.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:10:08.682550433Z | 26 | PC: 12a64 | Set disk transfer address |
| 2018-12-17T23:10:08.68486999Z | 78 | PC: 12a78 | Find first file |
| 2018-12-17T23:10:08.692823154Z | 61 | PC: 12bc1 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:10:08.701414505Z | 63 | PC: 12bd0 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:10:08.708677811Z | 66 | PC: 12bdf | Move file pointer |
| 2018-12-17T23:10:08.711609641Z | 66 | PC: 12bee | Move file pointer |
| 2018-12-17T23:10:08.713394253Z | 64 | PC: 12bfa | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:10:08.716630657Z | 66 | PC: 12c06 | Move file pointer |
| 2018-12-17T23:10:08.719349109Z | 44 | PC: 12c0a | Get time 0x12c0a: mov byte ptr [bp + 0x1ed], dl 0x12c0e: call 0x12c24 0x12c11: mov ah, 0x40 0x12c13: mov cx, 0x1ed 0x12c16: lea dx, word ptr [bp + 6] 0x12c1a: int 0x21 0x12c1c: call 0x12c24 0x12c1f: mov ah, 0x3e 0x12c21: int 0x21 0x12c23: ret 0x12c24: lea si, word ptr [bp + 0x11] 0x12c28: mov cx, 0x1bd 0x12c2b: xor byte ptr [si], 0 0x12c2e: inc si 0x12c2f: dec cx 0x12c30: jne 0x12c2b 0x12c32: ret 0x12c33: add word ptr [bx], di 0x12c35: aas 0x12c36: aas |
| 2018-12-17T23:10:08.721167394Z | 64 | PC: 12c1c | Write file or device (Write 493 bytes on handle 5) |
| 2018-12-17T23:10:08.73805414Z | 62 | PC: 12c23 | Close file |
| 2018-12-17T23:10:08.750665952Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:10:08.754175519Z | 61 | PC: 12bc1 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T23:10:08.76276964Z | 63 | PC: 12bd0 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:10:08.770448507Z | 66 | PC: 12bdf | Move file pointer |
| 2018-12-17T23:10:08.773106471Z | 66 | PC: 12bee | Move file pointer |
| 2018-12-17T23:10:08.77524156Z | 64 | PC: 12bfa | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:10:08.778813251Z | 66 | PC: 12c06 | Move file pointer |
| 2018-12-17T23:10:08.781935028Z | 44 | PC: 12c0a | Get time 0x12c0a: mov byte ptr [bp + 0x1ed], dl 0x12c0e: call 0x12c24 0x12c11: mov ah, 0x40 0x12c13: mov cx, 0x1ed 0x12c16: lea dx, word ptr [bp + 6] 0x12c1a: int 0x21 0x12c1c: call 0x12c24 0x12c1f: mov ah, 0x3e 0x12c21: int 0x21 0x12c23: ret 0x12c24: lea si, word ptr [bp + 0x11] 0x12c28: mov cx, 0x1bd 0x12c2b: xor byte ptr [si], 0x45 0x12c2e: inc si 0x12c2f: dec cx 0x12c30: jne 0x12c2b 0x12c32: ret 0x12c33: add word ptr [bx], di 0x12c35: aas 0x12c36: aas |
| 2018-12-17T23:10:08.790614337Z | 64 | PC: 12c1c | Write file or device (Write 493 bytes on handle 5) |
| 2018-12-17T23:10:08.814261244Z | 62 | PC: 12c23 | Close file |
| 2018-12-17T23:10:08.824250491Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:10:08.831764667Z | 61 | PC: 12bc1 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T23:10:08.849820742Z | 63 | PC: 12bd0 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:10:08.858821897Z | 66 | PC: 12bdf | Move file pointer |
| 2018-12-17T23:10:08.869974955Z | 66 | PC: 12bee | Move file pointer |
