.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:13:46.856983729Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:13:46.858920192Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:13:46.860428144Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:13:46.861755273Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:13:46.864006562Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:13:46.865592694Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:13:46.867163511Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:13:46.869389802Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:13:46.871010924Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:13:46.872605055Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:13:46.881629541Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:13:46.882875943Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:13:46.884307757Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:13:46.890752123Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:13:46.892249355Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:13:46.893876976Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:13:46.898375583Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:13:46.899563522Z | 53 | PC: 14376 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:13:46.900786793Z | 37 | PC: 1438b | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:13:46.915644402Z | 37 | PC: 14393 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:13:46.917307055Z | 37 | PC: 1439b | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:13:46.918811307Z | 37 | PC: 143a3 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:13:46.920268186Z | 68 | PC: 14dab | I/O control for devices (Set for = '') |
| 2018-12-17T22:13:47.02859408Z | 37 | PC: 13a77 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:13:47.030446562Z | 48 | PC: 153ae | Get DOS version |
| 2018-12-17T22:13:47.03264526Z | 61 | PC: 1516e | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:13:47.040362881Z | 87 | PC: 140c2 | Get or set file date and time |
| 2018-12-17T22:13:47.042601376Z | 60 | PC: 1516e | Create or truncate file |
| 2018-12-17T22:13:47.062075185Z | 66 | PC: 152a0 | Move file pointer |
| 2018-12-17T22:13:47.065419921Z | 63 | PC: 15241 | Read file or device (Read 8192 bytes on handle 5) |
| 2018-12-17T22:13:47.07405167Z | 64 | PC: 15241 | Write file or device (Write 5120 bytes on handle 6) |
| 2018-12-17T22:13:47.082532947Z | 66 | PC: 1530a | Move file pointer |
| 2018-12-17T22:13:47.085280339Z | 66 | PC: 15318 | Move file pointer |
| 2018-12-17T22:13:47.086977877Z | 66 | PC: 15326 | Move file pointer |
| 2018-12-17T22:13:47.088671871Z | 62 | PC: 151be | Close file |
| 2018-12-17T22:13:47.092140168Z | 87 | PC: 140ef | Get or set file date and time |
| 2018-12-17T22:13:47.095464038Z | 62 | PC: 151be | Close file |
| 2018-12-17T22:13:47.103612821Z | 67 | PC: 14081 | Get or set file attributes |
| 2018-12-17T22:13:47.11018829Z | 61 | PC: 1516e | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:13:47.11700985Z | 87 | PC: 140c2 | Get or set file date and time |
| 2018-12-17T22:13:47.118502055Z | 63 | PC: 15241 | Read file or device (Read 8001 bytes on handle 5) |
| 2018-12-17T22:13:47.127717108Z | 42 | PC: 14007 | Get date 0x14007: xor ah, ah 0x14009: les di, ptr [bp + 6] 0x1400c: stosw word ptr es:[di], ax 0x1400d: mov al, dl 0x1400f: les di, ptr [bp + 0xa] 0x14012: stosw word ptr es:[di], ax 0x14013: mov al, dh 0x14015: les di, ptr [bp + 0xe] 0x14018: stosw word ptr es:[di], ax 0x14019: xchg ax, cx 0x1401a: les di, ptr [bp + 0x12] 0x1401d: stosw word ptr es:[di], ax 0x1401e: pop bp 0x1401f: retf 0x10 0x14022: push bp 0x14023: mov bp, sp 0x14025: mov cx, word ptr [bp + 0xa] 0x14028: mov dh, byte ptr [bp + 8] 0x1402b: mov dl, byte ptr [bp + 6] 0x1402e: mov ah, 0x2b |
| 2018-12-17T22:13:47.130654416Z | 66 | PC: 152a0 | Move file pointer |
| 2018-12-17T22:13:47.132653139Z | 64 | PC: 15241 | Write file or device (Write 1 bytes on handle 5) |
| 2018-12-17T22:13:47.136528275Z | 87 | PC: 140ef | Get or set file date and time |
| 2018-12-17T22:13:47.138661598Z | 62 | PC: 151be | Close file |
