.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:06:59.690193326Z | 42 | PC: 12c1e | Get date 0x12c1e: ret 0x12c1f: dec bp 0x12c20: inc bp 0x12c21: dec bp 0x12c22: inc bx 0x12c24: dec di 0x12c25: dec bp 0x12c26: add byte ptr [bx + di + 0x6e], cl 0x12c29: arpl word ptr [bx + 0x72], bp 0x12c2c: jb 0x12c93 0x12c2e: arpl word ptr [si + 0x20], si 0x12c31: inc sp 0x12c32: dec di 0x12c33: push bx 0x12c34: and byte ptr [bp + 0x65], dh 0x12c37: jb 0x12cac 0x12c39: imul bp, word ptr [bx + 0x6e], 0xd0a 0x12c3e: and al, 0 0x12c40: add byte ptr [bx + si], al 0x12c42: add byte ptr [bp + si], ch |
| 2018-12-17T22:06:59.693199457Z | 78 | PC: 12c1e | Find first file |
| 2018-12-17T22:06:59.699668869Z | 67 | PC: 12c1e | Get or set file attributes |
| 2018-12-17T22:06:59.718743313Z | 61 | PC: 12c1e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:06:59.727317565Z | 63 | PC: 12c1e | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:06:59.733802406Z | 66 | PC: 12ab3 | Move file pointer |
| 2018-12-17T22:06:59.735368467Z | 66 | PC: 12c1e | Move file pointer |
| 2018-12-17T22:06:59.736397859Z | 44 | PC: 12ac6 | Get time 0x12ac6: mov byte ptr [0x3c2], dl 0x12aca: mov byte ptr [0x3c9], dl 0x12ace: mov byte ptr [0x3d1], dl 0x12ad2: mov byte ptr [0x3dc], dl 0x12ad6: mov byte ptr [0x3e1], dl 0x12ada: mov byte ptr [0x3e8], dl 0x12ade: mov byte ptr [0x3ed], dl 0x12ae2: mov byte ptr [0x3a4], dl 0x12ae6: mov byte ptr [0x3b5], dl 0x12aea: mov byte ptr [0x3bc], dl 0x12aee: mov byte ptr [0x3e5], dl 0x12af2: mov byte ptr [0x3d8], dl 0x12af6: mov byte ptr [0x3d2], dl 0x12afa: mov byte ptr [0x3ca], dl 0x12afe: mov byte ptr [0x3c3], dl 0x12b02: mov byte ptr [0x394], dl 0x12b06: mov byte ptr [0x39a], dl 0x12b0a: mov byte ptr [0x39f], dl 0x12b0e: mov byte ptr [0x3aa], dl 0x12b12: mov byte ptr [0xb0], dl |
| 2018-12-17T22:06:59.739401432Z | 64 | PC: 12cf3 | Write file or device (Write 751 bytes on handle 5) |
| 2018-12-17T22:06:59.746734613Z | 62 | PC: 12c1e | Close file |
| 2018-12-17T22:06:59.760993133Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:06:59.763922539Z | 79 | PC: 12c1e | Find next file |
| 2018-12-17T22:06:59.767398769Z | 67 | PC: 12c1e | Get or set file attributes |
| 2018-12-17T22:06:59.777731779Z | 61 | PC: 12c1e | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:06:59.785598285Z | 63 | PC: 12c1e | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:06:59.793168993Z | 66 | PC: 12ab3 | Move file pointer |
| 2018-12-17T22:06:59.795142476Z | 66 | PC: 12c1e | Move file pointer |
| 2018-12-17T22:06:59.7977068Z | 44 | PC: 12ac6 | Get time 0x12ac6: mov byte ptr [0x3c2], dl 0x12aca: mov byte ptr [0x3c9], dl 0x12ace: mov byte ptr [0x3d1], dl 0x12ad2: mov byte ptr [0x3dc], dl 0x12ad6: mov byte ptr [0x3e1], dl 0x12ada: mov byte ptr [0x3e8], dl 0x12ade: mov byte ptr [0x3ed], dl 0x12ae2: mov byte ptr [0x3a4], dl 0x12ae6: mov byte ptr [0x3b5], dl 0x12aea: mov byte ptr [0x3bc], dl 0x12aee: mov byte ptr [0x3e5], dl 0x12af2: mov byte ptr [0x3d8], dl 0x12af6: mov byte ptr [0x3d2], dl 0x12afa: mov byte ptr [0x3ca], dl 0x12afe: mov byte ptr [0x3c3], dl 0x12b02: mov byte ptr [0x394], dl 0x12b06: mov byte ptr [0x39a], dl 0x12b0a: mov byte ptr [0x39f], dl 0x12b0e: mov byte ptr [0x3aa], dl 0x12b12: mov byte ptr [0xb0], dl |
| 2018-12-17T22:06:59.800888914Z | 64 | PC: 12cf3 | Write file or device (Write 751 bytes on handle 5) |
