.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:21:32.561292471Z | 26 | PC: 12b26 | Set disk transfer address |
| 2018-12-17T22:21:32.563380718Z | 78 | PC: 12b2e | Find first file |
| 2018-12-17T22:21:32.570553617Z | 47 | PC: 12b3a | Get disk transfer address |
| 2018-12-17T22:21:32.571726791Z | 61 | PC: 12b4a | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:21:32.578803752Z | 87 | PC: 12b50 | Get or set file date and time |
| 2018-12-17T22:21:32.581246585Z | 63 | PC: 12b70 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:21:32.588256006Z | 66 | PC: 12b82 | Move file pointer |
| 2018-12-17T22:21:32.58975149Z | 64 | PC: 12b8d | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:21:32.593215207Z | 66 | PC: 12b96 | Move file pointer |
| 2018-12-17T22:21:32.594922183Z | 44 | PC: 12acf | Get time 0x12acf: mov byte ptr [bp + 0x123], cl 0x12ad3: mov cx, 0xde 0x12ad6: lea si, word ptr [bp + 0x16f] 0x12ada: lea di, word ptr [bp + 0x235] 0x12ade: movsb byte ptr es:[di], byte ptr [si] 0x12adf: mov al, byte ptr [bp + 0x235] 0x12ae3: xor al, byte ptr [bp + 0x123] 0x12ae7: mov byte ptr [bp + 0x235], al 0x12aeb: lea di, word ptr [si - 1] 0x12aee: lea si, word ptr [bp + 0x235] 0x12af2: movsb byte ptr es:[di], byte ptr [si] 0x12af3: mov si, di 0x12af5: loop 0x12ada 0x12af7: ret 0x12af8: jmp 0x12b13 0x12afb: call 0x22acb 0x12afe: mov ah, 0x40 0x12b00: mov cx, 0x14d 0x12b03: lea dx, word ptr [bp + 0x100] 0x12b07: int 0x21 |
| 2018-12-17T22:21:32.597751133Z | 64 | PC: 12b09 | Write file or device (Write 333 bytes on handle 5) |
| 2018-12-17T22:21:32.614446118Z | 87 | PC: 12ba8 | Get or set file date and time |
| 2018-12-17T22:21:32.616385292Z | 62 | PC: 12bac | Close file |
| 2018-12-17T22:21:32.625138859Z | 79 | PC: 12b2e | Find next file |
| 2018-12-17T22:21:32.627958165Z | 47 | PC: 12b3a | Get disk transfer address |
| 2018-12-17T22:21:32.631013353Z | 61 | PC: 12b4a | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:21:32.639182995Z | 87 | PC: 12b50 | Get or set file date and time |
| 2018-12-17T22:21:32.640703273Z | 63 | PC: 12b70 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:21:32.648277738Z | 66 | PC: 12b82 | Move file pointer |
| 2018-12-17T22:21:32.64984653Z | 64 | PC: 12b8d | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:21:32.652843359Z | 66 | PC: 12b96 | Move file pointer |
| 2018-12-17T22:21:32.655199982Z | 44 | PC: 12acf | Get time 0x12acf: mov byte ptr [bp + 0x123], cl 0x12ad3: mov cx, 0xde 0x12ad6: lea si, word ptr [bp + 0x16f] 0x12ada: lea di, word ptr [bp + 0x235] 0x12ade: movsb byte ptr es:[di], byte ptr [si] 0x12adf: mov al, byte ptr [bp + 0x235] 0x12ae3: xor al, byte ptr [bp + 0x123] 0x12ae7: mov byte ptr [bp + 0x235], al 0x12aeb: lea di, word ptr [si - 1] 0x12aee: lea si, word ptr [bp + 0x235] 0x12af2: movsb byte ptr es:[di], byte ptr [si] 0x12af3: mov si, di 0x12af5: loop 0x12ada 0x12af7: ret 0x12af8: jmp 0x12b13 0x12afb: call 0x22acb 0x12afe: mov ah, 0x40 0x12b00: mov cx, 0x14d 0x12b03: lea dx, word ptr [bp + 0x100] 0x12b07: int 0x21 |
| 2018-12-17T22:21:32.65786637Z | 64 | PC: 12b09 | Write file or device (Write 333 bytes on handle 5) |
| 2018-12-17T22:21:32.66103388Z | 87 | PC: 12ba8 | Get or set file date and time |
| 2018-12-17T22:21:32.663302796Z | 62 | PC: 12bac | Close file |
| 2018-12-17T22:21:32.671580875Z | 79 | PC: 12b2e | Find next file |
| 2018-12-17T22:21:32.674518677Z | 47 | PC: 12b3a | Get disk transfer address |
| 2018-12-17T22:21:32.676990853Z | 61 | PC: 12b4a | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:21:32.685958588Z | 87 | PC: 12b50 | Get or set file date and time |
| 2018-12-17T22:21:32.687483989Z | 63 | PC: 12b70 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:21:32.694769806Z | 66 | PC: 12b82 | Move file pointer |
| 2018-12-17T22:21:32.696507836Z | 64 | PC: 12b8d | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:21:32.699395685Z | 66 | PC: 12b96 | Move file pointer |
| 2018-12-17T22:21:32.700850652Z | 44 | PC: 12acf | Get time 0x12acf: mov byte ptr [bp + 0x123], cl 0x12ad3: mov cx, 0xde 0x12ad6: lea si, word ptr [bp + 0x16f] 0x12ada: lea di, word ptr [bp + 0x235] 0x12ade: movsb byte ptr es:[di], byte ptr [si] 0x12adf: mov al, byte ptr [bp + 0x235] 0x12ae3: xor al, byte ptr [bp + 0x123] 0x12ae7: mov byte ptr [bp + 0x235], al 0x12aeb: lea di, word ptr [si - 1] 0x12aee: lea si, word ptr [bp + 0x235] 0x12af2: movsb byte ptr es:[di], byte ptr [si] 0x12af3: mov si, di 0x12af5: loop 0x12ada 0x12af7: ret 0x12af8: jmp 0x12b13 0x12afb: call 0x22acb 0x12afe: mov ah, 0x40 0x12b00: mov cx, 0x14d 0x12b03: lea dx, word ptr [bp + 0x100] 0x12b07: int 0x21 |
| 2018-12-17T22:21:32.703691002Z | 64 | PC: 12b09 | Write file or device (Write 333 bytes on handle 5) |
| 2018-12-17T22:21:32.707138612Z | 87 | PC: 12ba8 | Get or set file date and time |
| 2018-12-17T22:21:32.708656306Z | 62 | PC: 12bac | Close file |
| 2018-12-17T22:21:32.717192743Z | 26 | PC: 12bc0 | Set disk transfer address |