.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:17:43.396386068Z | 51 | PC: 12a62 | Get or set Ctrl-Break |
| 2018-12-17T22:17:43.397684174Z | 88 | PC: 12a6a | case 0xGet or set allocation strateg: |
| 2018-12-17T22:17:43.399772625Z | 219 | PC: 12b09 | UNKNOWN! |
| 2018-12-17T22:17:43.400554406Z | 42 | PC: 12b1f | Get date 0x12b1f: mov byte ptr cs:[bp + 0x10ce], dl
0x12b24: cmp dh, 7
0x12b27: jne 0x12b3c
0x12b29: cmp dl, 4
0x12b2c: jne 0x12b3c
0x12b2e: jmp 0x1396a
0x12b31: and dx, word ptr [si + 0x68]
0x12b34: inc bp
0x12b35: pop di
0x12b36: push di
0x12b37: imul bx, word ptr [bp + si + 0x41], 0x4472
0x12b3c: mov al, 0x21
0x12b3e: call 0x13006
0x12b41: mov word ptr cs:[bp + 0x377], bx
0x12b46: mov word ptr cs:[bp + 0x379], es
0x12b4b: mov word ptr cs:[bp + 0x37c], bx
0x12b50: mov word ptr cs:[bp + 0x37e], es
0x12b55: xor di, di
0x12b57: mov ah, 0x52
0x12b59: int 0x21
|
| 2018-12-17T22:17:43.403138762Z | 82 | PC: 12b5b | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T22:17:43.404692325Z | 82 | PC: 12bad | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T22:17:43.408079661Z | 77 | PC: 11fe0 | Get program return code |
| 2018-12-17T22:17:43.410265548Z | 72 | PC: 12174 | Allocate memory |
| 2018-12-17T22:17:43.411916146Z | 72 | PC: 1218d | Allocate memory |
| 2018-12-17T22:17:43.414008497Z | 37 | PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-17T22:17:43.416178328Z | 37 | PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:17:43.417232065Z | 37 | PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:17:43.418558972Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.419334715Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.421289422Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.422029981Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.423747329Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.424986825Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.426877025Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.427884725Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.430575021Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.431225619Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.432903358Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.434887726Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.437065492Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.437809285Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.440192202Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.441175121Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.44304058Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.444436714Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.44610366Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.446887506Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.449206499Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.449827484Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.451402368Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.4537975Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.455978107Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.456617436Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.459068299Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.459849025Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.461511409Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.46819414Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.474828886Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.475970287Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.480132751Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.480858807Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.482894186Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.484662997Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.48685518Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.487853174Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.490866793Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.491901998Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.494250217Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.495879136Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.498107569Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.499365063Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.501722634Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.502477337Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.50410866Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.505061378Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.507070153Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.507827754Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.509707607Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.510904932Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.512800041Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.513808678Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.516250103Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.517027996Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.518992011Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.520231989Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.521848489Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.522774879Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:17:43.525952239Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.526989803Z | 61 | PC: 9bf43 | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-17T22:17:43.533772988Z | 62 | PC: 9bf43 | Close file |
