.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:05:57.605685916Z | 26 | PC: 12d95 | Set disk transfer address |
| 2018-12-17T22:05:57.607567929Z | 53 | PC: 12ac4 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:05:57.609145753Z | 37 | PC: 12ada | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:05:57.610377714Z | 71 | PC: 12aea | Get current directory |
| 2018-12-17T22:05:57.619718099Z | 78 | PC: 12b84 | Find first file |
| 2018-12-17T22:05:57.625656847Z | 78 | PC: 12b84 | Find first file |
| 2018-12-17T22:05:57.636239902Z | 61 | PC: 12da0 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:05:57.648637733Z | 63 | PC: 12ba7 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:05:57.655991429Z | 62 | PC: 12bab | Close file |
| 2018-12-17T22:05:57.658523385Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:57.67498891Z | 61 | PC: 12da0 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:05:57.681494719Z | 64 | PC: 12cb8 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:05:57.684119018Z | 66 | PC: 12d8e | Move file pointer |
| 2018-12-17T22:05:57.685667704Z | 44 | PC: 12cc9 | Get time 0x12cc9: cmp dh, 0
0x12ccc: xchg ax, dx
0x12ccd: xchg ax, dx
0x12cce: je 0x12cc3
0x12cd0: mov byte ptr cs:[bp + 0x50c], dh
0x12cd5: xchg ax, dx
0x12cd6: xchg ax, dx
0x12cd7: call 0x12e08
0x12cda: xchg ax, dx
0x12cdb: xchg ax, dx
0x12cdc: inc byte ptr cs:[bp + 0x50d]
0x12ce1: mov ax, 0x5701
0x12ce4: xchg ax, dx
0x12ce5: xchg ax, dx
0x12ce6: mov cx, word ptr cs:[bp + 0x580]
0x12ceb: mov dx, word ptr cs:[bp + 0x582]
0x12cf0: xchg ax, dx
0x12cf1: xchg ax, dx
0x12cf2: int 0x21
0x12cf4: mov ah, 0x3e
|
| 2018-12-17T22:05:57.688702487Z | 64 | PC: 12e61 | Write file or device (Write 1017 bytes on handle 5) |
| 2018-12-17T22:05:57.697809916Z | 87 | PC: 12cf4 | Get or set file date and time |
| 2018-12-17T22:05:57.699242537Z | 62 | PC: 12cfa | Close file |
| 2018-12-17T22:05:57.707245371Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:57.716816354Z | 79 | PC: 12b84 | Find next file |
| 2018-12-17T22:05:57.719287233Z | 61 | PC: 12da0 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:05:57.731485102Z | 63 | PC: 12ba7 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:05:57.737728599Z | 62 | PC: 12bab | Close file |
| 2018-12-17T22:05:57.739844566Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:57.754047528Z | 61 | PC: 12da0 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:05:57.760475468Z | 64 | PC: 12cb8 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:05:57.763258503Z | 66 | PC: 12d8e | Move file pointer |
| 2018-12-17T22:05:57.76511501Z | 44 | PC: 12cc9 | Get time 0x12cc9: cmp dh, 0
0x12ccc: xchg ax, dx
0x12ccd: xchg ax, dx
0x12cce: je 0x12cc3
0x12cd0: mov byte ptr cs:[bp + 0x50c], dh
0x12cd5: xchg ax, dx
0x12cd6: xchg ax, dx
0x12cd7: call 0x12e08
0x12cda: xchg ax, dx
0x12cdb: xchg ax, dx
0x12cdc: inc byte ptr cs:[bp + 0x50d]
0x12ce1: mov ax, 0x5701
0x12ce4: xchg ax, dx
0x12ce5: xchg ax, dx
0x12ce6: mov cx, word ptr cs:[bp + 0x580]
0x12ceb: mov dx, word ptr cs:[bp + 0x582]
0x12cf0: xchg ax, dx
0x12cf1: xchg ax, dx
0x12cf2: int 0x21
0x12cf4: mov ah, 0x3e
|
| 2018-12-17T22:05:57.767539776Z | 64 | PC: 12e61 | Write file or device (Write 1017 bytes on handle 5) |
| 2018-12-17T22:05:57.777229804Z | 87 | PC: 12cf4 | Get or set file date and time |
| 2018-12-17T22:05:57.779669734Z | 62 | PC: 12cfa | Close file |