| 2018-12-17T23:10:08.882909563Z | 64 | PC: 12bfa | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:10:08.888812159Z | 66 | PC: 12c06 | Move file pointer |
| 2018-12-17T23:10:08.896107642Z | 44 | PC: 12c0a | Get time 0x12c0a: mov byte ptr [bp + 0x1ed], dl 0x12c0e: call 0x12c24 0x12c11: mov ah, 0x40 0x12c13: mov cx, 0x1ed 0x12c16: lea dx, word ptr [bp + 6] 0x12c1a: int 0x21 0x12c1c: call 0x12c24 0x12c1f: mov ah, 0x3e 0x12c21: int 0x21 0x12c23: ret 0x12c24: lea si, word ptr [bp + 0x11] 0x12c28: mov cx, 0x1bd 0x12c2b: xor byte ptr [si], 0x4b 0x12c2e: inc si 0x12c2f: dec cx 0x12c30: jne 0x12c2b 0x12c32: ret 0x12c33: add word ptr [bx], di 0x12c35: aas 0x12c36: aas |
| 2018-12-17T23:10:08.899850125Z | 64 | PC: 12c1c | Write file or device (Write 493 bytes on handle 5) |
| 2018-12-17T23:10:08.909345413Z | 62 | PC: 12c23 | Close file |
| 2018-12-17T23:10:08.919992688Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:10:08.923431772Z | 61 | PC: 12bc1 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T23:10:08.930998948Z | 63 | PC: 12bd0 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:10:08.939582875Z | 66 | PC: 12bdf | Move file pointer |
| 2018-12-17T23:10:08.941958702Z | 66 | PC: 12bee | Move file pointer |
| 2018-12-17T23:10:08.943894336Z | 64 | PC: 12bfa | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:10:08.951469554Z | 66 | PC: 12c06 | Move file pointer |
| 2018-12-17T23:10:08.953407642Z | 44 | PC: 12c0a | Get time 0x12c0a: mov byte ptr [bp + 0x1ed], dl 0x12c0e: call 0x12c24 0x12c11: mov ah, 0x40 0x12c13: mov cx, 0x1ed 0x12c16: lea dx, word ptr [bp + 6] 0x12c1a: int 0x21 0x12c1c: call 0x12c24 0x12c1f: mov ah, 0x3e 0x12c21: int 0x21 0x12c23: ret 0x12c24: lea si, word ptr [bp + 0x11] 0x12c28: mov cx, 0x1bd 0x12c2b: xor byte ptr [si], 0x50 0x12c2e: inc si 0x12c2f: dec cx 0x12c30: jne 0x12c2b 0x12c32: ret 0x12c33: add word ptr [bx], di 0x12c35: aas 0x12c36: aas |
| 2018-12-17T23:10:08.956371155Z | 64 | PC: 12c1c | Write file or device (Write 493 bytes on handle 5) |
| 2018-12-17T23:10:08.966110299Z | 62 | PC: 12c23 | Close file |
| 2018-12-17T23:10:08.976416848Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:10:08.979727257Z | 61 | PC: 12bc1 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T23:10:08.987392269Z | 63 | PC: 12bd0 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:10:08.995374338Z | 66 | PC: 12bdf | Move file pointer |
| 2018-12-17T23:10:08.997309168Z | 66 | PC: 12bee | Move file pointer |
| 2018-12-17T23:10:08.999222165Z | 64 | PC: 12bfa | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:10:09.003871537Z | 66 | PC: 12c06 | Move file pointer |
| 2018-12-17T23:10:09.00557241Z | 44 | PC: 12c0a | Get time 0x12c0a: mov byte ptr [bp + 0x1ed], dl 0x12c0e: call 0x12c24 0x12c11: mov ah, 0x40 0x12c13: mov cx, 0x1ed 0x12c16: lea dx, word ptr [bp + 6] 0x12c1a: int 0x21 0x12c1c: call 0x12c24 0x12c1f: mov ah, 0x3e 0x12c21: int 0x21 0x12c23: ret 0x12c24: lea si, word ptr [bp + 0x11] 0x12c28: mov cx, 0x1bd 0x12c2b: xor byte ptr [si], 0x56 0x12c2e: inc si 0x12c2f: dec cx 0x12c30: jne 0x12c2b 0x12c32: ret 0x12c33: add word ptr [bx], di 0x12c35: aas 0x12c36: aas |
