.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T23:12:54.557385671Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:12:54.559281627Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:12:54.560756501Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:12:54.562207794Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:12:54.564009925Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:12:54.56538897Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:12:54.566677098Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:12:54.567921188Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:12:54.569990814Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:12:54.5777443Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:12:54.579267307Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:12:54.581320282Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:12:54.583021161Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:12:54.584649571Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:12:54.590287049Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:12:54.59155332Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:12:54.592596234Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:12:54.594364941Z | 53 | PC: 13586 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:12:54.595862612Z | 37 | PC: 1359b | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:12:54.597158808Z | 37 | PC: 135a3 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:12:54.598986315Z | 37 | PC: 135ab | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:12:54.60036065Z | 37 | PC: 135b3 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:12:54.602280549Z | 68 | PC: 13aff | I/O control for devices (Set for = '') |
| 2018-12-17T23:12:54.642259675Z | 37 | PC: 12e97 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:12:54.646622129Z | 25 | PC: 14047 | Get default drive |
| 2018-12-17T23:12:54.647746936Z | 71 | PC: 1405a | Get current directory |
| 2018-12-17T23:12:54.650893505Z | 54 | PC: 134af | Get free disk space |
| 2018-12-17T23:12:54.659910572Z | 26 | PC: 134e5 | Set disk transfer address |
| 2018-12-17T23:12:54.661533302Z | 78 | PC: 134f1 | Find first file |
| 2018-12-17T23:12:54.668905728Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:54.67093008Z | 61 | PC: 13ae6 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:54.675455887Z | 61 | PC: 13ae6 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T23:12:54.683961226Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T23:12:54.68897039Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T23:12:54.691355154Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:54.693572791Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:54.695847179Z | 26 | PC: 13509 | Set disk transfer address |
| 2018-12-17T23:12:54.696947677Z | 79 | PC: 1350e | Find next file |
| 2018-12-17T23:12:54.699520028Z | 26 | PC: 134e5 | Set disk transfer address |
| 2018-12-17T23:12:54.700823987Z | 78 | PC: 134f1 | Find first file |
| 2018-12-17T23:12:54.707531857Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:54.709840909Z | 61 | PC: 13ae6 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:54.717944627Z | 61 | PC: 13ae6 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:12:54.724862347Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T23:12:54.727377126Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T23:12:54.732188068Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:54.734644389Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:54.736256408Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:54.737761222Z | 61 | PC: 13e6c | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:54.742967072Z | 61 | PC: 13e6c | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:12:54.748273398Z | 63 | PC: 13f3f | Read file or device (Read 4980 bytes on handle 5) |
| 2018-12-17T23:12:54.754841024Z | 64 | PC: 13f3f | Write file or device (Write 4980 bytes on handle 6) |
| 2018-12-17T23:12:54.772203598Z | 62 | PC: 13ebc | Close file |
| 2018-12-17T23:12:54.779188346Z | 62 | PC: 13ebc | Close file |
| 2018-12-17T23:12:54.784624358Z | 26 | PC: 13509 | Set disk transfer address |
| 2018-12-17T23:12:54.787251423Z | 79 | PC: 1350e | Find next file |
| 2018-12-17T23:12:54.792180234Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:54.794725341Z | 61 | PC: 13ae6 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:54.804231658Z | 61 | PC: 13ae6 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T23:12:54.809712743Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T23:12:54.812536155Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T23:12:54.821997963Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:54.825558644Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:54.829063343Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:54.831112482Z | 61 | PC: 13e6c | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:54.840317152Z | 61 | PC: 13e6c | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T23:12:54.848170471Z | 63 | PC: 13f3f | Read file or device (Read 4980 bytes on handle 5) |