| 2018-12-17T22:13:47.146751162Z | 67 | PC: 140a8 | Get or set file attributes |
| 2018-12-17T22:13:47.158355701Z | 26 | PC: 1411f | Set disk transfer address |
| 2018-12-17T22:13:47.159960829Z | 78 | PC: 1412b | Find first file |
| 2018-12-17T22:13:47.170281108Z | 61 | PC: 1516e | Open file (Filename = 'C:\DOS\ATTRIB.EXE') |
| 2018-12-17T22:13:47.179125503Z | 63 | PC: 15241 | Read file or device (Read 27 bytes on handle 5) |
| 2018-12-17T22:13:47.185373772Z | 62 | PC: 151be | Close file |
| 2018-12-17T22:13:47.188021323Z | 60 | PC: 1516e | Create or truncate file |
| 2018-12-17T22:13:47.534916205Z | 67 | PC: 14081 | Get or set file attributes |
| 2018-12-17T22:13:47.54178544Z | 61 | PC: 1516e | Open file (Filename = 'C:\DOS\ATTRIB.EXE') |
| 2018-12-17T22:13:47.548877955Z | 87 | PC: 140c2 | Get or set file date and time |
| 2018-12-17T22:13:47.550937654Z | 64 | PC: 15241 | Write file or device (Write 8001 bytes on handle 5) |
| 2018-12-17T22:13:47.562813153Z | 63 | PC: 15241 | Read file or device (Read 8192 bytes on handle 6) |
| 2018-12-17T22:13:47.570354046Z | 64 | PC: 15241 | Write file or device (Write 8192 bytes on handle 5) |
| 2018-12-17T22:13:47.579880704Z | 66 | PC: 1530a | Move file pointer |
| 2018-12-17T22:13:47.582352335Z | 66 | PC: 15318 | Move file pointer |
| 2018-12-17T22:13:47.583923826Z | 66 | PC: 15326 | Move file pointer |
| 2018-12-17T22:13:47.585901188Z | 63 | PC: 15241 | Read file or device (Read 8192 bytes on handle 6) |
| 2018-12-17T22:13:47.592142122Z | 64 | PC: 15241 | Write file or device (Write 3016 bytes on handle 5) |
| 2018-12-17T22:13:47.597915796Z | 66 | PC: 1530a | Move file pointer |
| 2018-12-17T22:13:47.599085147Z | 66 | PC: 15318 | Move file pointer |
| 2018-12-17T22:13:47.600909409Z | 66 | PC: 15326 | Move file pointer |
| 2018-12-17T22:13:47.602760998Z | 62 | PC: 151be | Close file |
| 2018-12-17T22:13:47.604122155Z | 87 | PC: 140ef | Get or set file date and time |
| 2018-12-17T22:13:47.606118205Z | 62 | PC: 151be | Close file |
| 2018-12-17T22:13:47.611439428Z | 60 | PC: 1516e | Create or truncate file |
| 2018-12-17T22:13:47.619602058Z | 65 | PC: 15343 | Delete file (Filename = 'C:\DOS\ATTRIB.EXE') |
| 2018-12-17T22:13:47.627687442Z | 86 | PC: 15379 | Rename file |
| 2018-12-17T22:13:47.634925573Z | 67 | PC: 140a8 | Get or set file attributes |
| 2018-12-17T22:13:47.642358135Z | 42 | PC: 14007 | Get date 0x14007: xor ah, ah 0x14009: les di, ptr [bp + 6] 0x1400c: stosw word ptr es:[di], ax 0x1400d: mov al, dl 0x1400f: les di, ptr [bp + 0xa] 0x14012: stosw word ptr es:[di], ax 0x14013: mov al, dh 0x14015: les di, ptr [bp + 0xe] 0x14018: stosw word ptr es:[di], ax 0x14019: xchg ax, cx 0x1401a: les di, ptr [bp + 0x12] 0x1401d: stosw word ptr es:[di], ax 0x1401e: pop bp 0x1401f: retf 0x10 0x14022: push bp 0x14023: mov bp, sp 0x14025: mov cx, word ptr [bp + 0xa] 0x14028: mov dh, byte ptr [bp + 8] 0x1402b: mov dl, byte ptr [bp + 6] 0x1402e: mov ah, 0x2b |
| 2018-12-17T22:13:47.645089084Z | 26 | PC: 14143 | Set disk transfer address |
| 2018-12-17T22:13:47.64616145Z | 79 | PC: 14148 | Find next file |
| 2018-12-17T22:13:47.648837539Z | 61 | PC: 1516e | Open file (Filename = 'C:\DOS\CHKDSK.EXE') |
| 2018-12-17T22:13:47.654509392Z | 26 | PC: 14143 | Set disk transfer address |
| 2018-12-17T22:13:47.655756844Z | 79 | PC: 14148 | Find next file |
| 2018-12-17T22:13:47.658605762Z | 61 | PC: 1516e | Open file (Filename = 'C:\DOS\DEBUG.EXE') |
| 2018-12-17T22:13:47.664232887Z | 63 | PC: 15241 | Read file or device (Read 27 bytes on handle 7) |
| 2018-12-17T22:13:47.668199219Z | 62 | PC: 151be | Close file |
| 2018-12-17T22:13:47.670187949Z | 60 | PC: 1516e | Create or truncate file |
| 2018-12-17T22:13:47.678948934Z | 67 | PC: 14081 | Get or set file attributes |
| 2018-12-17T22:13:47.684960345Z | 61 | PC: 1516e | Open file (Filename = 'C:\DOS\DEBUG.EXE') |
| 2018-12-17T22:13:47.69105942Z | 87 | PC: 140c2 | Get or set file date and time |
| 2018-12-17T22:13:47.693307743Z | 64 | PC: 15241 | Write file or device (Write 8001 bytes on handle 7) |
| 2018-12-17T22:13:47.702347443Z | 63 | PC: 15241 | Read file or device (Read 8192 bytes on handle 8) |
| 2018-12-17T22:13:47.711595475Z | 64 | PC: 15241 | Write file or device (Write 8192 bytes on handle 7) |
