.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:05:40.652498875Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:05:40.653744499Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:05:40.655243671Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:05:40.657180982Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.658336964Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.659727764Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.668132738Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.669657322Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.670990091Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.672465483Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.673938447Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.675777074Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.687388339Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.689013356Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.690617905Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.69296689Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.694458063Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.695793801Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.697169879Z | 53 | PC: 12e92 | Get interrupt vector (Interrupt = '32' AKA 'Reserved') |
| 2018-12-17T22:05:40.704929341Z | 37 | PC: 12ea7 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:05:40.705925287Z | 37 | PC: 12eaf | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:05:40.706937575Z | 37 | PC: 12eb7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:05:40.708506219Z | 37 | PC: 12ebf | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:05:40.710302266Z | 68 | PC: 131dc | I/O control for devices (Set for = '') |
| 2018-12-17T22:05:40.712165121Z | 61 | PC: 12a51 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:05:40.720023548Z | 63 | PC: 12c2d | Read file or device (Read 2783 bytes on handle 5) |
| 2018-12-17T22:05:40.727930864Z | 66 | PC: 12c37 | Move file pointer |
| 2018-12-17T22:05:40.729306806Z | 66 | PC: 12c4d | Move file pointer |
| 2018-12-17T22:05:40.731494819Z | 63 | PC: 12a6e | Read file or device (Read 2783 bytes on handle 5) |
| 2018-12-17T22:05:40.738924313Z | 66 | PC: 12a78 | Move file pointer |
| 2018-12-17T22:05:40.740170725Z | 64 | PC: 12a88 | Write file or device (Write 2783 bytes on handle 5) |
| 2018-12-17T22:05:40.760122986Z | 66 | PC: 12c71 | Move file pointer |
| 2018-12-17T22:05:40.761347858Z | 64 | PC: 12c77 | Write file or device (Write 0 bytes on handle 5) |
| 2018-12-17T22:05:40.768641179Z | 62 | PC: 12c7b | Close file |
| 2018-12-17T22:05:40.775897826Z | 53 | PC: 12c80 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:05:40.776913914Z | 37 | PC: 12cba | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:05:40.777959579Z | 37 | PC: 12cc8 | Set interrupt vector (Interrupt = '40' AKA 'Random block write') |
| 2018-12-17T22:05:40.779978274Z | 41 | PC: 12dfb | Parse filename |
| 2018-12-17T22:05:40.781443209Z | 41 | PC: 12e09 | Parse filename |
| 2018-12-17T22:05:40.78279137Z | 75 | PC: 12e14 | Execute program |
| 2018-12-17T22:05:40.798103239Z | 9 | PC: 16cc6 | Display string (String= 'CDEFG-This is a 5000 byte COM test, 1994 ') |
| 2018-12-17T22:05:40.803781786Z | 61 | PC: 12a51 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:05:40.811401669Z | 63 | PC: 12a6e | Read file or device (Read 2783 bytes on handle 5) |
| 2018-12-17T22:05:40.818496137Z | 66 | PC: 12a78 | Move file pointer |
| 2018-12-17T22:05:40.820194597Z | 64 | PC: 12a88 | Write file or device (Write 2783 bytes on handle 5) |
| 2018-12-17T22:05:40.827995151Z | 66 | PC: 12ba6 | Move file pointer |
| 2018-12-17T22:05:40.829878173Z | 64 | PC: 12bb9 | Write file or device (Write 2783 bytes on handle 5) |
| 2018-12-17T22:05:40.838833588Z | 62 | PC: 12bbe | Close file |
| 2018-12-17T22:05:40.846993832Z | 42 | PC: 12bc7 | Get date 0x12bc7: mov byte ptr [0x5a], dl 0x12bcb: leave 0x12bcc: pop es 0x12bcd: pop ds 0x12bce: pop di 0x12bcf: pop si 0x12bd0: pop dx 0x12bd1: pop cx 0x12bd2: pop bx 0x12bd3: pop ax 0x12bd4: iret 0x12bd5: add word ptr [bx + si], sp 0x12bd7: lcall 0x12e4:0 0x12bdc: enter 0x200, 0 0x12be0: mov ax, word ptr [0x38] 0x12be3: push ax 0x12be4: mov di, 0x2c 0x12be7: pop es 0x12be8: mov ax, word ptr es:[di] 0x12beb: mov word ptr [0x4a], ax |
| 2018-12-17T22:05:40.85086669Z | 49 | PC: 12d96 | Terminate and stay resident (Return code = '0' | Memory size = '746') |