| 2018-12-17T23:12:54.85667818Z | 64 | PC: 13f3f | Write file or device (Write 4980 bytes on handle 6) |
| 2018-12-17T23:12:54.867321727Z | 62 | PC: 13ebc | Close file |
| 2018-12-17T23:12:54.876773318Z | 62 | PC: 13ebc | Close file |
| 2018-12-17T23:12:54.878948363Z | 26 | PC: 13509 | Set disk transfer address |
| 2018-12-17T23:12:54.880770545Z | 79 | PC: 1350e | Find next file |
| 2018-12-17T23:12:54.884403515Z | 26 | PC: 134e5 | Set disk transfer address |
| 2018-12-17T23:12:54.886055485Z | 78 | PC: 134f1 | Find first file |
| 2018-12-17T23:12:54.894159943Z | 54 | PC: 134af | Get free disk space |
| 2018-12-17T23:12:54.898322833Z | 14 | PC: 140a0 | Set default drive (Drive = 'A') |
| 2018-12-17T23:12:54.899786759Z | 25 | PC: 140a4 | Get default drive |
| 2018-12-17T23:12:54.901245479Z | 59 | PC: 1410e | Change current directory |
| 2018-12-17T23:12:54.906731454Z | 26 | PC: 134e5 | Set disk transfer address |
| 2018-12-17T23:12:54.907986841Z | 78 | PC: 134f1 | Find first file |
| 2018-12-17T23:12:54.915126135Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:54.91845015Z | 61 | PC: 13ae6 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:54.926423617Z | 61 | PC: 13ae6 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T23:12:54.93442285Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T23:12:54.938924715Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T23:12:54.942726454Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:54.945301698Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:54.94864706Z | 26 | PC: 13509 | Set disk transfer address |
| 2018-12-17T23:12:54.950456237Z | 79 | PC: 1350e | Find next file |
| 2018-12-17T23:12:54.953866804Z | 26 | PC: 134e5 | Set disk transfer address |
| 2018-12-17T23:12:54.955974225Z | 78 | PC: 134f1 | Find first file |
| 2018-12-17T23:12:54.963234418Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:54.966292785Z | 61 | PC: 13ae6 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:54.974307147Z | 61 | PC: 13ae6 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T23:12:54.982518445Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T23:12:54.986149269Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T23:12:54.994240257Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:54.997255763Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:54.99976434Z | 26 | PC: 13509 | Set disk transfer address |
| 2018-12-17T23:12:55.001423363Z | 79 | PC: 1350e | Find next file |
| 2018-12-17T23:12:55.005883511Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:55.008056674Z | 61 | PC: 13ae6 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:55.016638558Z | 61 | PC: 13ae6 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T23:12:55.025532969Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T23:12:55.029362792Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T23:12:55.037711919Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:55.0410721Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:55.043789852Z | 26 | PC: 13509 | Set disk transfer address |
| 2018-12-17T23:12:55.045443469Z | 79 | PC: 1350e | Find next file |
| 2018-12-17T23:12:55.049097579Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:55.052628591Z | 61 | PC: 13ae6 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:55.060342118Z | 61 | PC: 13ae6 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T23:12:55.068172052Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T23:12:55.072533635Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T23:12:55.081613172Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:55.084234234Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:55.087096944Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:55.089108207Z | 61 | PC: 13e6c | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:55.097105772Z | 61 | PC: 13e6c | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T23:12:55.10614283Z | 63 | PC: 13f3f | Read file or device (Read 4980 bytes on handle 5) |
| 2018-12-17T23:12:55.114450924Z | 64 | PC: 13f3f | Write file or device (Write 4980 bytes on handle 6) |
| 2018-12-17T23:12:55.124190619Z | 62 | PC: 13ebc | Close file |
| 2018-12-17T23:12:55.369056877Z | 62 | PC: 13ebc | Close file |
| 2018-12-17T23:12:55.371450897Z | 26 | PC: 13509 | Set disk transfer address |
| 2018-12-17T23:12:55.372927924Z | 79 | PC: 1350e | Find next file |
| 2018-12-17T23:12:55.377332646Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:55.379307689Z | 61 | PC: 13ae6 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:55.387206889Z | 61 | PC: 13ae6 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T23:12:55.39546129Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T23:12:55.400192775Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T23:12:55.408601735Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:55.41119265Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:55.414930833Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:55.416942893Z | 61 | PC: 13e6c | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:55.424980219Z | 61 | PC: 13e6c | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T23:12:55.433153257Z | 63 | PC: 13f3f | Read file or device (Read 4980 bytes on handle 5) |
