.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:16:06.312829787Z | 48 | PC: 12a6b | Get DOS version |
| 2018-12-17T22:16:06.314881465Z | 47 | PC: 12a77 | Get disk transfer address |
| 2018-12-17T22:16:06.316290592Z | 26 | PC: 12a8a | Set disk transfer address |
| 2018-12-17T22:16:06.318035961Z | 78 | PC: 12b16 | Find first file |
| 2018-12-17T22:16:06.32477265Z | 67 | PC: 12b54 | Get or set file attributes |
| 2018-12-17T22:16:06.333661696Z | 67 | PC: 12b67 | Get or set file attributes |
| 2018-12-17T22:16:06.362171677Z | 61 | PC: 12b72 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:16:06.368714443Z | 87 | PC: 12b7e | Get or set file date and time |
| 2018-12-17T22:16:06.375508651Z | 44 | PC: 12b8a | Get time 0x12b8a: and dh, 7 0x12b8d: mov ah, 0x3f 0x12b8f: mov cx, 3 0x12b92: mov dx, 0xa 0x12b95: nop 0x12b96: add dx, si 0x12b98: int 0x21 0x12b9a: jb 0x12bf1 0x12b9c: cmp ax, 3 0x12b9f: jne 0x12bf1 0x12ba1: mov ax, 0x4202 0x12ba4: mov cx, 0 0x12ba7: mov dx, 0 0x12baa: int 0x21 0x12bac: jb 0x12bf1 0x12bae: mov cx, ax 0x12bb0: sub ax, 3 0x12bb3: mov word ptr [si + 0xe], ax 0x12bb7: add cx, 0x2e7 0x12bbb: mov di, si |
| 2018-12-17T22:16:06.378027358Z | 63 | PC: 12b9a | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:16:06.384711827Z | 66 | PC: 12bac | Move file pointer |
| 2018-12-17T22:16:06.387455806Z | 64 | PC: 12bd0 | Write file or device (Write 625 bytes on handle 5) |
| 2018-12-17T22:16:06.396168701Z | 66 | PC: 12be2 | Move file pointer |
| 2018-12-17T22:16:06.397454674Z | 64 | PC: 12bf1 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:16:06.404546414Z | 87 | PC: 12c06 | Get or set file date and time |
| 2018-12-17T22:16:06.406194967Z | 62 | PC: 12c0a | Close file |
| 2018-12-17T22:16:06.414440596Z | 67 | PC: 12c19 | Get or set file attributes |
| 2018-12-17T22:16:06.425740489Z | 26 | PC: 12c26 | Set disk transfer address |