.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:14:19.094763062Z | 53 | PC: 12a96 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:14:19.096657021Z | 37 | PC: 12a9f | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input') |
| 2018-12-17T22:14:19.098014319Z | 78 | PC: 12aaf | Find first file |
| 2018-12-17T22:14:19.103848291Z | 67 | PC: 12acc | Get or set file attributes |
| 2018-12-17T22:14:19.109750039Z | 67 | PC: 12ad6 | Get or set file attributes |
| 2018-12-17T22:14:19.127091085Z | 61 | PC: 12ada | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:14:19.133549327Z | 87 | PC: 12adf | Get or set file date and time |
| 2018-12-17T22:14:19.135106343Z | 63 | PC: 12aea | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:14:19.141801483Z | 66 | PC: 12af9 | Move file pointer |
| 2018-12-17T22:14:19.143053063Z | 44 | PC: 12a50 | Get time 0x12a50: mov byte ptr [0x10a], dl 0x12a54: call 0x12a69 0x12a57: pop bx 0x12a58: mov cx, 0xfd 0x12a5b: mov dx, 0x100 0x12a5e: mov ah, 0x40 0x12a60: int3 0x12a61: inc byte ptr [0x1fd] 0x12a65: call 0x12a69 0x12a68: ret 0x12a69: mov bx, 0x141 0x12a6c: mov al, byte ptr [0x10a] 0x12a70: cmp al, 0 0x12a72: je 0x12a80 0x12a74: xor byte ptr [bx], al 0x12a77: inc bx 0x12a78: add al, bh 0x12a7a: cmp bx, 0x1e4 0x12a7e: jle 0x12a74 0x12a80: ret |
| 2018-12-17T22:14:19.145148771Z | 64 | PC: 12a61 | Write file or device (Write 253 bytes on handle 5) |
| 2018-12-17T22:14:19.148134425Z | 87 | PC: 12b04 | Get or set file date and time |
| 2018-12-17T22:14:19.149440671Z | 62 | PC: 12b07 | Close file |
| 2018-12-17T22:14:19.1563524Z | 67 | PC: 12b12 | Get or set file attributes |
| 2018-12-17T22:14:19.166226043Z | 79 | PC: 12aaf | Find next file |
| 2018-12-17T22:14:19.169382982Z | 67 | PC: 12acc | Get or set file attributes |
| 2018-12-17T22:14:19.174692409Z | 67 | PC: 12ad6 | Get or set file attributes |
| 2018-12-17T22:14:19.197389534Z | 61 | PC: 12ada | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:14:19.203718438Z | 87 | PC: 12adf | Get or set file date and time |
| 2018-12-17T22:14:19.204911012Z | 63 | PC: 12aea | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:14:19.211916906Z | 66 | PC: 12af9 | Move file pointer |
| 2018-12-17T22:14:19.213221694Z | 44 | PC: 12a50 | Get time 0x12a50: mov byte ptr [0x10a], dl 0x12a54: call 0x12a69 0x12a57: pop bx 0x12a58: mov cx, 0xfd 0x12a5b: mov dx, 0x100 0x12a5e: mov ah, 0x40 0x12a60: int3 0x12a61: inc byte ptr [0x1fd] 0x12a65: call 0x12a69 0x12a68: ret 0x12a69: mov bx, 0x141 0x12a6c: mov al, byte ptr [0x10a] 0x12a70: cmp al, 0 0x12a72: je 0x12a80 0x12a74: xor byte ptr [bx], al 0x12a77: inc bx 0x12a78: add al, bh 0x12a7a: cmp bx, 0x1e4 0x12a7e: jle 0x12a74 0x12a80: ret |
| 2018-12-17T22:14:19.215663305Z | 64 | PC: 12a61 | Write file or device (Write 253 bytes on handle 5) |
| 2018-12-17T22:14:19.219176238Z | 87 | PC: 12b04 | Get or set file date and time |
