.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:12:34.558272578Z | 37 | PC: 12d23 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:12:34.559921298Z | 48 | PC: 12bc3 | Get DOS version |
| 2018-12-17T23:12:34.560989402Z | 71 | PC: 12bdb | Get current directory |
| 2018-12-17T23:12:34.563472082Z | 47 | PC: 12be6 | Get disk transfer address |
| 2018-12-17T23:12:34.573459325Z | 78 | PC: 12bf6 | Find first file |
| 2018-12-17T23:12:34.57880324Z | 67 | PC: 12c69 | Get or set file attributes |
| 2018-12-17T23:12:34.592194943Z | 61 | PC: 12c70 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:12:34.597814973Z | 63 | PC: 12c81 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T23:12:34.602845735Z | 66 | PC: 12c9d | Move file pointer |
| 2018-12-17T23:12:34.603992957Z | 44 | PC: 12d68 | Get time 0x12d68: call 0x12d6b 0x12d6b: pop si 0x12d6c: sub si, 0x1d4 0x12d70: mov word ptr [si], dx 0x12d72: add si, 0xe 0x12d75: mov di, si 0x12d77: mov cx, 0xcd 0x12d7a: xor word ptr [si], dx 0x12d7c: add si, 2 0x12d7f: loop 0x12d7a 0x12d81: mov ah, 0x40 0x12d83: mov bp, dx 0x12d85: pop dx 0x12d86: mov cx, 0x2dc 0x12d89: int 0xf2 0x12d8b: pushf 0x12d8c: mov cx, 0xcd 0x12d8f: xor word ptr [di], bp 0x12d91: add di, 2 0x12d94: loop 0x12d8f |
| 2018-12-17T23:12:34.605949319Z | 64 | PC: 12d8b | Write file or device (Write 732 bytes on handle 5) |
| 2018-12-17T23:12:34.612914358Z | 66 | PC: 12cc9 | Move file pointer |
| 2018-12-17T23:12:34.614214644Z | 64 | PC: 12cd4 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T23:12:34.618603836Z | 87 | PC: 12ceb | Get or set file date and time |
| 2018-12-17T23:12:34.623800919Z | 62 | PC: 12cef | Close file |
| 2018-12-17T23:12:34.629265529Z | 67 | PC: 12d00 | Get or set file attributes |
| 2018-12-17T23:12:34.636195052Z | 59 | PC: 12c1f | Change current directory |
| 2018-12-17T23:12:34.643093894Z | 37 | PC: 12d2f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:12:34.646404968Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ') |
| 2018-12-17T23:12:34.648999074Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |