.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:05:05.847148264Z | 26 | PC: 12a72 | Set disk transfer address |
| 2018-12-17T22:05:05.849817448Z | 37 | PC: 12a80 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:05:05.850973636Z | 37 | PC: 12a84 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input') |
| 2018-12-17T22:05:05.852008871Z | 78 | PC: 12acf | Find first file |
| 2018-12-17T22:05:05.85998074Z | 61 | PC: 12c19 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:05:05.866643392Z | 63 | PC: 12c28 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:05:05.873123624Z | 66 | PC: 12c37 | Move file pointer |
| 2018-12-17T22:05:05.875035456Z | 66 | PC: 12c46 | Move file pointer |
| 2018-12-17T22:05:05.880862318Z | 64 | PC: 12c52 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:05:05.883690768Z | 66 | PC: 12c5e | Move file pointer |
| 2018-12-17T22:05:05.88503539Z | 44 | PC: 12c62 | Get time 0x12c62: mov byte ptr [bp + 0x245], dl
0x12c66: call 0x12c7c
0x12c69: mov ah, 0x40
0x12c6b: mov cx, 0x245
0x12c6e: lea dx, word ptr [bp + 6]
0x12c72: int 0x21
0x12c74: call 0x12c7c
0x12c77: mov ah, 0x3e
0x12c79: int 0x21
0x12c7b: ret
0x12c7c: lea si, word ptr [bp + 0x1f]
0x12c80: mov cx, 0x207
0x12c83: xor byte ptr [si], 0
0x12c86: inc si
0x12c87: dec cx
0x12c88: jne 0x12c83
0x12c8a: ret
0x12c8b: add word ptr [bx], di
0x12c8d: aas
0x12c8e: aas
|
| 2018-12-17T22:05:05.88775796Z | 64 | PC: 12c74 | Write file or device (Write 581 bytes on handle 5) |
| 2018-12-17T22:05:05.903064436Z | 62 | PC: 12c7b | Close file |
| 2018-12-17T22:05:05.911558789Z | 79 | PC: 12acf | Find next file |
| 2018-12-17T22:05:05.914959252Z | 61 | PC: 12c19 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:05:05.921754616Z | 63 | PC: 12c28 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:05:05.928444829Z | 66 | PC: 12c37 | Move file pointer |
| 2018-12-17T22:05:05.930322256Z | 66 | PC: 12c46 | Move file pointer |
| 2018-12-17T22:05:05.932506175Z | 64 | PC: 12c52 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:05:05.93557941Z | 66 | PC: 12c5e | Move file pointer |
| 2018-12-17T22:05:05.938136657Z | 44 | PC: 12c62 | Get time 0x12c62: mov byte ptr [bp + 0x245], dl
0x12c66: call 0x12c7c
0x12c69: mov ah, 0x40
0x12c6b: mov cx, 0x245
0x12c6e: lea dx, word ptr [bp + 6]
0x12c72: int 0x21
0x12c74: call 0x12c7c
0x12c77: mov ah, 0x3e
0x12c79: int 0x21
0x12c7b: ret
0x12c7c: lea si, word ptr [bp + 0x1f]
0x12c80: mov cx, 0x207
0x12c83: xor byte ptr [si], 0x34
0x12c86: inc si
0x12c87: dec cx
0x12c88: jne 0x12c83
0x12c8a: ret
0x12c8b: add word ptr [bx], di
0x12c8d: aas
0x12c8e: aas
|
| 2018-12-17T22:05:05.9409495Z | 64 | PC: 12c74 | Write file or device (Write 581 bytes on handle 5) |
| 2018-12-17T22:05:05.947671001Z | 62 | PC: 12c7b | Close file |
| 2018-12-17T22:05:05.954835001Z | 79 | PC: 12acf | Find next file |
| 2018-12-17T22:05:05.957629419Z | 61 | PC: 12c19 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:05:05.963268757Z | 63 | PC: 12c28 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:05:05.969268489Z | 66 | PC: 12c37 | Move file pointer |
| 2018-12-17T22:05:05.970691804Z | 66 | PC: 12c46 | Move file pointer |
| 2018-12-17T22:05:05.971819117Z | 64 | PC: 12c52 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:05:05.973950158Z | 66 | PC: 12c5e | Move file pointer |
| 2018-12-17T22:05:05.976302004Z | 44 | PC: 12c62 | Get time 0x12c62: mov byte ptr [bp + 0x245], dl
0x12c66: call 0x12c7c
0x12c69: mov ah, 0x40
0x12c6b: mov cx, 0x245
0x12c6e: lea dx, word ptr [bp + 6]
0x12c72: int 0x21
0x12c74: call 0x12c7c
0x12c77: mov ah, 0x3e
0x12c79: int 0x21
0x12c7b: ret
0x12c7c: lea si, word ptr [bp + 0x1f]
0x12c80: mov cx, 0x207
0x12c83: xor byte ptr [si], 0x3a
0x12c86: inc si
0x12c87: dec cx
0x12c88: jne 0x12c83
0x12c8a: ret
0x12c8b: add word ptr [bx], di
0x12c8d: aas
0x12c8e: aas
|
| 2018-12-17T22:05:05.978909305Z | 64 | PC: 12c74 | Write file or device (Write 581 bytes on handle 5) |
| 2018-12-17T22:05:05.98632995Z | 62 | PC: 12c7b | Close file |
| 2018-12-17T22:05:05.993746873Z | 79 | PC: 12acf | Find next file |
| 2018-12-17T22:05:05.996195582Z | 61 | PC: 12c19 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:05:06.002492638Z | 63 | PC: 12c28 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:05:06.009032398Z | 66 | PC: 12c37 | Move file pointer |
| 2018-12-17T22:05:06.010303069Z | 66 | PC: 12c46 | Move file pointer |
| 2018-12-17T22:05:06.011447942Z | 64 | PC: 12c52 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:05:06.014316728Z | 66 | PC: 12c5e | Move file pointer |
| 2018-12-17T22:05:06.015496455Z | 44 | PC: 12c62 | Get time 0x12c62: mov byte ptr [bp + 0x245], dl
0x12c66: call 0x12c7c
0x12c69: mov ah, 0x40
0x12c6b: mov cx, 0x245
0x12c6e: lea dx, word ptr [bp + 6]
0x12c72: int 0x21
0x12c74: call 0x12c7c
0x12c77: mov ah, 0x3e
0x12c79: int 0x21
0x12c7b: ret
0x12c7c: lea si, word ptr [bp + 0x1f]
0x12c80: mov cx, 0x207
0x12c83: xor byte ptr [si], 0x3f
0x12c86: inc si
0x12c87: dec cx
0x12c88: jne 0x12c83
0x12c8a: ret
0x12c8b: add word ptr [bx], di
0x12c8d: aas
0x12c8e: aas
|
| 2018-12-17T22:05:06.017535503Z | 64 | PC: 12c74 | Write file or device (Write 581 bytes on handle 5) |
| 2018-12-17T22:05:06.025341186Z | 62 | PC: 12c7b | Close file |
| 2018-12-17T22:05:06.033371259Z | 79 | PC: 12acf | Find next file |
| 2018-12-17T22:05:06.035096597Z | 61 | PC: 12c19 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:05:06.040890875Z | 63 | PC: 12c28 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:05:06.046831951Z | 66 | PC: 12c37 | Move file pointer |
| 2018-12-17T22:05:06.047951477Z | 66 | PC: 12c46 | Move file pointer |
| 2018-12-17T22:05:06.049530363Z | 64 | PC: 12c52 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:05:06.051268904Z | 66 | PC: 12c5e | Move file pointer |
| 2018-12-17T22:05:06.052434734Z | 44 | PC: 12c62 | Get time 0x12c62: mov byte ptr [bp + 0x245], dl
0x12c66: call 0x12c7c
0x12c69: mov ah, 0x40
0x12c6b: mov cx, 0x245
0x12c6e: lea dx, word ptr [bp + 6]
0x12c72: int 0x21
0x12c74: call 0x12c7c
0x12c77: mov ah, 0x3e
0x12c79: int 0x21
0x12c7b: ret
0x12c7c: lea si, word ptr [bp + 0x1f]
0x12c80: mov cx, 0x207
0x12c83: xor byte ptr [si], 0x3f
0x12c86: inc si
0x12c87: dec cx
0x12c88: jne 0x12c83
0x12c8a: ret
0x12c8b: add word ptr [bx], di
0x12c8d: aas
0x12c8e: aas
|
| 2018-12-17T22:05:06.054497687Z | 64 | PC: 12c74 | Write file or device (Write 581 bytes on handle 5) |
| 2018-12-17T22:05:06.059937534Z | 62 | PC: 12c7b | Close file |
| 2018-12-17T22:05:06.065658971Z | 26 | PC: 12ae9 | Set disk transfer address |
| 2018-12-17T22:05:06.067124891Z | 9 | PC: 12b01 | Display string (String= '������t�Ɔ��*�!r��7��O��;�����!sٴ�����!������Wð%�p�q��<�u�� �!�������&������������!�&�????????OV?��������������������������� ����
��!�
????????OV?�') |
| 2018-12-17T22:05:06.071803448Z | 19 | PC: 12b16 | Delete file |
| 2018-12-17T22:05:06.075759517Z | 9 | PC: 12b48 | Display string (String= '????????OV?�') |
