.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:21:23.737330505Z | 26 | PC: 12a64 | Set disk transfer address |
| 2018-12-17T22:21:23.739222488Z | 37 | PC: 12a6f | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:21:23.742195354Z | 37 | PC: 12a73 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input') |
| 2018-12-17T22:21:23.74397492Z | 78 | PC: 12aba | Find first file |
| 2018-12-17T22:21:23.751207358Z | 61 | PC: 12b50 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:21:23.760449879Z | 63 | PC: 12b5f | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:21:23.767988334Z | 66 | PC: 12b6e | Move file pointer |
| 2018-12-17T22:21:23.770168733Z | 66 | PC: 12b7d | Move file pointer |
| 2018-12-17T22:21:23.77237404Z | 64 | PC: 12b89 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:21:23.776542495Z | 66 | PC: 12b95 | Move file pointer |
| 2018-12-17T22:21:23.778704749Z | 44 | PC: 12b99 | Get time 0x12b99: mov byte ptr [bp + 0x17c], dl 0x12b9d: call 0x12bb3 0x12ba0: mov ah, 0x40 0x12ba2: mov cx, 0x17c 0x12ba5: lea dx, word ptr [bp + 6] 0x12ba9: int 0x21 0x12bab: call 0x12bb3 0x12bae: mov ah, 0x3e 0x12bb0: int 0x21 0x12bb2: ret 0x12bb3: lea si, word ptr [bp + 0x11] 0x12bb7: mov cx, 0x14c 0x12bba: xor byte ptr [si], 0 0x12bbd: inc si 0x12bbe: dec cx 0x12bbf: jne 0x12bba 0x12bc1: ret 0x12bc2: add word ptr [bx], di 0x12bc4: aas 0x12bc5: aas |
| 2018-12-17T22:21:23.781871477Z | 64 | PC: 12bab | Write file or device (Write 380 bytes on handle 5) |
| 2018-12-17T22:21:23.798686912Z | 62 | PC: 12bb2 | Close file |
| 2018-12-17T22:21:23.812618657Z | 79 | PC: 12aba | Find next file |
| 2018-12-17T22:21:23.816082022Z | 61 | PC: 12b50 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:21:23.825623961Z | 63 | PC: 12b5f | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:21:23.833611951Z | 66 | PC: 12b6e | Move file pointer |
| 2018-12-17T22:21:23.836965824Z | 66 | PC: 12b7d | Move file pointer |
| 2018-12-17T22:21:23.840666723Z | 64 | PC: 12b89 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:21:23.844566796Z | 66 | PC: 12b95 | Move file pointer |
| 2018-12-17T22:21:23.846870048Z | 44 | PC: 12b99 | Get time 0x12b99: mov byte ptr [bp + 0x17c], dl 0x12b9d: call 0x12bb3 0x12ba0: mov ah, 0x40 0x12ba2: mov cx, 0x17c 0x12ba5: lea dx, word ptr [bp + 6] 0x12ba9: int 0x21 0x12bab: call 0x12bb3 0x12bae: mov ah, 0x3e 0x12bb0: int 0x21 0x12bb2: ret 0x12bb3: lea si, word ptr [bp + 0x11] 0x12bb7: mov cx, 0x14c 0x12bba: xor byte ptr [si], 0x3f 0x12bbd: inc si 0x12bbe: dec cx 0x12bbf: jne 0x12bba 0x12bc1: ret 0x12bc2: add word ptr [bx], di 0x12bc4: aas 0x12bc5: aas |
| 2018-12-17T22:21:23.850037223Z | 64 | PC: 12bab | Write file or device (Write 380 bytes on handle 5) |
| 2018-12-17T22:21:23.854335327Z | 62 | PC: 12bb2 | Close file |
| 2018-12-17T22:21:23.865050107Z | 79 | PC: 12aba | Find next file |
| 2018-12-17T22:21:23.869164412Z | 61 | PC: 12b50 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:21:23.878579305Z | 63 | PC: 12b5f | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:21:23.886235824Z | 66 | PC: 12b6e | Move file pointer |
| 2018-12-17T22:21:23.888260401Z | 66 | PC: 12b7d | Move file pointer |
