.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:19:16.42166306Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:19:16.423452357Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:19:16.425230723Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:19:16.43865795Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:19:16.440304039Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:19:16.441634831Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:19:16.442736545Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:19:16.443941018Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:19:16.445263929Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:19:16.446437753Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:19:16.447638729Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:19:16.449070454Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:19:16.45021467Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:19:16.451349633Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:19:16.453065607Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:19:16.454405958Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:19:16.455632169Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:19:16.457341711Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:19:16.458511167Z | 53 | PC: 136ea | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:19:16.459645353Z | 37 | PC: 136ff | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:19:16.461201688Z | 37 | PC: 13707 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:19:16.462453176Z | 37 | PC: 1370f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:19:16.463530529Z | 37 | PC: 13717 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:19:16.465379484Z | 68 | PC: 145c4 | I/O control for devices (Set for = 'E���G�') |
| 2018-12-17T22:19:16.4941199Z | 37 | PC: 12f51 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:19:16.495919098Z | 60 | PC: 14013 | Create or truncate file |
| 2018-12-17T22:19:16.513894271Z | 65 | PC: 1415c | Delete file (Filename = '%f#@1g') |
| 2018-12-17T22:19:16.525561663Z | 48 | PC: 141d5 | Get DOS version |
| 2018-12-17T22:19:16.527084462Z | 61 | PC: 14013 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:19:16.534586576Z | 63 | PC: 140e6 | Read file or device (Read 6161 bytes on handle 6) |
| 2018-12-17T22:19:16.543093085Z | 66 | PC: 14145 | Move file pointer |
| 2018-12-17T22:19:16.545353504Z | 66 | PC: 146c3 | Move file pointer |
| 2018-12-17T22:19:16.546881775Z | 66 | PC: 146d1 | Move file pointer |
| 2018-12-17T22:19:16.55420991Z | 66 | PC: 146df | Move file pointer |
| 2018-12-17T22:19:16.556012206Z | 66 | PC: 14145 | Move file pointer |
| 2018-12-17T22:19:16.557542102Z | 63 | PC: 140e6 | Read file or device (Read 20 bytes on handle 6) |
| 2018-12-17T22:19:16.56093308Z | 60 | PC: 14013 | Create or truncate file |
| 2018-12-17T22:19:16.573259251Z | 62 | PC: 14063 | Close file |
| 2018-12-17T22:19:16.574743777Z | 62 | PC: 14063 | Close file |
| 2018-12-17T22:19:16.576531514Z | 42 | PC: 134d7 | Get date 0x134d7: xor ah, ah
0x134d9: les di, ptr [bp + 6]
0x134dc: stosw word ptr es:[di], ax
0x134dd: mov al, dl
0x134df: les di, ptr [bp + 0xa]
0x134e2: stosw word ptr es:[di], ax
0x134e3: mov al, dh
0x134e5: les di, ptr [bp + 0xe]
0x134e8: stosw word ptr es:[di], ax
0x134e9: xchg ax, cx
0x134ea: les di, ptr [bp + 0x12]
0x134ed: stosw word ptr es:[di], ax
0x134ee: pop bp
0x134ef: retf 0x10
0x134f2: push bp
0x134f3: mov bp, sp
0x134f5: mov cx, word ptr [bp + 0xa]
0x134f8: mov dh, byte ptr [bp + 8]
0x134fb: mov dl, byte ptr [bp + 6]
0x134fe: mov ah, 0x2b
|
| 2018-12-17T22:19:16.578210604Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:19:16.579117277Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:19:16.580488415Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:19:16.581473224Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:19:16.582601294Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:19:16.583923316Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:19:16.58533282Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:19:16.586670496Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:19:16.58828505Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:19:16.589598581Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:19:16.590899952Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:19:16.592592726Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:19:16.594072235Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:19:16.595519632Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:19:16.597166173Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:19:16.598531958Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:19:16.599912866Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:19:16.601328864Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:19:16.603027784Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:19:16.604386511Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:19:16.605752424Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:19:16.607444061Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:19:16.608701241Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:19:16.609900598Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:19:16.61169004Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:19:16.612967888Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:19:16.614187369Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:19:16.616075056Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:19:16.617560272Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:19:16.618989939Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:19:16.621256569Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:19:16.622394417Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:19:16.623876493Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:19:16.625675823Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:19:16.626922827Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:19:16.628155575Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:19:16.629779275Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:19:16.631945269Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:19:16.6334552Z | 41 | PC: 1361f | Parse filename |
| 2018-12-17T22:19:16.635482666Z | 41 | PC: 1362d | Parse filename |
| 2018-12-17T22:19:16.636762902Z | 75 | PC: 13638 | Execute program |
| 2018-12-17T22:19:16.643650071Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:19:16.645089901Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:19:16.647078131Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:19:16.648799146Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:19:16.650678312Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:19:16.652279783Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:19:16.653616123Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:19:16.655688485Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:19:16.657189731Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:19:16.658480161Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:19:16.659941244Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:19:16.661749054Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:19:16.66344365Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:19:16.665448818Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:19:16.66746556Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:19:16.669250113Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:19:16.67097839Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:19:16.672806135Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:19:16.674009008Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:19:16.675424579Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:19:16.676822968Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:19:16.678280005Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:19:16.679603616Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:19:16.681231191Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:19:16.682859602Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:19:16.683888537Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:19:16.685876563Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:19:16.687715384Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:19:16.689088646Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:19:16.69165689Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:19:16.693289938Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:19:16.694896056Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:19:16.698520177Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:19:16.700168398Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:19:16.701865441Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:19:16.703850028Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:19:16.705524593Z | 53 | PC: 13668 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:19:16.707067465Z | 37 | PC: 13671 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:19:16.70911689Z | 65 | PC: 1415c | Delete file (Filename = '����u)��') |
| 2018-12-17T22:19:16.720677667Z | 26 | PC: 13567 | Set disk transfer address |
| 2018-12-17T22:19:16.722322167Z | 78 | PC: 13573 | Find first file |
| 2018-12-17T22:19:16.730678389Z | 61 | PC: 14013 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:19:16.75222701Z | 63 | PC: 140e6 | Read file or device (Read 20 bytes on handle 6) |
| 2018-12-17T22:19:16.756594164Z | 62 | PC: 14063 | Close file |
| 2018-12-17T22:19:16.760093087Z | 26 | PC: 1358b | Set disk transfer address |
| 2018-12-17T22:19:16.761471374Z | 79 | PC: 13590 | Find next file |
| 2018-12-17T22:19:16.764719703Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:19:16.767345014Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:19:16.769117979Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:19:16.777499582Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:19:16.780336647Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:19:16.782278459Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:19:16.785764154Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:19:16.794383969Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:19:16.801430925Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:19:16.802657108Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:19:16.805057408Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:19:16.806472281Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:19:16.808539929Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:19:16.815953071Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:19:16.817368732Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:19:16.818581828Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:19:16.820205095Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:19:16.821361352Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:19:16.822967966Z | 37 | PC: 13841 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:19:16.826026803Z | 76 | PC: 13880 | Terminate with return code (Return code = '0') |
