.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:19:34.588314623Z | 26 | PC: 132a6 | Set disk transfer address |
| 2018-12-17T22:19:34.589898942Z | 53 | PC: 132ab | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:19:34.592311143Z | 37 | PC: 132b6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:19:34.59415783Z | 67 | PC: 13344 | Get or set file attributes |
| 2018-12-17T22:19:34.600436719Z | 67 | PC: 13350 | Get or set file attributes |
| 2018-12-17T22:19:34.928732458Z | 61 | PC: 13357 | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-17T22:19:34.937198095Z | 87 | PC: 1335d | Get or set file date and time |
| 2018-12-17T22:19:34.939244974Z | 63 | PC: 1336a | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:19:34.948666617Z | 66 | PC: 13372 | Move file pointer |
| 2018-12-17T22:19:34.950174167Z | 44 | PC: 133af | Get time 0x133af: add si, 0xf 0x133b2: mov word ptr ds:[bp + 0x104], si 0x133b7: mov word ptr ds:[bp + 0x10b], dx 0x133bc: mov cx, 0xde 0x133bf: lea si, word ptr [bp + 0x103] 0x133c3: lea di, word ptr [bp + 0x33e] 0x133c7: push si 0x133c8: rep movsd dword ptr es:[di], dword ptr [si] 0x133ca: lea ax, word ptr [bp + 0x34d] 0x133ce: mov word ptr ds:[bp + 0x104], ax 0x133d3: pop si 0x133d4: push word ptr [bp + 0x112] 0x133d8: mov byte ptr [bp + 0x112], 0xc3 0x133dd: push bx 0x133de: call si 0x133e0: pop bx 0x133e1: pop word ptr [bp + 0x112] 0x133e5: mov ah, 0x40 0x133e7: mov cx, 0x1bc 0x133ea: lea dx, word ptr [bp + 0x33e] |
| 2018-12-17T22:19:34.952945765Z | 64 | PC: 133f0 | Write file or device (Write 444 bytes on handle 5) |
| 2018-12-17T22:19:34.961246927Z | 66 | PC: 133f8 | Move file pointer |
| 2018-12-17T22:19:34.968635578Z | 64 | PC: 13403 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:19:34.972045984Z | 87 | PC: 1340f | Get or set file date and time |
| 2018-12-17T22:19:34.974144815Z | 62 | PC: 13413 | Close file |
| 2018-12-17T22:19:34.980051679Z | 67 | PC: 13418 | Get or set file attributes |
| 2018-12-17T22:19:34.986663599Z | 78 | PC: 132f3 | Find first file |
| 2018-12-17T22:19:34.994685305Z | 79 | PC: 132f3 | Find next file |
| 2018-12-17T22:19:34.997463218Z | 79 | PC: 132f3 | Find next file |
| 2018-12-17T22:19:34.999317728Z | 79 | PC: 132f3 | Find next file |
| 2018-12-17T22:19:35.001740059Z | 79 | PC: 132f3 | Find next file |
| 2018-12-17T22:19:35.014055753Z | 79 | PC: 132f3 | Find next file |
| 2018-12-17T22:19:35.017121584Z | 79 | PC: 132f3 | Find next file |
| 2018-12-17T22:19:35.021274917Z | 79 | PC: 132f3 | Find next file |
| 2018-12-17T22:19:35.023903986Z | 67 | PC: 13344 | Get or set file attributes |
| 2018-12-17T22:19:35.028752309Z | 67 | PC: 13350 | Get or set file attributes |
| 2018-12-17T22:19:35.041434506Z | 61 | PC: 13357 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:19:35.048534416Z | 87 | PC: 1335d | Get or set file date and time |
| 2018-12-17T22:19:35.049921381Z | 63 | PC: 1336a | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:19:35.051796912Z | 66 | PC: 13372 | Move file pointer |
| 2018-12-17T22:19:35.052983316Z | 87 | PC: 1340f | Get or set file date and time |
| 2018-12-17T22:19:35.055803625Z | 62 | PC: 13413 | Close file |
| 2018-12-17T22:19:35.065665744Z | 67 | PC: 13418 | Get or set file attributes |
| 2018-12-17T22:19:35.077009454Z | 79 | PC: 132f3 | Find next file |
| 2018-12-17T22:19:35.080922031Z | 37 | PC: 13329 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:19:35.082561072Z | 26 | PC: 13330 | Set disk transfer address |