| 2018-12-17T22:14:19.220611493Z | 62 | PC: 12b07 | Close file |
| 2018-12-17T22:14:19.227965049Z | 67 | PC: 12b12 | Get or set file attributes |
| 2018-12-17T22:14:19.238075705Z | 79 | PC: 12aaf | Find next file |
| 2018-12-17T22:14:19.240661159Z | 67 | PC: 12acc | Get or set file attributes |
| 2018-12-17T22:14:19.246746793Z | 67 | PC: 12ad6 | Get or set file attributes |
| 2018-12-17T22:14:19.256686831Z | 61 | PC: 12ada | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:14:19.263008368Z | 87 | PC: 12adf | Get or set file date and time |
| 2018-12-17T22:14:19.264202444Z | 63 | PC: 12aea | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:14:19.270785834Z | 66 | PC: 12af9 | Move file pointer |
| 2018-12-17T22:14:19.272017158Z | 44 | PC: 12a50 | Get time 0x12a50: mov byte ptr [0x10a], dl 0x12a54: call 0x12a69 0x12a57: pop bx 0x12a58: mov cx, 0xfd 0x12a5b: mov dx, 0x100 0x12a5e: mov ah, 0x40 0x12a60: int3 0x12a61: inc byte ptr [0x1fd] 0x12a65: call 0x12a69 0x12a68: ret 0x12a69: mov bx, 0x141 0x12a6c: mov al, byte ptr [0x10a] 0x12a70: cmp al, 0 0x12a72: je 0x12a80 0x12a74: xor byte ptr [bx], al 0x12a77: inc bx 0x12a78: add al, bh 0x12a7a: cmp bx, 0x1e4 0x12a7e: jle 0x12a74 0x12a80: ret |
| 2018-12-17T22:14:19.274074147Z | 64 | PC: 12a61 | Write file or device (Write 253 bytes on handle 5) |
| 2018-12-17T22:14:19.277083764Z | 87 | PC: 12b04 | Get or set file date and time |
| 2018-12-17T22:14:19.278517187Z | 62 | PC: 12b07 | Close file |
| 2018-12-17T22:14:19.285671967Z | 67 | PC: 12b12 | Get or set file attributes |
| 2018-12-17T22:14:19.296278896Z | 79 | PC: 12aaf | Find next file |
| 2018-12-17T22:14:19.298870116Z | 67 | PC: 12acc | Get or set file attributes |
| 2018-12-17T22:14:19.304303025Z | 67 | PC: 12ad6 | Get or set file attributes |
| 2018-12-17T22:14:19.317063733Z | 61 | PC: 12ada | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:14:19.323487702Z | 87 | PC: 12adf | Get or set file date and time |
| 2018-12-17T22:14:19.324768848Z | 63 | PC: 12aea | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:14:19.338155499Z | 66 | PC: 12af9 | Move file pointer |
| 2018-12-17T22:14:19.339486747Z | 44 | PC: 12a50 | Get time 0x12a50: mov byte ptr [0x10a], dl 0x12a54: call 0x12a69 0x12a57: pop bx 0x12a58: mov cx, 0xfd 0x12a5b: mov dx, 0x100 0x12a5e: mov ah, 0x40 0x12a60: int3 0x12a61: inc byte ptr [0x1fd] 0x12a65: call 0x12a69 0x12a68: ret 0x12a69: mov bx, 0x141 0x12a6c: mov al, byte ptr [0x10a] 0x12a70: cmp al, 0 0x12a72: je 0x12a80 0x12a74: xor byte ptr [bx], al 0x12a77: inc bx 0x12a78: add al, bh 0x12a7a: cmp bx, 0x1e4 0x12a7e: jle 0x12a74 0x12a80: ret |
| 2018-12-17T22:14:19.341678958Z | 64 | PC: 12a61 | Write file or device (Write 253 bytes on handle 5) |
| 2018-12-17T22:14:19.34458354Z | 87 | PC: 12b04 | Get or set file date and time |
| 2018-12-17T22:14:19.346302394Z | 62 | PC: 12b07 | Close file |
