.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:10:48.882299289Z | 26 | PC: 13997 | Set disk transfer address |
| 2018-12-17T23:10:48.884122809Z | 78 | PC: 13960 | Find first file |
| 2018-12-17T23:10:48.892338112Z | 79 | PC: 1396b | Find next file |
| 2018-12-17T23:10:48.895433655Z | 79 | PC: 1396b | Find next file |
| 2018-12-17T23:10:48.898782485Z | 79 | PC: 1396b | Find next file |
| 2018-12-17T23:10:48.902840708Z | 79 | PC: 1396b | Find next file |
| 2018-12-17T23:10:48.907907038Z | 79 | PC: 1396b | Find next file |
| 2018-12-17T23:10:48.910714679Z | 79 | PC: 1396b | Find next file |
| 2018-12-17T23:10:48.914182112Z | 79 | PC: 1396b | Find next file |
| 2018-12-17T23:10:48.916867514Z | 79 | PC: 1396b | Find next file |
| 2018-12-17T23:10:48.922061453Z | 78 | PC: 13960 | Find first file |
| 2018-12-17T23:10:48.929403424Z | 79 | PC: 1396b | Find next file |
| 2018-12-17T23:10:48.932820492Z | 79 | PC: 1396b | Find next file |
| 2018-12-17T23:10:48.936167808Z | 79 | PC: 1396b | Find next file |
| 2018-12-17T23:10:48.93993802Z | 79 | PC: 1396b | Find next file |
| 2018-12-17T23:10:48.943314792Z | 79 | PC: 1396b | Find next file |
| 2018-12-17T23:10:48.946251987Z | 61 | PC: 13a0d | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T23:10:48.954243108Z | 63 | PC: 13a1f | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T23:10:48.962052639Z | 66 | PC: 13a72 | Move file pointer |
| 2018-12-17T23:10:48.963697723Z | 64 | PC: 13a7c | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T23:10:48.966772848Z | 66 | PC: 13a88 | Move file pointer |
| 2018-12-17T23:10:48.969691548Z | 64 | PC: 13a93 | Write file or device (Write 512 bytes on handle 5) |
| 2018-12-17T23:10:48.98628473Z | 87 | PC: 13a46 | Get or set file date and time |
| 2018-12-17T23:10:48.988634761Z | 62 | PC: 13a4a | Close file |
| 2018-12-17T23:10:48.998053908Z | 42 | PC: 139c5 | Get date 0x139c5: xor bx, bx 0x139c7: mov cx, 0x53 0x139ca: lea si, word ptr [bp + 0x155] 0x139ce: mov di, si 0x139d0: lodsw ax, word ptr [si] 0x139d1: xor ax, dx 0x139d3: xor bx, ax 0x139d5: stosw word ptr es:[di], ax 0x139d6: ror dx, 1 0x139d8: loop 0x139d0 0x139da: cmp bx, 0xa483 0x139de: jne 0x139e3 0x139e0: call 0x13a95 0x139e3: mov dx, 0x80 0x139e6: mov ah, 0x1a 0x139e8: int 0x21 0x139ea: ret 0x139eb: call 0x23956 0x139ee: jb 0x13a13 0x139f0: mov bx, word ptr [bp + 0x21f] |
| 2018-12-17T23:10:49.00069688Z | 26 | PC: 139ea | Set disk transfer address |