.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:13:38.968696891Z | 75 | PC: 12e0a | Execute program |
| 2018-12-17T22:13:38.971296972Z | 42 | PC: 12d3e | Get date 0x12d3e: mov byte ptr [0x14d], dl
0x12d42: mov word ptr [0x14b], ds
0x12d46: mov ax, 0x11f
0x12d49: mov word ptr [0x152], ax
0x12d4c: call 0x22afc
0x12d4f: mov ax, 0x3521
0x12d52: int 0x21
0x12d54: mov word ptr [0x13f], bx
0x12d58: mov word ptr [0x141], es
0x12d5c: mov ax, 0x3515
0x12d5f: int 0x21
0x12d61: mov word ptr [0x143], bx
0x12d65: mov word ptr [0x145], es
0x12d69: pop es
0x12d6a: pop bx
0x12d6b: mov ax, 0x2521
0x12d6e: mov dx, 0x3a3
0x12d71: int 0x21
0x12d73: cmp byte ptr [0x14d], 0x1c
0x12d78: jne 0x12d82
|
| 2018-12-17T22:13:38.973453144Z | 61 | PC: 12b45 | Open file (Filename = 'C:\DOS\KEYB.COM') |
| 2018-12-17T22:13:38.983080578Z | 87 | PC: 12b55 | Get or set file date and time |
| 2018-12-17T22:13:39.364713805Z | 26 | PC: 12bad | Set disk transfer address |
| 2018-12-17T22:13:39.366736547Z | 78 | PC: 12bb8 | Find first file |
| 2018-12-17T22:13:39.376227719Z | 60 | PC: 12be0 | Create or truncate file |
| 2018-12-17T22:13:39.386575472Z | 64 | PC: 12c1b | Write file or device (Write 974 bytes on handle 6) |
| 2018-12-17T22:13:39.39570853Z | 63 | PC: 12c30 | Read file or device (Read 30720 bytes on handle 5) |
| 2018-12-17T22:13:39.404871349Z | 64 | PC: 12c77 | Write file or device (Write 15750 bytes on handle 6) |
| 2018-12-17T22:13:39.418853691Z | 63 | PC: 12c30 | Read file or device (Read 30720 bytes on handle 5) |
| 2018-12-17T22:13:39.421661527Z | 87 | PC: 12c9c | Get or set file date and time |
| 2018-12-17T22:13:39.423186146Z | 62 | PC: 12ad9 | Close file |
| 2018-12-17T22:13:39.430209569Z | 62 | PC: 12ae2 | Close file |
| 2018-12-17T22:13:39.432307587Z | 65 | PC: 12cae | Delete file (Filename = '�S�') |
| 2018-12-17T22:13:39.443174039Z | 86 | PC: 12cc5 | Rename file |
| 2018-12-17T22:13:39.45585438Z | 53 | PC: 12d54 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:13:39.457979597Z | 53 | PC: 12d61 | Get interrupt vector (Interrupt = '21' AKA 'Sequential write') |
| 2018-12-17T22:13:39.459353474Z | 37 | PC: 12d73 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:13:39.460926541Z | 74 | PC: 12d8f | Reallocate memory |
| 2018-12-17T22:13:39.464012531Z | 61 | PC: 12b45 | Open file (Filename = 'A:\TEST.COM') |
| 2018-12-17T22:13:39.471006541Z | 87 | PC: 12b55 | Get or set file date and time |
| 2018-12-17T22:13:39.483847648Z | 26 | PC: 12bad | Set disk transfer address |
| 2018-12-17T22:13:39.486600075Z | 78 | PC: 12bb8 | Find first file |
| 2018-12-17T22:13:39.492563521Z | 60 | PC: 12be0 | Create or truncate file |
| 2018-12-17T22:13:39.503205435Z | 64 | PC: 12c1b | Write file or device (Write 974 bytes on handle 6) |
| 2018-12-17T22:13:39.511590123Z | 63 | PC: 12c30 | Read file or device (Read 30720 bytes on handle 5) |
| 2018-12-17T22:13:39.518443733Z | 64 | PC: 12c77 | Write file or device (Write 1247 bytes on handle 6) |
| 2018-12-17T22:13:39.526424581Z | 63 | PC: 12c30 | Read file or device (Read 30720 bytes on handle 5) |
| 2018-12-17T22:13:39.52846227Z | 87 | PC: 12c9c | Get or set file date and time |
| 2018-12-17T22:13:39.530204994Z | 62 | PC: 12ad9 | Close file |
| 2018-12-17T22:13:39.537416549Z | 62 | PC: 12ae2 | Close file |
| 2018-12-17T22:13:39.539311879Z | 65 | PC: 12cae | Delete file (Filename = '���') |
| 2018-12-17T22:13:39.5514721Z | 86 | PC: 12cc5 | Rename file |
| 2018-12-17T22:13:39.562565283Z | 75 | PC: 12dc3 | Execute program |
| 2018-12-17T22:13:39.581490747Z | 76 | PC: 12f8b | Terminate with return code (Return code = '1') |
| 2018-12-17T22:13:39.585257639Z | 73 | PC: 12ddc | Release memory |