| 2018-12-17T22:06:59.810349948Z | 62 | PC: 12c1e | Close file |
| 2018-12-17T22:06:59.820244304Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:06:59.822241325Z | 79 | PC: 12c1e | Find next file |
| 2018-12-17T22:06:59.825302065Z | 67 | PC: 12c1e | Get or set file attributes |
| 2018-12-17T22:06:59.83555618Z | 61 | PC: 12c1e | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:06:59.842688371Z | 63 | PC: 12c1e | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:06:59.849437984Z | 66 | PC: 12ab3 | Move file pointer |
| 2018-12-17T22:06:59.850766322Z | 66 | PC: 12c1e | Move file pointer |
| 2018-12-17T22:06:59.856252693Z | 44 | PC: 12ac6 | Get time 0x12ac6: mov byte ptr [0x3c2], dl 0x12aca: mov byte ptr [0x3c9], dl 0x12ace: mov byte ptr [0x3d1], dl 0x12ad2: mov byte ptr [0x3dc], dl 0x12ad6: mov byte ptr [0x3e1], dl 0x12ada: mov byte ptr [0x3e8], dl 0x12ade: mov byte ptr [0x3ed], dl 0x12ae2: mov byte ptr [0x3a4], dl 0x12ae6: mov byte ptr [0x3b5], dl 0x12aea: mov byte ptr [0x3bc], dl 0x12aee: mov byte ptr [0x3e5], dl 0x12af2: mov byte ptr [0x3d8], dl 0x12af6: mov byte ptr [0x3d2], dl 0x12afa: mov byte ptr [0x3ca], dl 0x12afe: mov byte ptr [0x3c3], dl 0x12b02: mov byte ptr [0x394], dl 0x12b06: mov byte ptr [0x39a], dl 0x12b0a: mov byte ptr [0x39f], dl 0x12b0e: mov byte ptr [0x3aa], dl 0x12b12: mov byte ptr [0xb0], dl |
| 2018-12-17T22:06:59.861785732Z | 64 | PC: 12cf3 | Write file or device (Write 751 bytes on handle 5) |
| 2018-12-17T22:06:59.871201229Z | 62 | PC: 12c1e | Close file |
| 2018-12-17T22:06:59.888298687Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:06:59.889823058Z | 79 | PC: 12c1e | Find next file |
| 2018-12-17T22:06:59.892453368Z | 67 | PC: 12c1e | Get or set file attributes |
| 2018-12-17T22:06:59.902704398Z | 61 | PC: 12c1e | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:06:59.909062884Z | 63 | PC: 12c1e | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:06:59.915383487Z | 66 | PC: 12ab3 | Move file pointer |
| 2018-12-17T22:06:59.917711324Z | 66 | PC: 12c1e | Move file pointer |
| 2018-12-17T22:06:59.919066279Z | 44 | PC: 12ac6 | Get time 0x12ac6: mov byte ptr [0x3c2], dl 0x12aca: mov byte ptr [0x3c9], dl 0x12ace: mov byte ptr [0x3d1], dl 0x12ad2: mov byte ptr [0x3dc], dl 0x12ad6: mov byte ptr [0x3e1], dl 0x12ada: mov byte ptr [0x3e8], dl 0x12ade: mov byte ptr [0x3ed], dl 0x12ae2: mov byte ptr [0x3a4], dl 0x12ae6: mov byte ptr [0x3b5], dl 0x12aea: mov byte ptr [0x3bc], dl 0x12aee: mov byte ptr [0x3e5], dl 0x12af2: mov byte ptr [0x3d8], dl 0x12af6: mov byte ptr [0x3d2], dl 0x12afa: mov byte ptr [0x3ca], dl 0x12afe: mov byte ptr [0x3c3], dl 0x12b02: mov byte ptr [0x394], dl 0x12b06: mov byte ptr [0x39a], dl 0x12b0a: mov byte ptr [0x39f], dl 0x12b0e: mov byte ptr [0x3aa], dl 0x12b12: mov byte ptr [0xb0], dl |
| 2018-12-17T22:06:59.922117144Z | 64 | PC: 12cf3 | Write file or device (Write 751 bytes on handle 5) |
| 2018-12-17T22:06:59.931110197Z | 62 | PC: 12c1e | Close file |
| 2018-12-17T22:06:59.938931456Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:06:59.940481064Z | 79 | PC: 12c1e | Find next file |
| 2018-12-17T22:06:59.944638795Z | 67 | PC: 12c1e | Get or set file attributes |
| 2018-12-17T22:06:59.954467471Z | 61 | PC: 12c1e | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:06:59.961391465Z | 63 | PC: 12c1e | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:06:59.967997651Z | 66 | PC: 12ab3 | Move file pointer |
