09:24.408115416Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:09:24.409318897Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:09:24.410480678Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:09:24.412378216Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:09:24.413818467Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:09:24.415149123Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:09:24.417245272Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:09:24.418559792Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:09:24.419887281Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:09:24.421888564Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:09:24.423692581Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:09:24.424959463Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:09:24.427214134Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:09:24.428497128Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:09:24.429810158Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:09:24.432220274Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:09:24.433260337Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:09:24.434301852Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:09:24.436183415Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:09:24.437388212Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:09:24.438702325Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:09:24.441295255Z | 53 | PC: 1316c | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:09:24.442366698Z | 37 | PC: 13175 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:09:24.443632011Z | 60 | PC: 13c71 | Create or truncate file |
| 2018-12-17T23:09:24.710877182Z | 48 | PC: 13eb1 | Get DOS version |
| 2018-12-17T23:09:24.712741536Z | 61 | PC: 13c71 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:09:24.719701902Z | 64 | PC: 13d44 | Write file or device (Write 5904 bytes on handle 5) |
| 2018-12-17T23:09:24.729628778Z | 63 | PC: 13d44 | Read file or device (Read 55000 bytes on handle 6) |
| 2018-12-17T23:09:24.732474312Z | 62 | PC: 13cc1 | Close file |
| 2018-12-17T23:09:24.740738105Z | 62 | PC: 13cc1 | Close file |
| 2018-12-17T23:09:24.744030627Z | 65 | PC: 13e46 | Delete file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:09:24.755191125Z | 48 | PC: 13eb1 | Get DOS version |
| 2018-12-17T23:09:24.757022994Z | 86 | PC: 13e7c | Rename file |
| 2018-12-17T23:09:24.768583602Z | 64 | PC: 13722 | Write file or device (Write 0 bytes on handle 1) |
| 2018-12-17T23:09:24.772318835Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:09:24.777665561Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:09:24.779289703Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:09:24.78117539Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:09:24.782580311Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:09:24.784022093Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:09:24.786192082Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:09:24.787696406Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:09:24.789190483Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:09:24.791290398Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:09:24.792620827Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:09:24.794113336Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:09:24.796654795Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:09:24.797960319Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:09:24.799378922Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:09:24.801661188Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:09:24.802753825Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:09:24.803801304Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:09:24.805812781Z | 37 | PC: 13396 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:09:24.806860206Z | 76 | PC: 133d5 | Terminate with return code (Return code = '0') |