| 2018-12-17T22:21:23.892505319Z | 64 | PC: 12b89 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:21:23.895761686Z | 66 | PC: 12b95 | Move file pointer |
| 2018-12-17T22:21:23.897588003Z | 44 | PC: 12b99 | Get time 0x12b99: mov byte ptr [bp + 0x17c], dl 0x12b9d: call 0x12bb3 0x12ba0: mov ah, 0x40 0x12ba2: mov cx, 0x17c 0x12ba5: lea dx, word ptr [bp + 6] 0x12ba9: int 0x21 0x12bab: call 0x12bb3 0x12bae: mov ah, 0x3e 0x12bb0: int 0x21 0x12bb2: ret 0x12bb3: lea si, word ptr [bp + 0x11] 0x12bb7: mov cx, 0x14c 0x12bba: xor byte ptr [si], 0x45 0x12bbd: inc si 0x12bbe: dec cx 0x12bbf: jne 0x12bba 0x12bc1: ret 0x12bc2: add word ptr [bx], di 0x12bc4: aas 0x12bc5: aas |
| 2018-12-17T22:21:23.902438066Z | 64 | PC: 12bab | Write file or device (Write 380 bytes on handle 5) |
| 2018-12-17T22:21:23.905995396Z | 62 | PC: 12bb2 | Close file |
| 2018-12-17T22:21:23.915361576Z | 79 | PC: 12aba | Find next file |
| 2018-12-17T22:21:23.919179152Z | 61 | PC: 12b50 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:21:23.953350334Z | 63 | PC: 12b5f | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:21:23.961951537Z | 66 | PC: 12b6e | Move file pointer |
| 2018-12-17T22:21:23.964287468Z | 66 | PC: 12b7d | Move file pointer |
| 2018-12-17T22:21:23.96678904Z | 64 | PC: 12b89 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:21:23.970370724Z | 66 | PC: 12b95 | Move file pointer |
| 2018-12-17T22:21:23.972581468Z | 44 | PC: 12b99 | Get time 0x12b99: mov byte ptr [bp + 0x17c], dl 0x12b9d: call 0x12bb3 0x12ba0: mov ah, 0x40 0x12ba2: mov cx, 0x17c 0x12ba5: lea dx, word ptr [bp + 6] 0x12ba9: int 0x21 0x12bab: call 0x12bb3 0x12bae: mov ah, 0x3e 0x12bb0: int 0x21 0x12bb2: ret 0x12bb3: lea si, word ptr [bp + 0x11] 0x12bb7: mov cx, 0x14c 0x12bba: xor byte ptr [si], 0x4a 0x12bbd: inc si 0x12bbe: dec cx 0x12bbf: jne 0x12bba 0x12bc1: ret 0x12bc2: add word ptr [bx], di 0x12bc4: aas 0x12bc5: aas |
| 2018-12-17T22:21:23.978109608Z | 64 | PC: 12bab | Write file or device (Write 380 bytes on handle 5) |
| 2018-12-17T22:21:23.981848935Z | 62 | PC: 12bb2 | Close file |
| 2018-12-17T22:21:23.991644186Z | 79 | PC: 12aba | Find next file |
| 2018-12-17T22:21:23.996254616Z | 61 | PC: 12b50 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:21:24.003799017Z | 63 | PC: 12b5f | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:21:24.011505207Z | 66 | PC: 12b6e | Move file pointer |
| 2018-12-17T22:21:24.014459869Z | 66 | PC: 12b7d | Move file pointer |
| 2018-12-17T22:21:24.016388255Z | 64 | PC: 12b89 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:21:24.019423464Z | 66 | PC: 12b95 | Move file pointer |
| 2018-12-17T22:21:24.021958964Z | 44 | PC: 12b99 | Get time 0x12b99: mov byte ptr [bp + 0x17c], dl 0x12b9d: call 0x12bb3 0x12ba0: mov ah, 0x40 0x12ba2: mov cx, 0x17c 0x12ba5: lea dx, word ptr [bp + 6] 0x12ba9: int 0x21 0x12bab: call 0x12bb3 0x12bae: mov ah, 0x3e 0x12bb0: int 0x21 0x12bb2: ret 0x12bb3: lea si, word ptr [bp + 0x11] 0x12bb7: mov cx, 0x14c 0x12bba: xor byte ptr [si], 0x50 0x12bbd: inc si 0x12bbe: dec cx 0x12bbf: jne 0x12bba 0x12bc1: ret 0x12bc2: add word ptr [bx], di 0x12bc4: aas 0x12bc5: aas |
| 2018-12-17T22:21:24.02507871Z | 64 | PC: 12bab | Write file or device (Write 380 bytes on handle 5) |
| 2018-12-17T22:21:24.028761204Z | 62 | PC: 12bb2 | Close file |
| 2018-12-17T22:21:24.037739927Z | 79 | PC: 12aba | Find next file |
| 2018-12-17T22:21:24.041531345Z | 61 | PC: 12b50 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:21:24.050477797Z | 63 | PC: 12b5f | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:21:24.058084356Z | 66 | PC: 12b6e | Move file pointer |
| 2018-12-17T22:21:24.061018803Z | 66 | PC: 12b7d | Move file pointer |
| 2018-12-17T22:21:24.062950156Z | 64 | PC: 12b89 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:21:24.066282442Z | 66 | PC: 12b95 | Move file pointer |
| 2018-12-17T22:21:24.069627131Z | 44 | PC: 12b99 | Get time 0x12b99: mov byte ptr [bp + 0x17c], dl 0x12b9d: call 0x12bb3 0x12ba0: mov ah, 0x40 0x12ba2: mov cx, 0x17c 0x12ba5: lea dx, word ptr [bp + 6] 0x12ba9: int 0x21 0x12bab: call 0x12bb3 0x12bae: mov ah, 0x3e 0x12bb0: int 0x21 0x12bb2: ret 0x12bb3: lea si, word ptr [bp + 0x11] 0x12bb7: mov cx, 0x14c 0x12bba: xor byte ptr [si], 0x50 0x12bbd: inc si 0x12bbe: dec cx 0x12bbf: jne 0x12bba 0x12bc1: ret 0x12bc2: add word ptr [bx], di 0x12bc4: aas 0x12bc5: aas |
| 2018-12-17T22:21:24.0728115Z | 64 | PC: 12bab | Write file or device (Write 380 bytes on handle 5) |
| 2018-12-17T22:21:24.082276372Z | 62 | PC: 12bb2 | Close file |
| 2018-12-17T22:21:24.092690605Z | 79 | PC: 12aba | Find next file |
| 2018-12-17T22:21:24.095988609Z | 61 | PC: 12b50 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:21:24.104109676Z | 63 | PC: 12b5f | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:21:24.112878201Z | 66 | PC: 12b6e | Move file pointer |
| 2018-12-17T22:21:24.115020637Z | 66 | PC: 12b7d | Move file pointer |
| 2018-12-17T22:21:24.116940602Z | 64 | PC: 12b89 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:21:24.120264828Z | 66 | PC: 12b95 | Move file pointer |
| 2018-12-17T22:21:24.123062319Z | 44 | PC: 12b99 | Get time 0x12b99: mov byte ptr [bp + 0x17c], dl 0x12b9d: call 0x12bb3 0x12ba0: mov ah, 0x40 0x12ba2: mov cx, 0x17c 0x12ba5: lea dx, word ptr [bp + 6] 0x12ba9: int 0x21 0x12bab: call 0x12bb3 0x12bae: mov ah, 0x3e 0x12bb0: int 0x21 0x12bb2: ret 0x12bb3: lea si, word ptr [bp + 0x11] 0x12bb7: mov cx, 0x14c 0x12bba: xor byte ptr [si], 0x55 0x12bbd: inc si 0x12bbe: dec cx 0x12bbf: jne 0x12bba 0x12bc1: ret 0x12bc2: add word ptr [bx], di 0x12bc4: aas 0x12bc5: aas |
| 2018-12-17T22:21:24.126454102Z | 64 | PC: 12bab | Write file or device (Write 380 bytes on handle 5) |
| 2018-12-17T22:21:24.129995802Z | 62 | PC: 12bb2 | Close file |
| 2018-12-17T22:21:24.139911321Z | 79 | PC: 12aba | Find next file |
| 2018-12-17T22:21:24.143137931Z | 61 | PC: 12b50 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:21:24.151226175Z | 63 | PC: 12b5f | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:21:24.155112969Z | 62 | PC: 12bb2 | Close file |
| 2018-12-17T22:21:24.157527332Z | 79 | PC: 12aba | Find next file |
| 2018-12-17T22:21:24.164673611Z | 59 | PC: 12acb | Change current directory |
| 2018-12-17T22:21:24.170418137Z | 26 | PC: 12ad4 | Set disk transfer address |