| 2018-12-17T22:06:59.97006647Z | 66 | PC: 12c1e | Move file pointer |
| 2018-12-17T22:06:59.971739759Z | 44 | PC: 12ac6 | Get time 0x12ac6: mov byte ptr [0x3c2], dl 0x12aca: mov byte ptr [0x3c9], dl 0x12ace: mov byte ptr [0x3d1], dl 0x12ad2: mov byte ptr [0x3dc], dl 0x12ad6: mov byte ptr [0x3e1], dl 0x12ada: mov byte ptr [0x3e8], dl 0x12ade: mov byte ptr [0x3ed], dl 0x12ae2: mov byte ptr [0x3a4], dl 0x12ae6: mov byte ptr [0x3b5], dl 0x12aea: mov byte ptr [0x3bc], dl 0x12aee: mov byte ptr [0x3e5], dl 0x12af2: mov byte ptr [0x3d8], dl 0x12af6: mov byte ptr [0x3d2], dl 0x12afa: mov byte ptr [0x3ca], dl 0x12afe: mov byte ptr [0x3c3], dl 0x12b02: mov byte ptr [0x394], dl 0x12b06: mov byte ptr [0x39a], dl 0x12b0a: mov byte ptr [0x39f], dl 0x12b0e: mov byte ptr [0x3aa], dl 0x12b12: mov byte ptr [0xb0], dl |
| 2018-12-17T22:06:59.974733896Z | 64 | PC: 12cf3 | Write file or device (Write 751 bytes on handle 5) |
| 2018-12-17T22:06:59.983259424Z | 62 | PC: 12c1e | Close file |
| 2018-12-17T22:06:59.991669022Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:06:59.993399139Z | 79 | PC: 12c1e | Find next file |
| 2018-12-17T22:06:59.996643418Z | 67 | PC: 12c1e | Get or set file attributes |
| 2018-12-17T22:07:00.006239089Z | 61 | PC: 12c1e | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:07:00.012866564Z | 63 | PC: 12c1e | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:07:00.020318007Z | 66 | PC: 12ab3 | Move file pointer |
| 2018-12-17T22:07:00.021997394Z | 66 | PC: 12c1e | Move file pointer |
| 2018-12-17T22:07:00.023594486Z | 44 | PC: 12ac6 | Get time 0x12ac6: mov byte ptr [0x3c2], dl 0x12aca: mov byte ptr [0x3c9], dl 0x12ace: mov byte ptr [0x3d1], dl 0x12ad2: mov byte ptr [0x3dc], dl 0x12ad6: mov byte ptr [0x3e1], dl 0x12ada: mov byte ptr [0x3e8], dl 0x12ade: mov byte ptr [0x3ed], dl 0x12ae2: mov byte ptr [0x3a4], dl 0x12ae6: mov byte ptr [0x3b5], dl 0x12aea: mov byte ptr [0x3bc], dl 0x12aee: mov byte ptr [0x3e5], dl 0x12af2: mov byte ptr [0x3d8], dl 0x12af6: mov byte ptr [0x3d2], dl 0x12afa: mov byte ptr [0x3ca], dl 0x12afe: mov byte ptr [0x3c3], dl 0x12b02: mov byte ptr [0x394], dl 0x12b06: mov byte ptr [0x39a], dl 0x12b0a: mov byte ptr [0x39f], dl 0x12b0e: mov byte ptr [0x3aa], dl 0x12b12: mov byte ptr [0xb0], dl |
| 2018-12-17T22:07:00.027211575Z | 64 | PC: 12cf3 | Write file or device (Write 751 bytes on handle 5) |
| 2018-12-17T22:07:00.035935611Z | 62 | PC: 12c1e | Close file |
| 2018-12-17T22:07:00.043981972Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:07:00.046757558Z | 79 | PC: 12c1e | Find next file |
| 2018-12-17T22:07:00.04942018Z | 67 | PC: 12c1e | Get or set file attributes |
| 2018-12-17T22:07:00.059139817Z | 61 | PC: 12c1e | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:07:00.065947982Z | 63 | PC: 12c1e | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:07:00.072439888Z | 66 | PC: 12ab3 | Move file pointer |
| 2018-12-17T22:07:00.074092662Z | 66 | PC: 12c1e | Move file pointer |
