.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:21:55.381232918Z | 44 | PC: 13e66 | Get time 0x13e66: mov byte ptr ds:[bp + 0x10e], dl 0x13e6b: mov byte ptr ds:[bp + 0x10c], dl 0x13e70: mov byte ptr ds:[bp + 0x103], dl 0x13e75: mov byte ptr ds:[bp + 0x104], dl 0x13e7a: mov byte ptr ds:[bp + 0x105], dl 0x13e7f: mov byte ptr ds:[bp + 0x106], dl 0x13e84: mov byte ptr ds:[bp + 0x107], dl 0x13e89: mov byte ptr ds:[bp + 0x108], dl 0x13e8e: mov byte ptr ds:[bp + 0x109], dl 0x13e93: mov byte ptr ds:[bp + 0x10a], dl 0x13e98: lea si, word ptr [bp + 0x343] 0x13e9c: mov cx, 0x2bc 0x13e9f: mov al, byte ptr ds:[bp + 0x33a] 0x13ea4: xor byte ptr [si], al 0x13ea6: inc si 0x13ea7: loop 0x13ea4 0x13ea9: mov ah, 0x4e 0x13eab: lea dx, word ptr [bp + 0x390] 0x13eaf: mov cx, 0 0x13eb2: int 0x21 |
| 2018-12-17T22:21:55.386004748Z | 78 | PC: 13eb4 | Find first file |
| 2018-12-17T22:21:55.393516683Z | 48 | PC: 13ed1 | Get DOS version |
| 2018-12-17T22:21:55.394793671Z | 53 | PC: 13ee0 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:21:55.397046791Z | 9 | PC: 12a85 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ') |
| 2018-12-17T22:21:55.403224788Z | 0 | PC: 12a89 | Program terminate |