| 2018-12-17T23:12:55.441400323Z | 64 | PC: 13f3f | Write file or device (Write 4980 bytes on handle 6) |
| 2018-12-17T23:12:55.756921265Z | 62 | PC: 13ebc | Close file |
| 2018-12-17T23:12:55.777886441Z | 62 | PC: 13ebc | Close file |
| 2018-12-17T23:12:55.780578657Z | 26 | PC: 13509 | Set disk transfer address |
| 2018-12-17T23:12:55.783089609Z | 79 | PC: 1350e | Find next file |
| 2018-12-17T23:12:55.78757488Z | 26 | PC: 134e5 | Set disk transfer address |
| 2018-12-17T23:12:55.789137746Z | 78 | PC: 134f1 | Find first file |
| 2018-12-17T23:12:55.795710458Z | 54 | PC: 134af | Get free disk space |
| 2018-12-17T23:12:55.823254317Z | 14 | PC: 140a0 | Set default drive (Drive = 'C') |
| 2018-12-17T23:12:55.824399414Z | 25 | PC: 140a4 | Get default drive |
| 2018-12-17T23:12:55.825328875Z | 59 | PC: 1410e | Change current directory |
| 2018-12-17T23:12:55.829085483Z | 26 | PC: 134e5 | Set disk transfer address |
| 2018-12-17T23:12:55.829930777Z | 78 | PC: 134f1 | Find first file |
| 2018-12-17T23:12:55.835445102Z | 26 | PC: 134e5 | Set disk transfer address |
| 2018-12-17T23:12:55.83672754Z | 78 | PC: 134f1 | Find first file |
| 2018-12-17T23:12:55.840551428Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:55.841777136Z | 61 | PC: 13ae6 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:55.849833625Z | 61 | PC: 13ae6 | Open file (Filename = 'COMMAND.COM') |
| 2018-12-17T23:12:55.861489821Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T23:12:55.866071807Z | 63 | PC: 13bab | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T23:12:55.870570608Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:55.872108774Z | 62 | PC: 13c1c | Close file |
| 2018-12-17T23:12:55.873583248Z | 48 | PC: 13fba | Get DOS version |
| 2018-12-17T23:12:55.875922671Z | 61 | PC: 13e6c | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T23:12:55.881343093Z | 61 | PC: 13e6c | Open file (Filename = 'COMMAND.COM') |
| 2018-12-17T23:12:55.885574926Z | 63 | PC: 13f3f | Read file or device (Read 4980 bytes on handle 5) |
| 2018-12-17T23:12:55.89172728Z | 64 | PC: 13f3f | Write file or device (Write 4980 bytes on handle 6) |
| 2018-12-17T23:12:56.23312Z | 62 | PC: 13ebc | Close file |
| 2018-12-17T23:12:56.245531642Z | 62 | PC: 13ebc | Close file |
| 2018-12-17T23:12:56.249662863Z | 26 | PC: 13509 | Set disk transfer address |
| 2018-12-17T23:12:56.251411675Z | 79 | PC: 1350e | Find next file |
| 2018-12-17T23:12:56.254988076Z | 26 | PC: 134e5 | Set disk transfer address |
| 2018-12-17T23:12:56.257478103Z | 78 | PC: 134f1 | Find first file |
| 2018-12-17T23:12:56.264341324Z | 42 | PC: 13465 | Get date 0x13465: pushf 0x13466: push es 0x13467: push di 0x13468: push bp 0x13469: mov bp, sp 0x1346b: les di, ptr [bp + 0x10] 0x1346e: cld 0x1346f: stosw word ptr es:[di], ax 0x13470: mov ax, bx 0x13472: stosw word ptr es:[di], ax 0x13473: mov ax, cx 0x13475: stosw word ptr es:[di], ax 0x13476: mov ax, dx 0x13478: stosw word ptr es:[di], ax 0x13479: pop ax 0x1347a: stosw word ptr es:[di], ax 0x1347b: mov ax, si 0x1347d: stosw word ptr es:[di], ax 0x1347e: pop ax 0x1347f: stosw word ptr es:[di], ax |
| 2018-12-17T23:12:56.267422981Z | 14 | PC: 140a0 | Set default drive (Drive = 'A') |
| 2018-12-17T23:12:56.270402053Z | 25 | PC: 140a4 | Get default drive |
| 2018-12-17T23:12:56.271932703Z | 59 | PC: 1410e | Change current directory |
| 2018-12-17T23:12:56.277128007Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T23:12:56.279322112Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T23:12:56.281262199Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T23:12:56.282903862Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T23:12:56.288260728Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T23:12:56.289533708Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T23:12:56.290750165Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T23:12:56.292556709Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T23:12:56.293822116Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T23:12:56.295090902Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T23:12:56.297100675Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T23:12:56.298429975Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T23:12:56.299737053Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T23:12:56.301644374Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T23:12:56.303777641Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T23:12:56.305368145Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T23:12:56.30823011Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T23:12:56.309849468Z | 37 | PC: 13695 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T23:12:56.311187134Z | 76 | PC: 136d4 | Terminate with return code (Return code = '0') |