| 2018-12-17T22:14:19.353571364Z | 67 | PC: 12b12 | Get or set file attributes |
| 2018-12-17T22:14:19.363510613Z | 79 | PC: 12aaf | Find next file |
| 2018-12-17T22:14:19.366116904Z | 67 | PC: 12acc | Get or set file attributes |
| 2018-12-17T22:14:19.371560257Z | 67 | PC: 12ad6 | Get or set file attributes |
| 2018-12-17T22:14:19.384324897Z | 61 | PC: 12ada | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:14:19.39103154Z | 87 | PC: 12adf | Get or set file date and time |
| 2018-12-17T22:14:19.392297668Z | 63 | PC: 12aea | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:14:19.398574449Z | 66 | PC: 12af9 | Move file pointer |
| 2018-12-17T22:14:19.39992959Z | 44 | PC: 12a50 | Get time 0x12a50: mov byte ptr [0x10a], dl 0x12a54: call 0x12a69 0x12a57: pop bx 0x12a58: mov cx, 0xfd 0x12a5b: mov dx, 0x100 0x12a5e: mov ah, 0x40 0x12a60: int3 0x12a61: inc byte ptr [0x1fd] 0x12a65: call 0x12a69 0x12a68: ret 0x12a69: mov bx, 0x141 0x12a6c: mov al, byte ptr [0x10a] 0x12a70: cmp al, 0 0x12a72: je 0x12a80 0x12a74: xor byte ptr [bx], al 0x12a77: inc bx 0x12a78: add al, bh 0x12a7a: cmp bx, 0x1e4 0x12a7e: jle 0x12a74 0x12a80: ret |
| 2018-12-17T22:14:19.401970037Z | 64 | PC: 12a61 | Write file or device (Write 253 bytes on handle 5) |
| 2018-12-17T22:14:19.404626389Z | 87 | PC: 12b04 | Get or set file date and time |
| 2018-12-17T22:14:19.406314878Z | 62 | PC: 12b07 | Close file |
| 2018-12-17T22:14:19.41318388Z | 67 | PC: 12b12 | Get or set file attributes |
| 2018-12-17T22:14:19.42315905Z | 79 | PC: 12aaf | Find next file |
| 2018-12-17T22:14:19.425888459Z | 67 | PC: 12acc | Get or set file attributes |
| 2018-12-17T22:14:19.43125882Z | 67 | PC: 12ad6 | Get or set file attributes |
| 2018-12-17T22:14:19.443823379Z | 61 | PC: 12ada | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:14:19.450574322Z | 87 | PC: 12adf | Get or set file date and time |
| 2018-12-17T22:14:19.451702023Z | 63 | PC: 12aea | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:14:19.455685458Z | 66 | PC: 12af9 | Move file pointer |
| 2018-12-17T22:14:19.456876537Z | 44 | PC: 12a50 | Get time 0x12a50: mov byte ptr [0x10a], dl 0x12a54: call 0x12a69 0x12a57: pop bx 0x12a58: mov cx, 0xfd 0x12a5b: mov dx, 0x100 0x12a5e: mov ah, 0x40 0x12a60: int3 0x12a61: inc byte ptr [0x1fd] 0x12a65: call 0x12a69 0x12a68: ret 0x12a69: mov bx, 0x141 0x12a6c: mov al, byte ptr [0x10a] 0x12a70: cmp al, 0 0x12a72: je 0x12a80 0x12a74: xor byte ptr [bx], al 0x12a77: inc bx 0x12a78: add al, bh 0x12a7a: cmp bx, 0x1e4 0x12a7e: jle 0x12a74 0x12a80: ret |
| 2018-12-17T22:14:19.45829649Z | 64 | PC: 12a61 | Write file or device (Write 253 bytes on handle 5) |
| 2018-12-17T22:14:19.460521879Z | 87 | PC: 12b04 | Get or set file date and time |
| 2018-12-17T22:14:19.461589576Z | 62 | PC: 12b07 | Close file |
| 2018-12-17T22:14:19.46617188Z | 67 | PC: 12b12 | Get or set file attributes |