.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:20:07.643104423Z | 48 | PC: 1361d | Get DOS version |
| 2018-12-17T22:20:07.647842284Z | 25 | PC: 137a8 | Get default drive |
| 2018-12-17T22:20:07.648820703Z | 14 | PC: 137ae | Set default drive (Drive = 'A') |
| 2018-12-17T22:20:07.650412911Z | 37 | PC: 13643 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:20:07.651428997Z | 46 | PC: 13636 | Set verify flag |
| 2018-12-17T22:20:07.652813642Z | 71 | PC: 131ec | Get current directory |
| 2018-12-17T22:20:07.656179834Z | 59 | PC: 131be | Change current directory |
| 2018-12-17T22:20:07.662906208Z | 59 | PC: 131be | Change current directory |
| 2018-12-17T22:20:07.672580386Z | 71 | PC: 131ec | Get current directory |
| 2018-12-17T22:20:07.676356837Z | 59 | PC: 131be | Change current directory |
| 2018-12-17T22:20:07.685314452Z | 65 | PC: 133ef | Delete file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:20:07.704701911Z | 28 | PC: 13798 | Get allocation info for specified drive |
| 2018-12-17T22:20:07.744087908Z | 26 | PC: 1376d | Set disk transfer address |
| 2018-12-17T22:20:07.745644772Z | 78 | PC: 13302 | Find first file |
| 2018-12-17T22:20:07.754484043Z | 67 | PC: 133d7 | Get or set file attributes |
| 2018-12-17T22:20:08.10063128Z | 61 | PC: 13531 | Open file (Filename = 'C:\IO.SYS') |
| 2018-12-17T22:20:08.108271082Z | 66 | PC: 13488 | Move file pointer |
| 2018-12-17T22:20:08.110417176Z | 66 | PC: 13493 | Move file pointer |
| 2018-12-17T22:20:08.112542756Z | 66 | PC: 1349f | Move file pointer |
| 2018-12-17T22:20:08.120017672Z | 54 | PC: 1377e | Get free disk space |
| 2018-12-17T22:20:08.125291693Z | 66 | PC: 1356d | Move file pointer |
| 2018-12-17T22:20:08.127319247Z | 64 | PC: 13575 | Write file or device (Write 0 bytes on handle 5) |
| 2018-12-17T22:20:08.202263686Z | 66 | PC: 13580 | Move file pointer |
| 2018-12-17T22:20:08.203658785Z | 62 | PC: 13444 | Close file |
| 2018-12-17T22:20:08.2124678Z | 67 | PC: 133d7 | Get or set file attributes |
| 2018-12-17T22:20:08.219455327Z | 28 | PC: 13798 | Get allocation info for specified drive |
| 2018-12-17T22:20:08.220782662Z | 28 | PC: 13798 | Get allocation info for specified drive |
| 2018-12-17T22:20:08.221989732Z | 28 | PC: 13798 | Get allocation info for specified drive |
| 2018-12-17T22:20:08.224201059Z | 74 | PC: 13744 | Reallocate memory |
| 2018-12-17T22:20:08.225180049Z | 42 | PC: 130a0 | Get date 0x130a0: xchg ax, cx 0x130a1: xchg ax, dx 0x130a2: mov ch, bh 0x130a4: pop bx 0x130a5: ret 0x130a6: push cx 0x130a7: mov ah, 0x2c 0x130a9: int 0x21 0x130ab: xchg ax, dx 0x130ac: mov dx, cx 0x130ae: pop cx 0x130af: ret 0x130b0: push bx 0x130b1: push cx 0x130b2: push di 0x130b3: mov dx, cx 0x130b5: xchg ax, bx 0x130b6: mov bx, 0x5dc 0x130b9: cmp dx, bx 0x130bb: jae 0x130e8 |
| 2018-12-17T22:20:08.226715618Z | 44 | PC: 130ab | Get time 0x130ab: xchg ax, dx 0x130ac: mov dx, cx 0x130ae: pop cx 0x130af: ret 0x130b0: push bx 0x130b1: push cx 0x130b2: push di 0x130b3: mov dx, cx 0x130b5: xchg ax, bx 0x130b6: mov bx, 0x5dc 0x130b9: cmp dx, bx 0x130bb: jae 0x130e8 0x130bd: div bx 0x130bf: mov cx, dx 0x130c1: mov bl, 0xf0 0x130c3: cmp ah, bl 0x130c5: jae 0x130e8 0x130c7: div bl 0x130c9: mov di, ax 0x130cb: xchg ah, al |
| 2018-12-17T22:20:08.228572831Z | 61 | PC: 13531 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:20:08.234252741Z | 74 | PC: 13744 | Reallocate memory |
| 2018-12-17T22:20:08.235792545Z | 81 | PC: 12145 | Get current PSP |