.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T23:11:55.687144033Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:11:55.688723496Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:11:55.689807192Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:11:55.691105339Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:11:55.693242563Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:11:55.694290049Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:11:55.695302823Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:11:55.696984842Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:11:55.698017387Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:11:55.699337105Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:11:55.701528485Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:11:55.702601746Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:11:55.703653896Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:11:55.705300339Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:11:55.706652072Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:11:55.707779331Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:11:55.709456708Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:11:55.710656293Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:11:55.711775629Z | 53 | PC: 132ba | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:11:55.712957175Z | 37 | PC: 132cf | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:11:55.714144494Z | 37 | PC: 132d7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:11:55.715048654Z | 37 | PC: 132df | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:11:55.716118963Z | 37 | PC: 132e7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:11:55.717737967Z | 68 | PC: 13b45 | I/O control for devices (Set for = '') |
| 2018-12-17T23:11:55.718725252Z | 44 | PC: 130b6 | Get time 0x130b6: mov byte ptr [0x56], ch
0x130ba: mov di, 0x58
0x130bd: push ds
0x130be: push di
0x130bf: call 0x22a40
0x130c2: cmp byte ptr [0x56], 0x11
0x130c7: jb 0x130dc
0x130c9: mov ah, 0x40
0x130cb: mov bx, 1
0x130ce: lea dx, word ptr [0x58]
0x130d2: mov cx, 0x23
0x130d5: int 0x21
0x130d7: mov byte ptr [0x2acf], 1
0x130dc: push ax
0x130dd: in al, 0x21
0x130df: or al, 3
0x130e1: out 0x21, al
0x130e3: pop ax
0x130e4: call 0x22be3
0x130e7: call 0x2301b
|
| 2018-12-17T23:11:55.720688626Z | 48 | PC: 13870 | Get DOS version |
| 2018-12-17T23:11:55.725821677Z | 48 | PC: 13870 | Get DOS version |
| 2018-12-17T23:11:55.727172821Z | 61 | PC: 13722 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:11:55.733500303Z | 63 | PC: 137f5 | Read file or device (Read 4944 bytes on handle 5) |
| 2018-12-17T23:11:55.745794856Z | 62 | PC: 13772 | Close file |
| 2018-12-17T23:11:55.747561682Z | 26 | PC: 13135 | Set disk transfer address |
| 2018-12-17T23:11:55.748427718Z | 78 | PC: 13141 | Find first file |
| 2018-12-17T23:11:55.754990093Z | 61 | PC: 13722 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T23:11:55.761056132Z | 66 | PC: 13854 | Move file pointer |
| 2018-12-17T23:11:55.762337799Z | 63 | PC: 137f5 | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T23:11:55.769660349Z | 26 | PC: 13159 | Set disk transfer address |
| 2018-12-17T23:11:55.770695584Z | 79 | PC: 1315e | Find next file |
| 2018-12-17T23:11:55.7737637Z | 48 | PC: 13870 | Get DOS version |
| 2018-12-17T23:11:55.775902177Z | 26 | PC: 13135 | Set disk transfer address |
| 2018-12-17T23:11:55.77712346Z | 78 | PC: 13141 | Find first file |
| 2018-12-17T23:11:55.782943227Z | 48 | PC: 13870 | Get DOS version |
| 2018-12-17T23:11:55.785056752Z | 67 | PC: 12cee | Get or set file attributes |
| 2018-12-17T23:11:55.786984761Z | 61 | PC: 13722 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:11:55.793460847Z | 66 | PC: 13854 | Move file pointer |
| 2018-12-17T23:11:55.80788462Z | 63 | PC: 137f5 | Read file or device (Read 4944 bytes on handle 6) |
| 2018-12-17T23:11:55.815067621Z | 66 | PC: 13854 | Move file pointer |
| 2018-12-17T23:11:55.816360736Z | 64 | PC: 13753 | Write file or device (Write 0 bytes on handle 6) |
| 2018-12-17T23:11:55.830506213Z | 66 | PC: 13854 | Move file pointer |
| 2018-12-17T23:11:55.83199792Z | 64 | PC: 137f5 | Write file or device (Write 4944 bytes on handle 6) |
| 2018-12-17T23:11:55.839729216Z | 62 | PC: 13772 | Close file |
| 2018-12-17T23:11:55.848550029Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:11:55.849690016Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:11:55.850764169Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:11:55.852765783Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:11:55.853858539Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:11:55.854929572Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:11:55.856153908Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:11:55.858307807Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:11:55.859409395Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:11:55.860539128Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:11:55.862258971Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:11:55.863418412Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:11:55.864738986Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:11:55.872110348Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:11:55.873102438Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:11:55.874100436Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:11:55.875459126Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:11:55.876461571Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:11:55.87757389Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:11:55.879374675Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:11:55.880534516Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:11:55.881646756Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:11:55.883196394Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:11:55.884614848Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:11:55.885979721Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:11:55.887838832Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:11:55.888794202Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:11:55.889813634Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:11:55.894632324Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:11:55.895866553Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:11:55.897055847Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:11:55.898684757Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:11:55.899639078Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:11:55.90061139Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:11:55.902248035Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:11:55.904988246Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:11:55.906876936Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:11:55.90855547Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:11:55.910067481Z | 41 | PC: 131ed | Parse filename |
