.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:09:31.67763219Z | 53 | PC: 12a5c | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:09:31.679367995Z | 37 | PC: 12a7d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:09:31.680654135Z | 26 | PC: 12ac1 | Set disk transfer address |
| 2018-12-17T23:09:31.68179254Z | 78 | PC: 12aed | Find first file |
| 2018-12-17T23:09:31.688353262Z | 61 | PC: 12b01 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:09:31.695764526Z | 63 | PC: 12b0e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:09:31.702692385Z | 62 | PC: 12b49 | Close file |
| 2018-12-17T23:09:31.704706822Z | 67 | PC: 12b62 | Get or set file attributes |
| 2018-12-17T23:09:31.72171138Z | 61 | PC: 12b75 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:09:31.727124623Z | 44 | PC: 12cc9 | Get time 0x12cc9: pop cx 0x12cca: push dx 0x12ccb: push cx 0x12ccc: ret 0x12ccd: lea si, word ptr [bp + 0x110] 0x12cd1: push si 0x12cd2: pop di 0x12cd3: mov cx, 0x12e 0x12cd6: lodsw ax, word ptr [si] 0x12cd7: jmp 0x12cdd 0x12cd9: stosw word ptr es:[di], ax 0x12cda: loop 0x12cd6 0x12cdc: ret 0x12cdd: xor ax, word ptr [bp + 0x370] 0x12ce1: xor ax, word ptr [bp + 0x372] 0x12ce5: xor ax, word ptr [bp + 0x374] 0x12ce9: xor ax, word ptr [bp + 0x376] 0x12ced: clc 0x12cee: jae 0x12cd9 0x12cf0: and dl, dh |
| 2018-12-17T23:09:31.728883658Z | 44 | PC: 12cc9 | Get time 0x12cc9: pop cx 0x12cca: push dx 0x12ccb: push cx 0x12ccc: ret 0x12ccd: lea si, word ptr [bp + 0x110] 0x12cd1: push si 0x12cd2: pop di 0x12cd3: mov cx, 0x12e 0x12cd6: lodsw ax, word ptr [si] 0x12cd7: jmp 0x12cdd 0x12cd9: stosw word ptr es:[di], ax 0x12cda: loop 0x12cd6 0x12cdc: ret 0x12cdd: xor ax, word ptr [bp + 0x370] 0x12ce1: xor ax, word ptr [bp + 0x372] 0x12ce5: xor ax, word ptr [bp + 0x374] 0x12ce9: xor ax, word ptr [bp + 0x376] 0x12ced: clc 0x12cee: jae 0x12cd9 0x12cf0: and dl, dh |
| 2018-12-17T23:09:31.732104424Z | 44 | PC: 12cc9 | Get time 0x12cc9: pop cx 0x12cca: push dx 0x12ccb: push cx 0x12ccc: ret 0x12ccd: lea si, word ptr [bp + 0x110] 0x12cd1: push si 0x12cd2: pop di 0x12cd3: mov cx, 0x12e 0x12cd6: lodsw ax, word ptr [si] 0x12cd7: jmp 0x12cdd 0x12cd9: stosw word ptr es:[di], ax 0x12cda: loop 0x12cd6 0x12cdc: ret 0x12cdd: xor ax, word ptr [bp + 0x370] 0x12ce1: xor ax, word ptr [bp + 0x372] 0x12ce5: xor ax, word ptr [bp + 0x374] 0x12ce9: xor ax, word ptr [bp + 0x376] 0x12ced: clc 0x12cee: jae 0x12cd9 0x12cf0: and dl, dh |
| 2018-12-17T23:09:31.734753909Z | 44 | PC: 12cc9 | Get time 0x12cc9: pop cx 0x12cca: push dx 0x12ccb: push cx 0x12ccc: ret 0x12ccd: lea si, word ptr [bp + 0x110] 0x12cd1: push si 0x12cd2: pop di 0x12cd3: mov cx, 0x12e 0x12cd6: lodsw ax, word ptr [si] 0x12cd7: jmp 0x12cdd 0x12cd9: stosw word ptr es:[di], ax 0x12cda: loop 0x12cd6 0x12cdc: ret 0x12cdd: xor ax, word ptr [bp + 0x370] 0x12ce1: xor ax, word ptr [bp + 0x372] 0x12ce5: xor ax, word ptr [bp + 0x374] 0x12ce9: xor ax, word ptr [bp + 0x376] 0x12ced: clc 0x12cee: jae 0x12cd9 0x12cf0: and dl, dh |
| 2018-12-17T23:09:31.738294273Z | 66 | PC: 12d7f | Move file pointer |
| 2018-12-17T23:09:31.740932963Z | 64 | PC: 12d9a | Write file or device (Write 686 bytes on handle 5) |
| 2018-12-17T23:09:31.749881961Z | 66 | PC: 12da8 | Move file pointer |
| 2018-12-17T23:09:31.750920832Z | 64 | PC: 12dc1 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:09:31.756676199Z | 87 | PC: 12bd2 | Get or set file date and time |
| 2018-12-17T23:09:31.757960845Z | 62 | PC: 12bd6 | Close file |
| 2018-12-17T23:09:31.766723202Z | 67 | PC: 12bf5 | Get or set file attributes |
| 2018-12-17T23:09:31.777280649Z | 26 | PC: 12c0b | Set disk transfer address |
| 2018-12-17T23:09:31.778751182Z | 37 | PC: 12c1f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |