.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:20:23.259835013Z | 219 | PC: 12afe | UNKNOWN! |
| 2018-12-17T22:20:23.261268896Z | 42 | PC: 12b14 | Get date 0x12b14: mov byte ptr cs:[bp + 0x1084], dl
0x12b19: cmp dh, 7
0x12b1c: jne 0x12b2f
0x12b1e: cmp dl, 4
0x12b21: jne 0x12b2f
0x12b23: jmp 0x1395d
0x12b26: and ax, word ptr [bp + di + 0x6f]
0x12b29: outsb dx, byte ptr [si]
0x12b2a: insb byte ptr es:[di], dx
0x12b2c: imul sp, word ptr [bp + di + 0x74], 0x21b0
0x12b31: call 0x12ff9
0x12b34: mov word ptr cs:[bp + 0x375], bx
0x12b39: mov word ptr cs:[bp + 0x377], es
0x12b3e: mov word ptr cs:[bp + 0x37a], bx
0x12b43: mov word ptr cs:[bp + 0x37c], es
0x12b48: xor di, di
0x12b4a: mov ah, 0x52
0x12b4c: int 0x21
0x12b4e: push bx
0x12b4f: mov bx, 0x109e
|
| 2018-12-17T22:20:23.263043603Z | 82 | PC: 12b4e | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T22:20:23.263891827Z | 82 | PC: 12ba0 | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T22:20:23.266320584Z | 77 | PC: 11fe0 | Get program return code |
| 2018-12-17T22:20:23.267850976Z | 72 | PC: 12174 | Allocate memory |
| 2018-12-17T22:20:23.269365186Z | 72 | PC: 1218d | Allocate memory |
| 2018-12-17T22:20:23.271124416Z | 37 | PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-17T22:20:23.27315515Z | 37 | PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:20:23.274368456Z | 37 | PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:20:23.275815412Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.27723685Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.278947959Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.280074259Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.28277565Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.283659316Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.285223033Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.286200158Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.287942801Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.288732506Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.290391723Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.291861187Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.293354095Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.294098402Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.296154066Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.297114155Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.298763656Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.300719496Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.3020692Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.302927139Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.304995401Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.305784569Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.307357317Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.309066806Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.311287938Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.312118028Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.314431052Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.315431341Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.317502551Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.319035966Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.321062622Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.322014929Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.324605503Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.325532389Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.327288614Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.328363414Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.33066654Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.331815469Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.333454898Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.335029769Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.336989704Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.337974865Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.340004266Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.340905873Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.342334216Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.343768131Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.345158571Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.346003579Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.349370477Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.350232133Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.351678675Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.353539102Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.355411412Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.356176229Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.359024059Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.359955531Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.363184243Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.364733611Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.366648514Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.367487434Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:23.371380338Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.372259569Z | 61 | PC: 9c071 | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-17T22:20:23.380577103Z | 62 | PC: 9c071 | Close file |