| 2018-12-17T22:07:00.076352814Z | 44 | PC: 12ac6 | Get time 0x12ac6: mov byte ptr [0x3c2], dl 0x12aca: mov byte ptr [0x3c9], dl 0x12ace: mov byte ptr [0x3d1], dl 0x12ad2: mov byte ptr [0x3dc], dl 0x12ad6: mov byte ptr [0x3e1], dl 0x12ada: mov byte ptr [0x3e8], dl 0x12ade: mov byte ptr [0x3ed], dl 0x12ae2: mov byte ptr [0x3a4], dl 0x12ae6: mov byte ptr [0x3b5], dl 0x12aea: mov byte ptr [0x3bc], dl 0x12aee: mov byte ptr [0x3e5], dl 0x12af2: mov byte ptr [0x3d8], dl 0x12af6: mov byte ptr [0x3d2], dl 0x12afa: mov byte ptr [0x3ca], dl 0x12afe: mov byte ptr [0x3c3], dl 0x12b02: mov byte ptr [0x394], dl 0x12b06: mov byte ptr [0x39a], dl 0x12b0a: mov byte ptr [0x39f], dl 0x12b0e: mov byte ptr [0x3aa], dl 0x12b12: mov byte ptr [0xb0], dl |
| 2018-12-17T22:07:00.078828524Z | 64 | PC: 12cf3 | Write file or device (Write 751 bytes on handle 5) |
| 2018-12-17T22:07:00.086882481Z | 62 | PC: 12c1e | Close file |
| 2018-12-17T22:07:00.09540872Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:07:00.097033555Z | 79 | PC: 12c1e | Find next file |
| 2018-12-17T22:07:00.099657978Z | 78 | PC: 12b4a | Find first file |
| 2018-12-17T22:07:00.106256223Z | 67 | PC: 12c1e | Get or set file attributes |
| 2018-12-17T22:07:00.115849598Z | 61 | PC: 12c1e | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:07:00.127395433Z | 63 | PC: 12c1e | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:07:00.133990373Z | 66 | PC: 12ab3 | Move file pointer |
| 2018-12-17T22:07:00.136250634Z | 66 | PC: 12c1e | Move file pointer |
| 2018-12-17T22:07:00.137842044Z | 44 | PC: 12ac6 | Get time 0x12ac6: mov byte ptr [0x3c2], dl 0x12aca: mov byte ptr [0x3c9], dl 0x12ace: mov byte ptr [0x3d1], dl 0x12ad2: mov byte ptr [0x3dc], dl 0x12ad6: mov byte ptr [0x3e1], dl 0x12ada: mov byte ptr [0x3e8], dl 0x12ade: mov byte ptr [0x3ed], dl 0x12ae2: mov byte ptr [0x3a4], dl 0x12ae6: mov byte ptr [0x3b5], dl 0x12aea: mov byte ptr [0x3bc], dl 0x12aee: mov byte ptr [0x3e5], dl 0x12af2: mov byte ptr [0x3d8], dl 0x12af6: mov byte ptr [0x3d2], dl 0x12afa: mov byte ptr [0x3ca], dl 0x12afe: mov byte ptr [0x3c3], dl 0x12b02: mov byte ptr [0x394], dl 0x12b06: mov byte ptr [0x39a], dl 0x12b0a: mov byte ptr [0x39f], dl 0x12b0e: mov byte ptr [0x3aa], dl 0x12b12: mov byte ptr [0xb0], dl |
| 2018-12-17T22:07:00.140525696Z | 64 | PC: 12cf3 | Write file or device (Write 751 bytes on handle 5) |
| 2018-12-17T22:07:00.149715954Z | 62 | PC: 12c1e | Close file |
| 2018-12-17T22:07:00.157333011Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:07:00.158632106Z | 79 | PC: 12c1e | Find next file |
| 2018-12-17T22:07:00.161585454Z | 78 | PC: 12b4a | Find first file |
| 2018-12-17T22:07:00.167474309Z | 67 | PC: 12c1e | Get or set file attributes |
| 2018-12-17T22:07:00.177020076Z | 61 | PC: 12c1e | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:07:00.184339632Z | 63 | PC: 12c1e | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:07:00.191096135Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:07:00.193047399Z | 79 | PC: 12c1e | Find next file |
| 2018-12-17T22:07:00.196473263Z | 53 | PC: 12b55 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:07:00.197981436Z | 37 | PC: 12b65 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:07:00.199028317Z | 53 | PC: 12c1e | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:07:00.201060214Z | 37 | PC: 12c1e | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:07:00.202156447Z | 9 | PC: 12c1e | Display string (Could not find end pointer) |
| 2018-12-17T22:07:00.206067834Z | 37 | PC: 12b95 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:07:00.208020135Z | 49 | PC: 12c1e | Terminate and stay resident (Return code = '36' | Memory size = '63') |