| 2018-12-17T23:11:55.91166553Z | 41 | PC: 131fb | Parse filename |
| 2018-12-17T23:11:55.913638718Z | 75 | PC: 13206 | Execute program |
| 2018-12-17T23:11:55.928852121Z | 9 | PC: 173c8 | Display string (String= '����������J�W�U�W���������������������������������') |
| 2018-12-17T23:11:55.943058924Z | 76 | PC: 173cc | Terminate with return code (Return code = '36') |
| 2018-12-17T23:11:55.946156158Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:11:55.947250715Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:11:55.9485437Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:11:55.949913553Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:11:55.950845281Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:11:55.95183521Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:11:55.953204918Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:11:55.954550663Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:11:55.955761486Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:11:55.957366891Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:11:55.958581787Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:11:55.959807836Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:11:55.961977341Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:11:55.963280779Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:11:55.964531836Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:11:55.966892928Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:11:55.968131508Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:11:55.969417984Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:11:55.971335342Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:11:55.972307286Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:11:55.973272442Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:11:55.975025756Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:11:55.976370995Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:11:55.977648103Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:11:55.979449619Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:11:55.980723529Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:11:55.981994211Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:11:55.983802373Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:11:55.985044942Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:11:55.986362212Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:11:55.987930611Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:11:55.988890029Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:11:55.989759518Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:11:55.991250815Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:11:55.992417184Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:11:55.993715092Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:11:55.995497104Z | 53 | PC: 13236 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:11:55.996371775Z | 37 | PC: 1323f | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:11:55.997270435Z | 48 | PC: 13870 | Get DOS version |
| 2018-12-17T23:11:55.999068535Z | 61 | PC: 13722 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:11:56.005552463Z | 64 | PC: 137f5 | Write file or device (Write 4944 bytes on handle 6) |
| 2018-12-17T23:11:56.013409255Z | 66 | PC: 13854 | Move file pointer |
| 2018-12-17T23:11:56.015280959Z | 64 | PC: 137f5 | Write file or device (Write 4944 bytes on handle 6) |
| 2018-12-17T23:11:56.022991607Z | 66 | PC: 13854 | Move file pointer |
| 2018-12-17T23:11:56.024983841Z | 64 | PC: 137f5 | Write file or device (Write 5 bytes on handle 6) |
| 2018-12-17T23:11:56.027600014Z | 62 | PC: 13772 | Close file |
| 2018-12-17T23:11:56.035543182Z | 64 | PC: 1367d | Write file or device (Write 0 bytes on handle 1) |
| 2018-12-17T23:11:56.037014772Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:11:56.038822391Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:11:56.039783769Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:11:56.040711448Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T23:11:56.04259252Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:11:56.043819519Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:11:56.044968935Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:11:56.046432569Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:11:56.047644985Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:11:56.048904211Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:11:56.050579777Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:11:56.051834998Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:11:56.053185709Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:11:56.054415893Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:11:56.056195471Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:11:56.057825382Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:11:56.058775045Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:11:56.059667116Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:11:56.061165638Z | 37 | PC: 13411 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:11:56.062542611Z | 76 | PC: 13450 | Terminate with return code (Return code = '0') |