| 2018-12-17T22:17:43.536134006Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:43.537264104Z | 61 | PC: 12354 | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-17T22:17:43.543905748Z | 66 | PC: 12372 | Move file pointer |
| 2018-12-17T22:17:43.546157793Z | 63 | PC: 12383 | Read file or device (Read 44693 bytes on handle 5) |
| 2018-12-17T22:17:43.557329087Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:43.558364479Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:17:43.560221416Z | 62 | PC: 9bf43 | Close file |
| 2018-12-17T22:17:43.563365843Z | 63 | PC: 9bf43 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:17:43.568704985Z | 64 | PC: 9bf43 | Write file or device (Write 4313 bytes on handle 5) |
| 2018-12-17T22:17:44.135471258Z | 64 | PC: 9bf43 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:17:44.139027742Z | 87 | PC: 9bf43 | Get or set file date and time |
| 2018-12-17T22:17:44.142433012Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:44.143896439Z | 62 | PC: 1238a | Close file |
| 2018-12-17T22:17:44.152811773Z | 99 | PC: 96227 | Get DBCS lead byte table pointer |
| 2018-12-17T22:17:44.154842962Z | 56 | PC: 90a49 | Get or set country info |
| 2018-12-17T22:17:44.15785613Z | 64 | PC: 96498 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-17T22:17:44.162640794Z | 25 | PC: 90ab2 | Get default drive |
| 2018-12-17T22:17:44.164585063Z | 71 | PC: 92d2d | Get current directory |
| 2018-12-17T22:17:44.169245645Z | 64 | PC: 96498 | Write file or device (Write 3 bytes on handle 1) |
| 2018-12-17T22:17:44.173704146Z | 2 | PC: 92d02 | Character output (Char = '3e') |
| 2018-12-17T22:17:44.176093447Z | 93 | PC: 90b70 | File sharing functions |
| 2018-12-17T22:17:44.17928956Z | 93 | PC: 90b77 | File sharing functions |
| 2018-12-17T22:17:44.181362685Z | 10 | PC: 90b89 | Buffered keyboard input |
| 2018-12-17T22:17:58.387440932Z | 0 | PC: 0 | Program terminate |
| 2018-12-17T22:17:59.741870117Z | 0 | PC: 0 | Program terminate |
| 2018-12-17T22:17:59.844723763Z | 64 | PC: 96498 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-17T22:17:59.851817674Z | 41 | PC: 90bfe | Parse filename |
| 2018-12-17T22:17:59.85376998Z | 41 | PC: 90c7f | Parse filename |
| 2018-12-17T22:17:59.855258187Z | 41 | PC: 90c9c | Parse filename |
| 2018-12-17T22:17:59.858995366Z | 26 | PC: 94147 | Set disk transfer address |
| 2018-12-17T22:17:59.861698297Z | 71 | PC: 94343 | Get current directory |
| 2018-12-17T22:17:59.869854128Z | 78 | PC: 9babb | Find first file |
| 2018-12-17T22:17:59.879904452Z | 98 | PC: 9be7e | Get current PSP |
| 2018-12-17T22:17:59.880746972Z | 47 | PC: 9baed | Get disk transfer address |
| 2018-12-17T22:17:59.882183507Z | 71 | PC: 941bc | Get current directory |
| 2018-12-17T22:17:59.886602817Z | 73 | PC: 93859 | Release memory |
| 2018-12-17T22:17:59.888319876Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:17:59.889090293Z | 67 | PC: 9bf43 | Get or set file attributes |
| 2018-12-17T22:17:59.896462604Z | 65 | PC: 9bf43 | Delete file (Filename = 'ry
�
No free file handles�Bad Command or file name
�Access denied �
Memory allocation error&
Cannot load COMMAND, system halted
!
Cannot start COMMAND, exiting
.
Top level process aborted, cannot continue
�
�
�') |
| 2018-12-17T22:17:59.902507209Z | 67 | PC: 9bf43 | Get or set file attributes |
| 2018-12-17T22:17:59.914084454Z | 65 | PC: 9bf43 | Delete file (Filename = 'o fit in memory
�
No free file handles�Bad Command or file name
�Access denied �
Memory allocation error&
Cannot load COMMAND, system halted
!
Cannot start COMMAND, exiting
.
Top level process aborted, cannot continue
�
�
�') |
| 2018-12-17T22:17:59.921341004Z | 67 | PC: 9bf43 | Get or set file attributes |
| 2018-12-17T22:17:59.92707372Z | 65 | PC: 9bf43 | Delete file (Filename = 'ree file handles�Bad Command or file name
�Access denied �
Memory allocation error&
Cannot load COMMAND, system halted
!
Cannot start COMMAND, exiting
.
Top level process aborted, cannot continue
�
�
�') |
| 2018-12-17T22:17:59.932857696Z | 67 | PC: 9bf43 | Get or set file attributes |
| 2018-12-17T22:17:59.941099055Z | 65 | PC: 9bf43 | Delete file (Filename = 'les�Bad Command or file name
�Access denied �
Memory allocation error&
Cannot load COMMAND, system halted
!
