.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:16:22.206223066Z | 26 | PC: 12a72 | Set disk transfer address |
| 2018-12-17T22:16:22.20811782Z | 37 | PC: 12a80 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:16:22.209113614Z | 37 | PC: 12a84 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input') |
| 2018-12-17T22:16:22.21005213Z | 78 | PC: 12acf | Find first file |
| 2018-12-17T22:16:22.215816013Z | 61 | PC: 12c56 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:16:22.223059555Z | 63 | PC: 12c65 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:16:22.229666437Z | 66 | PC: 12c74 | Move file pointer |
| 2018-12-17T22:16:22.231127893Z | 66 | PC: 12c83 | Move file pointer |
| 2018-12-17T22:16:22.23945889Z | 64 | PC: 12c8f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:16:22.241878966Z | 66 | PC: 12c9b | Move file pointer |
| 2018-12-17T22:16:22.242933175Z | 44 | PC: 12c9f | Get time 0x12c9f: mov byte ptr [bp + 0x282], dl 0x12ca3: call 0x12cb9 0x12ca6: mov ah, 0x40 0x12ca8: mov cx, 0x282 0x12cab: lea dx, word ptr [bp + 6] 0x12caf: int 0x21 0x12cb1: call 0x12cb9 0x12cb4: mov ah, 0x3e 0x12cb6: int 0x21 0x12cb8: ret 0x12cb9: lea si, word ptr [bp + 0x1f] 0x12cbd: mov cx, 0x244 0x12cc0: xor byte ptr [si], 0 0x12cc3: inc si 0x12cc4: dec cx 0x12cc5: jne 0x12cc0 0x12cc7: ret 0x12cc8: add word ptr [bx], di 0x12cca: aas 0x12ccb: aas |
| 2018-12-17T22:16:22.245674671Z | 64 | PC: 12cb1 | Write file or device (Write 642 bytes on handle 5) |
| 2018-12-17T22:16:22.260419827Z | 62 | PC: 12cb8 | Close file |
| 2018-12-17T22:16:22.268164579Z | 79 | PC: 12acf | Find next file |
| 2018-12-17T22:16:22.27116455Z | 61 | PC: 12c56 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:16:22.278600877Z | 63 | PC: 12c65 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:16:22.285066387Z | 66 | PC: 12c74 | Move file pointer |
| 2018-12-17T22:16:22.286887622Z | 66 | PC: 12c83 | Move file pointer |
| 2018-12-17T22:16:22.287859101Z | 64 | PC: 12c8f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:16:22.28954532Z | 66 | PC: 12c9b | Move file pointer |
| 2018-12-17T22:16:22.290934722Z | 44 | PC: 12c9f | Get time 0x12c9f: mov byte ptr [bp + 0x282], dl 0x12ca3: call 0x12cb9 0x12ca6: mov ah, 0x40 0x12ca8: mov cx, 0x282 0x12cab: lea dx, word ptr [bp + 6] 0x12caf: int 0x21 0x12cb1: call 0x12cb9 0x12cb4: mov ah, 0x3e 0x12cb6: int 0x21 0x12cb8: ret 0x12cb9: lea si, word ptr [bp + 0x1f] 0x12cbd: mov cx, 0x244 0x12cc0: xor byte ptr [si], 0x40 0x12cc3: inc si 0x12cc4: dec cx 0x12cc5: jne 0x12cc0 0x12cc7: ret 0x12cc8: add word ptr [bx], di 0x12cca: aas 0x12ccb: aas |
| 2018-12-17T22:16:22.292469395Z | 64 | PC: 12cb1 | Write file or device (Write 642 bytes on handle 5) |
| 2018-12-17T22:16:22.297656609Z | 62 | PC: 12cb8 | Close file |
| 2018-12-17T22:16:22.306009744Z | 79 | PC: 12acf | Find next file |
| 2018-12-17T22:16:22.308548732Z | 61 | PC: 12c56 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:16:22.314772358Z | 63 | PC: 12c65 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:16:22.32385042Z | 66 | PC: 12c74 | Move file pointer |
