.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:08:13.418164223Z | 26 | PC: 12ac2 | Set disk transfer address |
| 2018-12-17T22:08:13.41964707Z | 78 | PC: 12aca | Find first file |
| 2018-12-17T22:08:13.425501688Z | 47 | PC: 12ad6 | Get disk transfer address |
| 2018-12-17T22:08:13.426562315Z | 61 | PC: 12ae6 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:08:13.441456206Z | 87 | PC: 12aec | Get or set file date and time |
| 2018-12-17T22:08:13.442961277Z | 63 | PC: 12b0c | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:08:13.449014671Z | 66 | PC: 12b1e | Move file pointer |
| 2018-12-17T22:08:13.450903939Z | 64 | PC: 12b29 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:08:13.453970699Z | 66 | PC: 12b32 | Move file pointer |
| 2018-12-17T22:08:13.455240823Z | 44 | PC: 12a6b | Get time 0x12a6b: mov byte ptr [bp + 0x121], cl 0x12a6f: mov cx, 0xde 0x12a72: lea si, word ptr [bp + 0x16f] 0x12a76: lea di, word ptr [bp + 0x235] 0x12a7a: movsb byte ptr es:[di], byte ptr [si] 0x12a7b: mov al, byte ptr [bp + 0x235] 0x12a7f: xor al, byte ptr [bp + 0x121] 0x12a83: mov byte ptr [bp + 0x235], al 0x12a87: lea di, word ptr [si - 1] 0x12a8a: lea si, word ptr [bp + 0x235] 0x12a8e: movsb byte ptr es:[di], byte ptr [si] 0x12a8f: mov si, di 0x12a91: loop 0x12a76 0x12a93: ret 0x12a94: jmp 0x12aaf 0x12a97: call 0x22a67 0x12a9a: mov ah, 0x40 0x12a9c: mov cx, 0x14d 0x12a9f: lea dx, word ptr [bp + 0x100] 0x12aa3: int 0x21 |
| 2018-12-17T22:08:13.460967467Z | 64 | PC: 12aa5 | Write file or device (Write 333 bytes on handle 5) |
| 2018-12-17T22:08:13.474771479Z | 87 | PC: 12b44 | Get or set file date and time |
| 2018-12-17T22:08:13.476100821Z | 62 | PC: 12b48 | Close file |
| 2018-12-17T22:08:13.484071887Z | 79 | PC: 12aca | Find next file |
| 2018-12-17T22:08:13.48712994Z | 47 | PC: 12ad6 | Get disk transfer address |
| 2018-12-17T22:08:13.488397784Z | 61 | PC: 12ae6 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:08:13.492548548Z | 87 | PC: 12aec | Get or set file date and time |
| 2018-12-17T22:08:13.499728903Z | 63 | PC: 12b0c | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:08:13.506301381Z | 66 | PC: 12b1e | Move file pointer |
| 2018-12-17T22:08:13.50776219Z | 64 | PC: 12b29 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:08:13.510882092Z | 66 | PC: 12b32 | Move file pointer |
| 2018-12-17T22:08:13.517678214Z | 44 | PC: 12a6b | Get time 0x12a6b: mov byte ptr [bp + 0x121], cl 0x12a6f: mov cx, 0xde 0x12a72: lea si, word ptr [bp + 0x16f] 0x12a76: lea di, word ptr [bp + 0x235] 0x12a7a: movsb byte ptr es:[di], byte ptr [si] 0x12a7b: mov al, byte ptr [bp + 0x235] 0x12a7f: xor al, byte ptr [bp + 0x121] 0x12a83: mov byte ptr [bp + 0x235], al 0x12a87: lea di, word ptr [si - 1] 0x12a8a: lea si, word ptr [bp + 0x235] 0x12a8e: movsb byte ptr es:[di], byte ptr [si] 0x12a8f: mov si, di 0x12a91: loop 0x12a76 0x12a93: ret 0x12a94: jmp 0x12aaf 0x12a97: call 0x22a67 0x12a9a: mov ah, 0x40 0x12a9c: mov cx, 0x14d 0x12a9f: lea dx, word ptr [bp + 0x100] 0x12aa3: int 0x21 |
| 2018-12-17T22:08:13.520126569Z | 64 | PC: 12aa5 | Write file or device (Write 333 bytes on handle 5) |
| 2018-12-17T22:08:13.523488919Z | 87 | PC: 12b44 | Get or set file date and time |
| 2018-12-17T22:08:13.525047967Z | 62 | PC: 12b48 | Close file |
| 2018-12-17T22:08:13.532404989Z | 79 | PC: 12aca | Find next file |
| 2018-12-17T22:08:13.535867486Z | 47 | PC: 12ad6 | Get disk transfer address |
| 2018-12-17T22:08:13.536965709Z | 61 | PC: 12ae6 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:08:13.543099272Z | 87 | PC: 12aec | Get or set file date and time |
| 2018-12-17T22:08:13.544823812Z | 63 | PC: 12b0c | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:08:13.551143579Z | 66 | PC: 12b1e | Move file pointer |
| 2018-12-17T22:08:13.552779035Z | 64 | PC: 12b29 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:08:13.56543834Z | 66 | PC: 12b32 | Move file pointer |
| 2018-12-17T22:08:13.566555126Z | 44 | PC: 12a6b | Get time 0x12a6b: mov byte ptr [bp + 0x121], cl 0x12a6f: mov cx, 0xde 0x12a72: lea si, word ptr [bp + 0x16f] 0x12a76: lea di, word ptr [bp + 0x235] 0x12a7a: movsb byte ptr es:[di], byte ptr [si] 0x12a7b: mov al, byte ptr [bp + 0x235] 0x12a7f: xor al, byte ptr [bp + 0x121] 0x12a83: mov byte ptr [bp + 0x235], al 0x12a87: lea di, word ptr [si - 1] 0x12a8a: lea si, word ptr [bp + 0x235] 0x12a8e: movsb byte ptr es:[di], byte ptr [si] 0x12a8f: mov si, di 0x12a91: loop 0x12a76 0x12a93: ret 0x12a94: jmp 0x12aaf 0x12a97: call 0x22a67 0x12a9a: mov ah, 0x40 0x12a9c: mov cx, 0x14d 0x12a9f: lea dx, word ptr [bp + 0x100] 0x12aa3: int 0x21 |
| 2018-12-17T22:08:13.568159789Z | 64 | PC: 12aa5 | Write file or device (Write 333 bytes on handle 5) |
| 2018-12-17T22:08:13.570535668Z | 87 | PC: 12b44 | Get or set file date and time |
| 2018-12-17T22:08:13.571642181Z | 62 | PC: 12b48 | Close file |
| 2018-12-17T22:08:13.576335006Z | 26 | PC: 12b5c | Set disk transfer address |