| 2018-12-17T22:13:47.722652046Z | 66 | PC: 1530a | Move file pointer |
| 2018-12-17T22:13:47.724434403Z | 66 | PC: 15318 | Move file pointer |
| 2018-12-17T22:13:47.726208091Z | 66 | PC: 15326 | Move file pointer |
| 2018-12-17T22:13:47.728791313Z | 63 | PC: 15241 | Read file or device (Read 8192 bytes on handle 8) |
| 2018-12-17T22:13:47.736949545Z | 64 | PC: 15241 | Write file or device (Write 7526 bytes on handle 7) |
| 2018-12-17T22:13:47.746121552Z | 66 | PC: 1530a | Move file pointer |
| 2018-12-17T22:13:47.74846524Z | 66 | PC: 15318 | Move file pointer |
| 2018-12-17T22:13:47.750311784Z | 66 | PC: 15326 | Move file pointer |
| 2018-12-17T22:13:47.75223682Z | 62 | PC: 151be | Close file |
| 2018-12-17T22:13:47.755264906Z | 87 | PC: 140ef | Get or set file date and time |
| 2018-12-17T22:13:47.757552177Z | 62 | PC: 151be | Close file |
| 2018-12-17T22:13:47.763695051Z | 60 | PC: 1516e | Create or truncate file |
| 2018-12-17T22:13:47.773916371Z | 65 | PC: 15343 | Delete file (Filename = 'C:\DOS\DEBUG.EXE') |
| 2018-12-17T22:13:47.782944679Z | 86 | PC: 15379 | Rename file |
| 2018-12-17T22:13:47.79078693Z | 67 | PC: 140a8 | Get or set file attributes |
| 2018-12-17T22:13:47.797883627Z | 42 | PC: 14007 | Get date 0x14007: xor ah, ah 0x14009: les di, ptr [bp + 6] 0x1400c: stosw word ptr es:[di], ax 0x1400d: mov al, dl 0x1400f: les di, ptr [bp + 0xa] 0x14012: stosw word ptr es:[di], ax 0x14013: mov al, dh 0x14015: les di, ptr [bp + 0xe] 0x14018: stosw word ptr es:[di], ax 0x14019: xchg ax, cx 0x1401a: les di, ptr [bp + 0x12] 0x1401d: stosw word ptr es:[di], ax 0x1401e: pop bp 0x1401f: retf 0x10 0x14022: push bp 0x14023: mov bp, sp 0x14025: mov cx, word ptr [bp + 0xa] 0x14028: mov dh, byte ptr [bp + 8] 0x1402b: mov dl, byte ptr [bp + 6] 0x1402e: mov ah, 0x2b |
| 2018-12-17T22:13:47.800747902Z | 26 | PC: 14143 | Set disk transfer address |
| 2018-12-17T22:13:47.802112787Z | 79 | PC: 14148 | Find next file |
| 2018-12-17T22:13:47.806160197Z | 26 | PC: 1411f | Set disk transfer address |
| 2018-12-17T22:13:47.808310158Z | 78 | PC: 1412b | Find first file |
| 2018-12-17T22:13:47.81295889Z | 26 | PC: 1411f | Set disk transfer address |
| 2018-12-17T22:13:47.813897592Z | 78 | PC: 1412b | Find first file |
| 2018-12-17T22:13:47.819006248Z | 41 | PC: 1421b | Parse filename |
| 2018-12-17T22:13:47.820317774Z | 41 | PC: 14229 | Parse filename |
| 2018-12-17T22:13:47.8215851Z | 75 | PC: 14234 | Execute program |
| 2018-12-17T22:13:47.832250225Z | 9 | PC: 1c55c | Display string (Could not find end pointer) |
| 2018-12-17T22:13:47.841763229Z | 76 | PC: 1c561 | Terminate with return code (Return code = '0') |
| 2018-12-17T22:13:47.845661755Z | 60 | PC: 1516e | Create or truncate file |
| 2018-12-17T22:13:47.859468232Z | 65 | PC: 15343 | Delete file (Filename = 'A:\trax.dat') |
| 2018-12-17T22:13:47.870958745Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:13:47.8725578Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:13:47.874897865Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:13:47.876060134Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:13:47.877689276Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:13:47.880773363Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:13:47.882185252Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:13:47.883983477Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:13:47.886327622Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:13:47.887538933Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:13:47.889062933Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:13:47.891252411Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:13:47.892430213Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:13:47.893761512Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:13:47.896500392Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:13:47.897722619Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:13:47.899038285Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:13:47.901489185Z | 37 | PC: 14485 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:13:47.902939088Z | 76 | PC: 144c4 | Terminate with return code (Return code = '0') |