| 2018-12-17T22:16:22.325185329Z | 66 | PC: 12c83 | Move file pointer |
| 2018-12-17T22:16:22.326446077Z | 64 | PC: 12c8f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:16:22.329469757Z | 66 | PC: 12c9b | Move file pointer |
| 2018-12-17T22:16:22.330550315Z | 44 | PC: 12c9f | Get time 0x12c9f: mov byte ptr [bp + 0x282], dl 0x12ca3: call 0x12cb9 0x12ca6: mov ah, 0x40 0x12ca8: mov cx, 0x282 0x12cab: lea dx, word ptr [bp + 6] 0x12caf: int 0x21 0x12cb1: call 0x12cb9 0x12cb4: mov ah, 0x3e 0x12cb6: int 0x21 0x12cb8: ret 0x12cb9: lea si, word ptr [bp + 0x1f] 0x12cbd: mov cx, 0x244 0x12cc0: xor byte ptr [si], 0x46 0x12cc3: inc si 0x12cc4: dec cx 0x12cc5: jne 0x12cc0 0x12cc7: ret 0x12cc8: add word ptr [bx], di 0x12cca: aas 0x12ccb: aas |
| 2018-12-17T22:16:22.332261464Z | 64 | PC: 12cb1 | Write file or device (Write 642 bytes on handle 5) |
| 2018-12-17T22:16:22.337990133Z | 62 | PC: 12cb8 | Close file |
| 2018-12-17T22:16:22.345933438Z | 79 | PC: 12acf | Find next file |
| 2018-12-17T22:16:22.348644144Z | 61 | PC: 12c56 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:16:22.356185397Z | 63 | PC: 12c65 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:16:22.364434093Z | 66 | PC: 12c74 | Move file pointer |
| 2018-12-17T22:16:22.365847158Z | 66 | PC: 12c83 | Move file pointer |
| 2018-12-17T22:16:22.367751265Z | 64 | PC: 12c8f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:16:22.370557597Z | 66 | PC: 12c9b | Move file pointer |
| 2018-12-17T22:16:22.371914023Z | 44 | PC: 12c9f | Get time 0x12c9f: mov byte ptr [bp + 0x282], dl 0x12ca3: call 0x12cb9 0x12ca6: mov ah, 0x40 0x12ca8: mov cx, 0x282 0x12cab: lea dx, word ptr [bp + 6] 0x12caf: int 0x21 0x12cb1: call 0x12cb9 0x12cb4: mov ah, 0x3e 0x12cb6: int 0x21 0x12cb8: ret 0x12cb9: lea si, word ptr [bp + 0x1f] 0x12cbd: mov cx, 0x244 0x12cc0: xor byte ptr [si], 0x46 0x12cc3: inc si 0x12cc4: dec cx 0x12cc5: jne 0x12cc0 0x12cc7: ret 0x12cc8: add word ptr [bx], di 0x12cca: aas 0x12ccb: aas |
| 2018-12-17T22:16:22.374791351Z | 64 | PC: 12cb1 | Write file or device (Write 642 bytes on handle 5) |
| 2018-12-17T22:16:22.38310623Z | 62 | PC: 12cb8 | Close file |
| 2018-12-17T22:16:22.391455213Z | 79 | PC: 12acf | Find next file |
| 2018-12-17T22:16:22.394714674Z | 61 | PC: 12c56 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:16:22.401081854Z | 63 | PC: 12c65 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:16:22.40727417Z | 66 | PC: 12c74 | Move file pointer |
| 2018-12-17T22:16:22.409376075Z | 66 | PC: 12c83 | Move file pointer |
| 2018-12-17T22:16:22.410782822Z | 64 | PC: 12c8f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:16:22.41368743Z | 66 | PC: 12c9b | Move file pointer |
| 2018-12-17T22:16:22.414986633Z | 44 | PC: 12c9f | Get time 0x12c9f: mov byte ptr [bp + 0x282], dl 0x12ca3: call 0x12cb9 0x12ca6: mov ah, 0x40 0x12ca8: mov cx, 0x282 0x12cab: lea dx, word ptr [bp + 6] 0x12caf: int 0x21 0x12cb1: call 0x12cb9 0x12cb4: mov ah, 0x3e 0x12cb6: int 0x21 0x12cb8: ret 0x12cb9: lea si, word ptr [bp + 0x1f] 0x12cbd: mov cx, 0x244 0x12cc0: xor byte ptr [si], 0x4b 0x12cc3: inc si 0x12cc4: dec cx 0x12cc5: jne 0x12cc0 0x12cc7: ret 0x12cc8: add word ptr [bx], di 0x12cca: aas 0x12ccb: aas |