| 2018-12-17T23:10:09.010514201Z | 64 | PC: 12c1c | Write file or device (Write 493 bytes on handle 5) |
| 2018-12-17T23:10:09.020758215Z | 62 | PC: 12c23 | Close file |
| 2018-12-17T23:10:09.030402786Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:10:09.033921014Z | 61 | PC: 12bc1 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T23:10:09.043105725Z | 63 | PC: 12bd0 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:10:09.050572553Z | 66 | PC: 12bdf | Move file pointer |
| 2018-12-17T23:10:09.052624627Z | 66 | PC: 12bee | Move file pointer |
| 2018-12-17T23:10:09.055818283Z | 64 | PC: 12bfa | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:10:09.059351611Z | 66 | PC: 12c06 | Move file pointer |
| 2018-12-17T23:10:09.06144765Z | 44 | PC: 12c0a | Get time 0x12c0a: mov byte ptr [bp + 0x1ed], dl 0x12c0e: call 0x12c24 0x12c11: mov ah, 0x40 0x12c13: mov cx, 0x1ed 0x12c16: lea dx, word ptr [bp + 6] 0x12c1a: int 0x21 0x12c1c: call 0x12c24 0x12c1f: mov ah, 0x3e 0x12c21: int 0x21 0x12c23: ret 0x12c24: lea si, word ptr [bp + 0x11] 0x12c28: mov cx, 0x1bd 0x12c2b: xor byte ptr [si], 0x5b 0x12c2e: inc si 0x12c2f: dec cx 0x12c30: jne 0x12c2b 0x12c32: ret 0x12c33: add word ptr [bx], di 0x12c35: aas 0x12c36: aas |
| 2018-12-17T23:10:09.064585389Z | 64 | PC: 12c1c | Write file or device (Write 493 bytes on handle 5) |
| 2018-12-17T23:10:09.075284767Z | 62 | PC: 12c23 | Close file |
| 2018-12-17T23:10:09.084986703Z | 79 | PC: 12a78 | Find next file |
| 2018-12-17T23:10:09.088885517Z | 61 | PC: 12bc1 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T23:10:09.097691327Z | 63 | PC: 12bd0 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:10:09.105314354Z | 66 | PC: 12bdf | Move file pointer |
| 2018-12-17T23:10:09.108321382Z | 66 | PC: 12bee | Move file pointer |
| 2018-12-17T23:10:09.111330406Z | 64 | PC: 12bfa | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:10:09.115623669Z | 66 | PC: 12c06 | Move file pointer |
| 2018-12-17T23:10:09.117747415Z | 44 | PC: 12c0a | Get time 0x12c0a: mov byte ptr [bp + 0x1ed], dl 0x12c0e: call 0x12c24 0x12c11: mov ah, 0x40 0x12c13: mov cx, 0x1ed 0x12c16: lea dx, word ptr [bp + 6] 0x12c1a: int 0x21 0x12c1c: call 0x12c24 0x12c1f: mov ah, 0x3e 0x12c21: int 0x21 0x12c23: ret 0x12c24: lea si, word ptr [bp + 0x11] 0x12c28: mov cx, 0x1bd 0x12c2b: xor byte ptr [si], 0x61 0x12c2e: inc si 0x12c2f: dec cx 0x12c30: jne 0x12c2b 0x12c32: ret 0x12c33: add word ptr [bx], di 0x12c35: aas 0x12c36: aas |
| 2018-12-17T23:10:09.121963331Z | 64 | PC: 12c1c | Write file or device (Write 493 bytes on handle 5) |
| 2018-12-17T23:10:09.131664816Z | 62 | PC: 12c23 | Close file |
| 2018-12-17T23:10:09.141334111Z | 26 | PC: 12a88 | Set disk transfer address |
| 2018-12-17T23:10:09.143588449Z | 9 | PC: 12aa6 | Display string (String= ' A starlit or a moonlit dome disdains All that man is, All mere complexities, The fury and the mire of human veins. Byzanthium by W.B. Yeats ') |