| 2018-12-17T22:05:57.787978862Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:57.798171414Z | 79 | PC: 12b84 | Find next file |
| 2018-12-17T22:05:57.805431367Z | 61 | PC: 12da0 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:05:57.812216792Z | 63 | PC: 12ba7 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:05:57.819018614Z | 62 | PC: 12bab | Close file |
| 2018-12-17T22:05:57.822246326Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:57.832247678Z | 61 | PC: 12da0 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:05:57.839273996Z | 64 | PC: 12cb8 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:05:57.842859053Z | 66 | PC: 12d8e | Move file pointer |
| 2018-12-17T22:05:57.844321028Z | 44 | PC: 12cc9 | Get time 0x12cc9: cmp dh, 0
0x12ccc: xchg ax, dx
0x12ccd: xchg ax, dx
0x12cce: je 0x12cc3
0x12cd0: mov byte ptr cs:[bp + 0x50c], dh
0x12cd5: xchg ax, dx
0x12cd6: xchg ax, dx
0x12cd7: call 0x12e08
0x12cda: xchg ax, dx
0x12cdb: xchg ax, dx
0x12cdc: inc byte ptr cs:[bp + 0x50d]
0x12ce1: mov ax, 0x5701
0x12ce4: xchg ax, dx
0x12ce5: xchg ax, dx
0x12ce6: mov cx, word ptr cs:[bp + 0x580]
0x12ceb: mov dx, word ptr cs:[bp + 0x582]
0x12cf0: xchg ax, dx
0x12cf1: xchg ax, dx
0x12cf2: int 0x21
0x12cf4: mov ah, 0x3e
|
| 2018-12-17T22:05:57.846878489Z | 64 | PC: 12e61 | Write file or device (Write 1017 bytes on handle 5) |
| 2018-12-17T22:05:57.857037229Z | 87 | PC: 12cf4 | Get or set file date and time |
| 2018-12-17T22:05:57.858556612Z | 62 | PC: 12cfa | Close file |
| 2018-12-17T22:05:57.866587445Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:57.876388301Z | 79 | PC: 12b84 | Find next file |
| 2018-12-17T22:05:57.879318335Z | 61 | PC: 12da0 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:05:57.886173488Z | 63 | PC: 12ba7 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:05:57.893130908Z | 62 | PC: 12bab | Close file |
| 2018-12-17T22:05:57.894984383Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:57.904947206Z | 61 | PC: 12da0 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:05:57.911656548Z | 64 | PC: 12cb8 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:05:57.915006887Z | 66 | PC: 12d8e | Move file pointer |
| 2018-12-17T22:05:57.916340375Z | 44 | PC: 12cc9 | Get time 0x12cc9: cmp dh, 0
0x12ccc: xchg ax, dx
0x12ccd: xchg ax, dx
0x12cce: je 0x12cc3
0x12cd0: mov byte ptr cs:[bp + 0x50c], dh
0x12cd5: xchg ax, dx
0x12cd6: xchg ax, dx
0x12cd7: call 0x12e08
0x12cda: xchg ax, dx
0x12cdb: xchg ax, dx
0x12cdc: inc byte ptr cs:[bp + 0x50d]
0x12ce1: mov ax, 0x5701
0x12ce4: xchg ax, dx
0x12ce5: xchg ax, dx
0x12ce6: mov cx, word ptr cs:[bp + 0x580]
0x12ceb: mov dx, word ptr cs:[bp + 0x582]
0x12cf0: xchg ax, dx
0x12cf1: xchg ax, dx
0x12cf2: int 0x21
0x12cf4: mov ah, 0x3e
|
| 2018-12-17T22:05:57.919144295Z | 64 | PC: 12e61 | Write file or device (Write 1017 bytes on handle 5) |
| 2018-12-17T22:05:57.929247033Z | 87 | PC: 12cf4 | Get or set file date and time |
| 2018-12-17T22:05:57.931122846Z | 62 | PC: 12cfa | Close file |
| 2018-12-17T22:05:57.940188393Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:57.950658891Z | 79 | PC: 12b84 | Find next file |
| 2018-12-17T22:05:57.953423092Z | 61 | PC: 12da0 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:05:57.960193193Z | 63 | PC: 12ba7 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:05:57.969013474Z | 62 | PC: 12bab | Close file |
