.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:05:48.402090382Z | 78 | PC: 12a4d | Find first file |
| 2018-12-17T22:05:48.409249548Z | 61 | PC: 12a57 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:05:48.415503444Z | 63 | PC: 12a62 | Read file or device (Read 1 bytes on handle 5) |
| 2018-12-17T22:05:48.421592774Z | 62 | PC: 12a66 | Close file |
| 2018-12-17T22:05:48.431747628Z | 37 | PC: 12a78 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:05:48.432854614Z | 67 | PC: 12a80 | Get or set file attributes |
| 2018-12-17T22:05:48.438775478Z | 67 | PC: 12a88 | Get or set file attributes |
| 2018-12-17T22:05:48.454468148Z | 61 | PC: 12a8d | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:05:48.466560461Z | 44 | PC: 12a92 | Get time 0x12a92: mov word ptr [0x55e], dx 0x12a96: mov ah, 0x40 0x12a98: push ax 0x12a99: mov cx, 0x462 0x12a9c: push cx 0x12a9d: mov dx, 0x100 0x12aa0: jmp 0x12e81 0x12aa3: mov ax, 0x4301 0x12aa6: mov dx, 0x9e 0x12aa9: pop cx 0x12aaa: int 0x21 0x12aac: mov ah, 9 0x12aae: mov dx, 0x1f7 0x12ab1: int 0x21 0x12ab3: int 0x20 0x12ab5: mov ah, 0xf 0x12ab7: int 0x10 0x12ab9: xor ah, ah 0x12abb: int 0x10 0x12abd: mov ah, 1 |
| 2018-12-17T22:05:48.469010159Z | 64 | PC: 12e88 | Write file or device (Write 1122 bytes on handle 5) |
| 2018-12-17T22:05:48.477835486Z | 67 | PC: 12aac | Get or set file attributes |
| 2018-12-17T22:05:48.488987727Z | 9 | PC: 12ab3 | Display string (String= 'Bad command or file name ') |