.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:10:46.99428888Z | 74 | PC: 13f1a | Reallocate memory |
| 2018-12-17T23:10:47.003293134Z | 74 | PC: 14bd9 | Reallocate memory |
| 2018-12-17T23:10:47.005764379Z | 37 | PC: 136ff | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:10:47.007433647Z | 37 | PC: 13707 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:10:47.00932712Z | 37 | PC: 1370f | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:10:47.011585892Z | 68 | PC: 13a7f | I/O control for devices (Set for = '') |
| 2018-12-17T23:10:47.073445675Z | 37 | PC: 12fd5 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:10:47.075144853Z | 44 | PC: 140c6 | Get time 0x140c6: mov word ptr [0x5a], cx 0x140ca: mov word ptr [0x5c], dx 0x140ce: retf 0x140cf: mov bx, sp 0x140d1: push ds 0x140d2: les di, ptr ss:[bx + 8] 0x140d6: lds si, ptr ss:[bx + 4] 0x140da: cld 0x140db: xor ax, ax 0x140dd: stosw word ptr es:[di], ax 0x140de: mov ax, 0xd7b0 0x140e1: stosw word ptr es:[di], ax 0x140e2: xor ax, ax 0x140e4: mov cx, 0x16 0x140e7: rep stosd dword ptr es:[di], eax 0x140e9: lodsb al, byte ptr [si] 0x140ea: cmp al, 0x4f 0x140ec: jbe 0x140f0 0x140ee: mov al, 0x4f 0x140f0: mov cl, al |
| 2018-12-17T23:10:47.078327369Z | 48 | PC: 1431f | Get DOS version |
| 2018-12-17T23:10:47.080991955Z | 26 | PC: 13585 | Set disk transfer address |
| 2018-12-17T23:10:47.082596424Z | 78 | PC: 13591 | Find first file |
| 2018-12-17T23:10:47.090217263Z | 61 | PC: 14145 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:10:47.098154615Z | 60 | PC: 14145 | Create or truncate file |
| 2018-12-17T23:10:47.123754988Z | 66 | PC: 142e1 | Move file pointer |
| 2018-12-17T23:10:47.127129377Z | 66 | PC: 142ef | Move file pointer |
| 2018-12-17T23:10:47.12896433Z | 66 | PC: 142fd | Move file pointer |
| 2018-12-17T23:10:47.131010375Z | 63 | PC: 14218 | Read file or device (Read 6258 bytes on handle 5) |
| 2018-12-17T23:10:47.141876487Z | 64 | PC: 14218 | Write file or device (Write 6257 bytes on handle 6) |
| 2018-12-17T23:10:47.15296267Z | 62 | PC: 14195 | Close file |
| 2018-12-17T23:10:47.155522563Z | 62 | PC: 14195 | Close file |
| 2018-12-17T23:10:47.16661736Z | 61 | PC: 13a66 | Open file (Filename = 'A:\autoexec.bat') |
| 2018-12-17T23:10:47.178385497Z | 60 | PC: 13a66 | Create or truncate file |
| 2018-12-17T23:10:47.19380713Z | 68 | PC: 13a7f | I/O control for devices (Set for = 'A:\autoexec.bat') |
| 2018-12-17T23:10:47.196382374Z | 64 | PC: 13b5d | Write file or device (Write 19 bytes on handle 5) |
| 2018-12-17T23:10:47.201304885Z | 62 | PC: 13b9c | Close file |
| 2018-12-17T23:10:47.217506976Z | 26 | PC: 13585 | Set disk transfer address |
| 2018-12-17T23:10:47.219185545Z | 78 | PC: 13591 | Find first file |