| 2018-12-17T22:20:23.383231801Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.384301162Z | 61 | PC: 12354 | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-17T22:20:23.388303011Z | 66 | PC: 12372 | Move file pointer |
| 2018-12-17T22:20:23.38962671Z | 63 | PC: 12383 | Read file or device (Read 44693 bytes on handle 5) |
| 2018-12-17T22:20:23.399466932Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:23.400259533Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:23.401709777Z | 62 | PC: 9c071 | Close file |
| 2018-12-17T22:20:23.403390434Z | 63 | PC: 9c071 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:20:23.406544485Z | 64 | PC: 9c071 | Write file or device (Write 4239 bytes on handle 5) |
| 2018-12-17T22:20:23.740926943Z | 64 | PC: 9c071 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:20:23.745841408Z | 87 | PC: 9c071 | Get or set file date and time |
| 2018-12-17T22:20:23.748276232Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:23.749976952Z | 62 | PC: 1238a | Close file |
| 2018-12-17T22:20:23.761389209Z | 99 | PC: 96357 | Get DBCS lead byte table pointer |
| 2018-12-17T22:20:23.763444865Z | 56 | PC: 90b79 | Get or set country info |
| 2018-12-17T22:20:23.766094682Z | 64 | PC: 965c8 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-17T22:20:23.772352617Z | 25 | PC: 90be2 | Get default drive |
| 2018-12-17T22:20:23.774546645Z | 71 | PC: 92e5d | Get current directory |
| 2018-12-17T22:20:23.780185827Z | 64 | PC: 965c8 | Write file or device (Write 3 bytes on handle 1) |
| 2018-12-17T22:20:23.784497558Z | 2 | PC: 92e32 | Character output (Char = '3e') |
| 2018-12-17T22:20:23.787509366Z | 93 | PC: 90ca0 | File sharing functions |
| 2018-12-17T22:20:23.789590628Z | 93 | PC: 90ca7 | File sharing functions |
| 2018-12-17T22:20:23.792300149Z | 10 | PC: 90cb9 | Buffered keyboard input |
| 2018-12-17T22:20:38.254667747Z | 0 | PC: 0 | Program terminate |
| 2018-12-17T22:20:39.613647249Z | 0 | PC: 0 | Program terminate |
| 2018-12-17T22:20:39.716694892Z | 64 | PC: 965c8 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-17T22:20:39.723665863Z | 41 | PC: 90d2e | Parse filename |
| 2018-12-17T22:20:39.726223553Z | 41 | PC: 90daf | Parse filename |
| 2018-12-17T22:20:39.73089607Z | 41 | PC: 90dcc | Parse filename |
| 2018-12-17T22:20:39.733580907Z | 26 | PC: 94277 | Set disk transfer address |
| 2018-12-17T22:20:39.735812486Z | 71 | PC: 94473 | Get current directory |
| 2018-12-17T22:20:39.745351948Z | 78 | PC: 9bbe9 | Find first file |
| 2018-12-17T22:20:39.75937284Z | 98 | PC: 9bfac | Get current PSP |
| 2018-12-17T22:20:39.760442023Z | 47 | PC: 9bc1b | Get disk transfer address |
| 2018-12-17T22:20:39.763221031Z | 71 | PC: 942ec | Get current directory |
| 2018-12-17T22:20:39.766898339Z | 73 | PC: 93989 | Release memory |
| 2018-12-17T22:20:39.768960096Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.770922328Z | 67 | PC: 9c071 | Get or set file attributes |
| 2018-12-17T22:20:39.777321232Z | 65 | PC: 9c071 | Delete file (Filename = 'mory
�
No free file handles�Bad Command or file name
�Access denied �
Memory allocation error&
Cannot load COMMAND, system halted
!
Cannot start COMMAND, exiting
.
Top level process aborted, cannot continue
�
�
�') |
| 2018-12-17T22:20:39.789526344Z | 67 | PC: 9c071 | Get or set file attributes |
| 2018-12-17T22:20:39.799055765Z | 65 | PC: 9c071 | Delete file (Filename = ' to fit in memory
�
No free file handles�Bad Command or file name
�Access denied �
Memory allocation error&
Cannot load COMMAND, system halted
!
Cannot start COMMAND, exiting
.
Top level process aborted, cannot continue
�
�
�') |
| 2018-12-17T22:20:39.806201277Z | 67 | PC: 9c071 | Get or set file attributes |
| 2018-12-17T22:20:39.812493388Z | 65 | PC: 9c071 | Delete file (Filename = ' free file handles�Bad Command or file name
�Access denied �
Memory allocation error&
Cannot load COMMAND, system halted
!
Cannot start COMMAND, exiting
.
Top level process aborted, cannot continue
�
�
�') |
| 2018-12-17T22:20:39.816594379Z | 67 | PC: 9c071 | Get or set file attributes |
| 2018-12-17T22:20:39.820848856Z | 65 | PC: 9c071 | Delete file (Filename = 'ndles�Bad Command or file name
�Access denied �
Memory allocation error&
Cannot load COMMAND, system halted
!