| 2018-12-17T22:05:57.971403004Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:57.976308496Z | 61 | PC: 12da0 | Open file (Filename = 'PRINTA~1.COM��') |
| 2018-12-17T22:05:57.982270122Z | 64 | PC: 12cb8 | Write file or device (Write 5 bytes on handle 2) |
| 2018-12-17T22:05:57.985243441Z | 66 | PC: 12d8e | Move file pointer |
| 2018-12-17T22:05:57.987136799Z | 44 | PC: 12cc9 | Get time 0x12cc9: cmp dh, 0
0x12ccc: xchg ax, dx
0x12ccd: xchg ax, dx
0x12cce: je 0x12cc3
0x12cd0: mov byte ptr cs:[bp + 0x50c], dh
0x12cd5: xchg ax, dx
0x12cd6: xchg ax, dx
0x12cd7: call 0x12e08
0x12cda: xchg ax, dx
0x12cdb: xchg ax, dx
0x12cdc: inc byte ptr cs:[bp + 0x50d]
0x12ce1: mov ax, 0x5701
0x12ce4: xchg ax, dx
0x12ce5: xchg ax, dx
0x12ce6: mov cx, word ptr cs:[bp + 0x580]
0x12ceb: mov dx, word ptr cs:[bp + 0x582]
0x12cf0: xchg ax, dx
0x12cf1: xchg ax, dx
0x12cf2: int 0x21
0x12cf4: mov ah, 0x3e
|
| 2018-12-17T22:05:57.9901522Z | 64 | PC: 12e61 | Write file or device (Write 1017 bytes on handle 2) |
| 2018-12-17T22:05:58.000801839Z | 87 | PC: 12cf4 | Get or set file date and time |
| 2018-12-17T22:05:58.002574398Z | 62 | PC: 12cfa | Close file |
| 2018-12-17T22:05:58.005534821Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:58.013998243Z | 79 | PC: 12b84 | Find next file |
| 2018-12-17T22:05:58.016932596Z | 61 | PC: 12da0 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:05:58.023594558Z | 63 | PC: 12ba7 | Read file or device (Read 26 bytes on handle 2) |
| 2018-12-17T22:05:58.029794898Z | 62 | PC: 12bab | Close file |
| 2018-12-17T22:05:58.031482197Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:58.04142089Z | 61 | PC: 12da0 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:05:58.047692006Z | 64 | PC: 12cb8 | Write file or device (Write 5 bytes on handle 2) |
| 2018-12-17T22:05:58.050253061Z | 66 | PC: 12d8e | Move file pointer |
| 2018-12-17T22:05:58.051936924Z | 44 | PC: 12cc9 | Get time 0x12cc9: cmp dh, 0
0x12ccc: xchg ax, dx
0x12ccd: xchg ax, dx
0x12cce: je 0x12cc3
0x12cd0: mov byte ptr cs:[bp + 0x50c], dh
0x12cd5: xchg ax, dx
0x12cd6: xchg ax, dx
0x12cd7: call 0x12e08
0x12cda: xchg ax, dx
0x12cdb: xchg ax, dx
0x12cdc: inc byte ptr cs:[bp + 0x50d]
0x12ce1: mov ax, 0x5701
0x12ce4: xchg ax, dx
0x12ce5: xchg ax, dx
0x12ce6: mov cx, word ptr cs:[bp + 0x580]
0x12ceb: mov dx, word ptr cs:[bp + 0x582]
0x12cf0: xchg ax, dx
0x12cf1: xchg ax, dx
0x12cf2: int 0x21
0x12cf4: mov ah, 0x3e
|
| 2018-12-17T22:05:58.055124791Z | 64 | PC: 12e61 | Write file or device (Write 1017 bytes on handle 2) |
| 2018-12-17T22:05:58.064452233Z | 87 | PC: 12cf4 | Get or set file date and time |
| 2018-12-17T22:05:58.066512008Z | 62 | PC: 12cfa | Close file |
| 2018-12-17T22:05:58.073843379Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:58.083201859Z | 79 | PC: 12b84 | Find next file |
| 2018-12-17T22:05:58.086120626Z | 61 | PC: 12da0 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:05:58.092571201Z | 63 | PC: 12ba7 | Read file or device (Read 26 bytes on handle 2) |
| 2018-12-17T22:05:58.098595064Z | 62 | PC: 12bab | Close file |
| 2018-12-17T22:05:58.100684463Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:58.110321441Z | 61 | PC: 12da0 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:05:58.121257137Z | 64 | PC: 12cb8 | Write file or device (Write 5 bytes on handle 2) |