| 2018-12-17T22:16:22.417504618Z | 64 | PC: 12cb1 | Write file or device (Write 642 bytes on handle 5) |
| 2018-12-17T22:16:22.42601791Z | 62 | PC: 12cb8 | Close file |
| 2018-12-17T22:16:22.433889625Z | 79 | PC: 12acf | Find next file |
| 2018-12-17T22:16:22.436869664Z | 61 | PC: 12c56 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:16:22.443051366Z | 63 | PC: 12c65 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:16:22.449065766Z | 66 | PC: 12c74 | Move file pointer |
| 2018-12-17T22:16:22.45091895Z | 66 | PC: 12c83 | Move file pointer |
| 2018-12-17T22:16:22.45211146Z | 64 | PC: 12c8f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:16:22.45463216Z | 66 | PC: 12c9b | Move file pointer |
| 2018-12-17T22:16:22.45628204Z | 44 | PC: 12c9f | Get time 0x12c9f: mov byte ptr [bp + 0x282], dl 0x12ca3: call 0x12cb9 0x12ca6: mov ah, 0x40 0x12ca8: mov cx, 0x282 0x12cab: lea dx, word ptr [bp + 6] 0x12caf: int 0x21 0x12cb1: call 0x12cb9 0x12cb4: mov ah, 0x3e 0x12cb6: int 0x21 0x12cb8: ret 0x12cb9: lea si, word ptr [bp + 0x1f] 0x12cbd: mov cx, 0x244 0x12cc0: xor byte ptr [si], 0x4b 0x12cc3: inc si 0x12cc4: dec cx 0x12cc5: jne 0x12cc0 0x12cc7: ret 0x12cc8: add word ptr [bx], di 0x12cca: aas 0x12ccb: aas |
| 2018-12-17T22:16:22.458391672Z | 64 | PC: 12cb1 | Write file or device (Write 642 bytes on handle 5) |
| 2018-12-17T22:16:22.466865789Z | 62 | PC: 12cb8 | Close file |
| 2018-12-17T22:16:22.474835153Z | 79 | PC: 12acf | Find next file |
| 2018-12-17T22:16:22.477248047Z | 61 | PC: 12c56 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:16:22.483963517Z | 63 | PC: 12c65 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:16:22.490429023Z | 66 | PC: 12c74 | Move file pointer |
| 2018-12-17T22:16:22.491636528Z | 66 | PC: 12c83 | Move file pointer |
| 2018-12-17T22:16:22.492803993Z | 64 | PC: 12c8f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:16:22.495605664Z | 66 | PC: 12c9b | Move file pointer |
| 2018-12-17T22:16:22.496780974Z | 44 | PC: 12c9f | Get time 0x12c9f: mov byte ptr [bp + 0x282], dl 0x12ca3: call 0x12cb9 0x12ca6: mov ah, 0x40 0x12ca8: mov cx, 0x282 0x12cab: lea dx, word ptr [bp + 6] 0x12caf: int 0x21 0x12cb1: call 0x12cb9 0x12cb4: mov ah, 0x3e 0x12cb6: int 0x21 0x12cb8: ret 0x12cb9: lea si, word ptr [bp + 0x1f] 0x12cbd: mov cx, 0x244 0x12cc0: xor byte ptr [si], 0x51 0x12cc3: inc si 0x12cc4: dec cx 0x12cc5: jne 0x12cc0 0x12cc7: ret 0x12cc8: add word ptr [bx], di 0x12cca: aas 0x12ccb: aas |
| 2018-12-17T22:16:22.498889005Z | 64 | PC: 12cb1 | Write file or device (Write 642 bytes on handle 5) |
| 2018-12-17T22:16:22.506930277Z | 62 | PC: 12cb8 | Close file |
| 2018-12-17T22:16:22.514382858Z | 26 | PC: 12ae9 | Set disk transfer address |
| 2018-12-17T22:16:22.515263796Z | 19 | PC: 12afb | Delete file |
| 2018-12-17T22:16:22.520976446Z | 9 | PC: 12b2d | Display string (String= 'LEADERS Leaders are like Eagles! They do not give a flock who you THINK you are!!! ') |