Cannot start COMMAND, exiting
.
Top level process aborted, cannot continue
�
�
�') |
| 2018-12-17T22:20:39.827325878Z | 67 | PC: 9c071 | Get or set file attributes |
| 2018-12-17T22:20:39.834102621Z | 65 | PC: 9c071 | Delete file (Filename = 'd Command or file name
�Access denied �
Memory allocation error&
Cannot load COMMAND, system halted
!
Cannot start COMMAND, exiting
.
Top level process aborted, cannot continue
�
�
�') |
| 2018-12-17T22:20:39.841491957Z | 67 | PC: 9c071 | Get or set file attributes |
| 2018-12-17T22:20:39.848245855Z | 65 | PC: 9c071 | Delete file (Filename = 'd or file name
�Access denied �
Memory allocation error&
Cannot load COMMAND, system halted
!
Cannot start COMMAND, exiting
.
Top level process aborted, cannot continue
�
�
�') |
| 2018-12-17T22:20:39.855974489Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.857794208Z | 75 | PC: 11821 | Execute program |
| 2018-12-17T22:20:39.87356916Z | 9 | PC: 12a47 | Display string (String= 'Hello, World!
') |
| 2018-12-17T22:20:39.878286938Z | 76 | PC: 12a4b | Terminate with return code (Return code = '36') |
| 2018-12-17T22:20:39.883797588Z | 77 | PC: 11fe0 | Get program return code |
| 2018-12-17T22:20:39.885627001Z | 72 | PC: 12174 | Allocate memory |
| 2018-12-17T22:20:39.888108551Z | 72 | PC: 1218d | Allocate memory |
| 2018-12-17T22:20:39.890957242Z | 37 | PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-17T22:20:39.892335326Z | 37 | PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:20:39.89367907Z | 37 | PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:20:39.900628463Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.902259179Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.904261898Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.905801927Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.907386729Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.908221748Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.911030972Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.911942097Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.913448568Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.914857816Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.916294415Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.917172278Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.919296642Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.920117177Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.921524397Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.92307532Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.924709098Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.925679581Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.927746526Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.928815201Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.930383085Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.932037201Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.933632224Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.934527003Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.936589729Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.937429412Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.938851495Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.940322949Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.941800731Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.942614232Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.944669573Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.94557346Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.947085797Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.948505806Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.949937064Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.950745564Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.952841698Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.953626065Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.955031645Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.956507218Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.957997061Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.958769503Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.960695437Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.961531106Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.963009384Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.964283065Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.965654378Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.966501252Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.968509944Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.969295497Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.970682774Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.977223509Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.97873716Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.97951152Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.981286249Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.982122196Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.983566296Z | 250 | PC: 9c0ae | UNKNOWN! |
| 2018-12-17T22:20:39.985082736Z | 69 | PC: 9c071 | Duplicate handle |
| 2018-12-17T22:20:39.986522299Z | 250 | PC: 9c0ca | UNKNOWN! |
| 2018-12-17T22:20:39.987346828Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:20:39.990102888Z | 99 | PC: 96357 | Get DBCS lead byte table pointer |
| 2018-12-17T22:20:39.991255245Z | 56 | PC: 90b79 | Get or set country info |
| 2018-12-17T22:20:39.992745683Z | 64 | PC: 965c8 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-17T22:20:40.010203174Z | 25 | PC: 90be2 | Get default drive |
| 2018-12-17T22:20:40.012038192Z | 71 | PC: 92e5d | Get current directory |
| 2018-12-17T22:20:40.016421597Z | 64 | PC: 965c8 | Write file or device (Write 3 bytes on handle 1) |
| 2018-12-17T22:20:40.02061882Z | 2 | PC: 92e32 | Character output (Char = '3e') |
| 2018-12-17T22:20:40.025420407Z | 93 | PC: 90ca0 | File sharing functions |
| 2018-12-17T22:20:40.028069289Z | 93 | PC: 90ca7 | File sharing functions |
| 2018-12-17T22:20:40.031002873Z | 10 | PC: 90cb9 | Buffered keyboard input |