| 2018-12-17T22:05:58.128660829Z | 66 | PC: 12d8e | Move file pointer |
| 2018-12-17T22:05:58.129995411Z | 44 | PC: 12cc9 | Get time 0x12cc9: cmp dh, 0
0x12ccc: xchg ax, dx
0x12ccd: xchg ax, dx
0x12cce: je 0x12cc3
0x12cd0: mov byte ptr cs:[bp + 0x50c], dh
0x12cd5: xchg ax, dx
0x12cd6: xchg ax, dx
0x12cd7: call 0x12e08
0x12cda: xchg ax, dx
0x12cdb: xchg ax, dx
0x12cdc: inc byte ptr cs:[bp + 0x50d]
0x12ce1: mov ax, 0x5701
0x12ce4: xchg ax, dx
0x12ce5: xchg ax, dx
0x12ce6: mov cx, word ptr cs:[bp + 0x580]
0x12ceb: mov dx, word ptr cs:[bp + 0x582]
0x12cf0: xchg ax, dx
0x12cf1: xchg ax, dx
0x12cf2: int 0x21
0x12cf4: mov ah, 0x3e
|
| 2018-12-17T22:05:58.132494072Z | 64 | PC: 12e61 | Write file or device (Write 1017 bytes on handle 2) |
| 2018-12-17T22:05:58.141340888Z | 87 | PC: 12cf4 | Get or set file date and time |
| 2018-12-17T22:05:58.142856284Z | 62 | PC: 12cfa | Close file |
| 2018-12-17T22:05:58.1500529Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:58.160338889Z | 79 | PC: 12b84 | Find next file |
| 2018-12-17T22:05:58.162728962Z | 61 | PC: 12da0 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:05:58.168791239Z | 63 | PC: 12ba7 | Read file or device (Read 26 bytes on handle 2) |
| 2018-12-17T22:05:58.175617531Z | 62 | PC: 12bab | Close file |
| 2018-12-17T22:05:58.177314616Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:58.187557914Z | 61 | PC: 12da0 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:05:58.194339041Z | 64 | PC: 12cb8 | Write file or device (Write 5 bytes on handle 2) |
| 2018-12-17T22:05:58.196851694Z | 66 | PC: 12d8e | Move file pointer |
| 2018-12-17T22:05:58.198076649Z | 44 | PC: 12cc9 | Get time 0x12cc9: cmp dh, 0
0x12ccc: xchg ax, dx
0x12ccd: xchg ax, dx
0x12cce: je 0x12cc3
0x12cd0: mov byte ptr cs:[bp + 0x50c], dh
0x12cd5: xchg ax, dx
0x12cd6: xchg ax, dx
0x12cd7: call 0x12e08
0x12cda: xchg ax, dx
0x12cdb: xchg ax, dx
0x12cdc: inc byte ptr cs:[bp + 0x50d]
0x12ce1: mov ax, 0x5701
0x12ce4: xchg ax, dx
0x12ce5: xchg ax, dx
0x12ce6: mov cx, word ptr cs:[bp + 0x580]
0x12ceb: mov dx, word ptr cs:[bp + 0x582]
0x12cf0: xchg ax, dx
0x12cf1: xchg ax, dx
0x12cf2: int 0x21
0x12cf4: mov ah, 0x3e
|
| 2018-12-17T22:05:58.201355382Z | 64 | PC: 12e61 | Write file or device (Write 1017 bytes on handle 2) |
| 2018-12-17T22:05:58.210535305Z | 87 | PC: 12cf4 | Get or set file date and time |
| 2018-12-17T22:05:58.211909769Z | 62 | PC: 12cfa | Close file |
| 2018-12-17T22:05:58.220450504Z | 67 | PC: 12db1 | Get or set file attributes |
| 2018-12-17T22:05:58.230045458Z | 79 | PC: 12b84 | Find next file |
| 2018-12-17T22:05:58.232248647Z | 59 | PC: 12b0a | Change current directory |
| 2018-12-17T22:05:58.236427868Z | 42 | PC: 12d0d | Get date 0x12d0d: xchg ax, dx
0x12d0e: xchg ax, dx
0x12d0f: cmp cx, 0x7cb
0x12d13: jb 0x12d81
0x12d15: cmp dh, 6
0x12d18: jb 0x12d81
0x12d1a: cmp dl, 5
0x12d1d: jb 0x12d81
0x12d1f: cmp al, 2
0x12d21: jb 0x12d81
0x12d23: xchg ax, dx
0x12d24: xchg ax, dx
0x12d25: mov ah, 0x2c
0x12d27: int 0x21
0x12d29: xchg ax, dx
0x12d2a: xchg ax, dx
0x12d2b: cmp ch, 9
0x12d2e: jb 0x12d81
0x12d30: cmp cl, 1
0x12d33: jb 0x12d81
|
| 2018-12-17T22:05:58.238726359Z | 37 | PC: 12b1d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:05:58.239977553Z | 59 | PC: 12b2b | Change current directory |
| 2018-12-17T22:05:58.24201759Z | 26 | PC: 12d95 | Set disk transfer address |