Cannot start COMMAND, exiting
.
Top level process aborted, cannot continue
�
�
�') |
| 2018-12-17T22:17:59.952151387Z | 67 | PC: 9bf43 | Get or set file attributes |
| 2018-12-17T22:17:59.963405746Z | 65 | PC: 9bf43 | Delete file (Filename = 'Command or file name
�Access denied �
Memory allocation error&
Cannot load COMMAND, system halted
!
Cannot start COMMAND, exiting
.
Top level process aborted, cannot continue
�
�
�') |
| 2018-12-17T22:17:59.974981515Z | 67 | PC: 9bf43 | Get or set file attributes |
| 2018-12-17T22:17:59.98056324Z | 65 | PC: 9bf43 | Delete file (Filename = 'or file name
�Access denied �
Memory allocation error&
Cannot load COMMAND, system halted
!
Cannot start COMMAND, exiting
.
Top level process aborted, cannot continue
�
�
�') |
| 2018-12-17T22:17:59.986354902Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:17:59.987801051Z | 75 | PC: 11821 | Execute program |
| 2018-12-17T22:18:00.00174998Z | 9 | PC: 12a47 | Display string (String= 'Hello, World!
') |
| 2018-12-17T22:18:00.005671043Z | 76 | PC: 12a4b | Terminate with return code (Return code = '36') |
| 2018-12-17T22:18:00.009840026Z | 77 | PC: 11fe0 | Get program return code |
| 2018-12-17T22:18:00.011529824Z | 72 | PC: 12174 | Allocate memory |
| 2018-12-17T22:18:00.013630223Z | 72 | PC: 1218d | Allocate memory |
| 2018-12-17T22:18:00.016574396Z | 37 | PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-17T22:18:00.01808037Z | 37 | PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:18:00.019646993Z | 37 | PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:18:00.022275109Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.023593509Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.026139866Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.027685359Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.029852745Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.031005457Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.033374498Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.03418674Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.035960601Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.037740001Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.039602509Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.040502629Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.042815847Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.043638047Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.045294063Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.047238226Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.049289449Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.050934261Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.053343622Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.054449652Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.0567145Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.058120336Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.059754285Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.060478686Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.062776071Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.0634336Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.064990184Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.067004806Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.069054667Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.069999361Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.072454035Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.073102169Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.074632756Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.075779755Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.077320089Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.077882009Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.079560828Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.08004345Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.081450812Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.08251149Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.084125974Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.084751489Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.086452443Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.087019048Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.088961776Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.089549512Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.091031336Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.091902662Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.093525059Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.094007299Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.096008507Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.096693326Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.098312297Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.099477534Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.100986366Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.101642435Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.104057678Z | 250 | PC: 9bf80 | UNKNOWN! |
| 2018-12-17T22:18:00.104649195Z | 69 | PC: 9bf43 | Duplicate handle |
| 2018-12-17T22:18:00.106055206Z | 250 | PC: 9bf9c | UNKNOWN! |
| 2018-12-17T22:18:00.106999106Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:18:00.109598921Z | 99 | PC: 96227 | Get DBCS lead byte table pointer |
| 2018-12-17T22:18:00.110848933Z | 56 | PC: 90a49 | Get or set country info |
| 2018-12-17T22:18:00.112943174Z | 64 | PC: 96498 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-17T22:18:00.117092256Z | 25 | PC: 90ab2 | Get default drive |
| 2018-12-17T22:18:00.118398476Z | 71 | PC: 92d2d | Get current directory |
| 2018-12-17T22:18:00.122097289Z | 64 | PC: 96498 | Write file or device (Write 3 bytes on handle 1) |
| 2018-12-17T22:18:00.125012549Z | 2 | PC: 92d02 | Character output (Char = '3e') |
| 2018-12-17T22:18:00.127126966Z | 93 | PC: 90b70 | File sharing functions |
| 2018-12-17T22:18:00.129000909Z | 93 | PC: 90b77 | File sharing functions |
| 2018-12-17T22:18:00.13149342Z | 10 | PC: 90b89 | Buffered keyboard input |
