.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:08:49.662813717Z | 44 | PC: 13285 | Get time 0x13285: ret 0x13286: mov ah, 0x2a 0x13288: int 0x21 0x1328a: ret 0x1328b: mov ah, 0x57 0x1328d: mov al, 0 0x1328f: mov bx, word ptr cs:[0x116] 0x13294: int 0x21 0x13296: mov word ptr cs:[0x7dd], dx 0x1329b: mov word ptr cs:[0x7df], cx 0x132a0: ret 0x132a1: mov ah, 0x57 0x132a3: mov al, 1 0x132a5: mov bx, word ptr cs:[0x116] 0x132aa: mov dx, word ptr cs:[0x7dd] 0x132af: mov cx, word ptr cs:[0x7df] 0x132b4: int 0x21 0x132b6: ret 0x132b7: push ds 0x132b8: mov ah, 0x47 |
| 2018-12-17T22:08:49.666035062Z | 47 | PC: 1335a | Get disk transfer address |
| 2018-12-17T22:08:49.66729806Z | 26 | PC: 13034 | Set disk transfer address |
| 2018-12-17T22:08:49.668562166Z | 71 | PC: 132c1 | Get current directory |
| 2018-12-17T22:08:49.672900062Z | 59 | PC: 1332c | Change current directory |
| 2018-12-17T22:08:49.67678415Z | 78 | PC: 132ce | Find first file |
| 2018-12-17T22:08:49.682767164Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.686478459Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.690735292Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.693500756Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.696563199Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.699243195Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.701735293Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.704233373Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.707702806Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.710263072Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.712686943Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.716684038Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.71930461Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.721736719Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.728972012Z | 79 | PC: 132f4 | Find next file |
| 2018-12-17T22:08:49.730615748Z | 78 | PC: 13222 | Find first file |
| 2018-12-17T22:08:49.734518683Z | 61 | PC: 13047 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:08:49.752065917Z | 66 | PC: 1311a | Move file pointer |
| 2018-12-17T22:08:49.753724248Z | 63 | PC: 13129 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T22:08:49.765751173Z | 66 | PC: 13266 | Move file pointer |
| 2018-12-17T22:08:49.769920821Z | 63 | PC: 13275 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T22:08:49.778875348Z | 62 | PC: 13096 | Close file |
| 2018-12-17T22:08:49.78089775Z | 59 | PC: 1332c | Change current directory |
| 2018-12-17T22:08:49.785396757Z | 59 | PC: 13316 | Change current directory |
| 2018-12-17T22:08:49.788205314Z | 26 | PC: 13375 | Set disk transfer address |
| 2018-12-17T22:08:49.789689459Z | 42 | PC: 1328a | Get date 0x1328a: ret 0x1328b: mov ah, 0x57 0x1328d: mov al, 0 0x1328f: mov bx, word ptr cs:[0x116] 0x13294: int 0x21 0x13296: mov word ptr cs:[0x7dd], dx 0x1329b: mov word ptr cs:[0x7df], cx 0x132a0: ret 0x132a1: mov ah, 0x57 0x132a3: mov al, 1 0x132a5: mov bx, word ptr cs:[0x116] 0x132aa: mov dx, word ptr cs:[0x7dd] 0x132af: mov cx, word ptr cs:[0x7df] 0x132b4: int 0x21 0x132b6: ret 0x132b7: push ds 0x132b8: mov ah, 0x47 0x132ba: mov si, 0x77d 0x132bd: mov dl, 0 0x132bf: int 0x21 |
| 2018-12-17T22:08:49.792264144Z | 9 | PC: 12c22 | Display string (Could not find end pointer) |
| 2018-12-17T22:08:49.798763809Z | 76 | PC: 12c28 | Terminate with return code (Return code = '0') |