.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:22:20.383229735Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:22:20.385333721Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:22:20.386607917Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:22:20.387773621Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:22:20.389793215Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:22:20.390916748Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:22:20.391974609Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:22:20.393339379Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:22:20.394840477Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:22:20.396256678Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:22:20.397709003Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:22:20.399311573Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:22:20.401071836Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:22:20.402746822Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:22:20.405029797Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:22:20.406527884Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:22:20.407798686Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:22:20.409640681Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:22:20.411003699Z | 53 | PC: 13aea | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:22:20.414443219Z | 37 | PC: 13aff | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:22:20.423549797Z | 37 | PC: 13b07 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:22:20.424876637Z | 37 | PC: 13b0f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:22:20.425981069Z | 37 | PC: 13b17 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:22:20.427998219Z | 68 | PC: 14644 | I/O control for devices (Set for = '') |
| 2018-12-17T22:22:20.433684718Z | 44 | PC: 14adc | Get time 0x14adc: mov word ptr [0x46], cx 0x14ae0: mov word ptr [0x48], dx 0x14ae4: retf 0x14ae5: call 0x14b2c 0x14ae8: jb 0x14af9 0x14aea: mov cx, word ptr es:[di + 4] 0x14aee: cmp cx, 1 0x14af1: je 0x14af9 0x14af3: xor bx, bx 0x14af5: push cs 0x14af6: call 0x24307 0x14af9: retf 4 0x14afc: call 0x14b2c 0x14aff: jb 0x14b14 0x14b01: mov ax, cx 0x14b03: mov dx, bx 0x14b05: mov cx, word ptr es:[di + 4] 0x14b09: cmp cx, 1 0x14b0c: je 0x14b14 0x14b0e: xor bx, bx |
| 2018-12-17T22:22:20.435122943Z | 48 | PC: 1416f | Get DOS version |
| 2018-12-17T22:22:20.436676822Z | 48 | PC: 1416f | Get DOS version |
| 2018-12-17T22:22:20.437919011Z | 61 | PC: 13fad | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:22:20.444518469Z | 63 | PC: 14080 | Read file or device (Read 5546 bytes on handle 5) |
| 2018-12-17T22:22:20.45265456Z | 66 | PC: 14b46 | Move file pointer |
| 2018-12-17T22:22:20.453912103Z | 66 | PC: 14b54 | Move file pointer |
| 2018-12-17T22:22:20.455170596Z | 66 | PC: 14b62 | Move file pointer |
| 2018-12-17T22:22:20.457051446Z | 66 | PC: 140df | Move file pointer |
| 2018-12-17T22:22:20.458479006Z | 63 | PC: 14080 | Read file or device (Read 1 bytes on handle 5) |
| 2018-12-17T22:22:20.461283325Z | 62 | PC: 13ffd | Close file |
| 2018-12-17T22:22:20.463728667Z | 48 | PC: 1416f | Get DOS version |
| 2018-12-17T22:22:20.465338207Z | 48 | PC: 1416f | Get DOS version |
| 2018-12-17T22:22:20.466579201Z | 26 | PC: 13893 | Set disk transfer address |
| 2018-12-17T22:22:20.468147596Z | 78 | PC: 1389f | Find first file |
| 2018-12-17T22:22:20.474653876Z | 48 | PC: 1416f | Get DOS version |
| 2018-12-17T22:22:20.476004303Z | 67 | PC: 1381c | Get or set file attributes |
| 2018-12-17T22:22:20.492454214Z | 61 | PC: 13fad | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:22:20.499445861Z | 66 | PC: 140df | Move file pointer |
| 2018-12-17T22:22:20.501313098Z | 63 | PC: 14080 | Read file or device (Read 5546 bytes on handle 5) |
| 2018-12-17T22:22:20.510014554Z | 66 | PC: 140df | Move file pointer |
| 2018-12-17T22:22:20.512199789Z | 64 | PC: 13fde | Write file or device (Write 0 bytes on handle 5) |
| 2018-12-17T22:22:20.520261641Z | 66 | PC: 140df | Move file pointer |
| 2018-12-17T22:22:20.522392342Z | 64 | PC: 14080 | Write file or device (Write 5546 bytes on handle 5) |
| 2018-12-17T22:22:20.530684755Z | 87 | PC: 13863 | Get or set file date and time |
| 2018-12-17T22:22:20.532104604Z | 67 | PC: 1381c | Get or set file attributes |
| 2018-12-17T22:22:20.543254348Z | 62 | PC: 13ffd | Close file |
| 2018-12-17T22:22:20.549993067Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:22:20.551058735Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:22:20.552764794Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:22:20.55405186Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:22:20.555225364Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:22:20.557477454Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:22:20.558612126Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:22:20.559763129Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:22:20.561101752Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:22:20.563078418Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:22:20.564146772Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:22:20.565811455Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:22:20.567319734Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:22:20.568448451Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:22:20.569533799Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:22:20.57081023Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:22:20.571842899Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:22:20.572895098Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:22:20.574078484Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:22:20.574957491Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:22:20.575911178Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:22:20.576948152Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:22:20.577992849Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:22:20.579008281Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:22:20.5803439Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:22:20.581331828Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:22:20.582268014Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:22:20.583526022Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:22:20.584635957Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:22:20.58575267Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:22:20.601754875Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:22:20.603407123Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:22:20.605406591Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:22:20.607946485Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:22:20.609449475Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:22:20.611001757Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:22:20.613433265Z | 53 | PC: 13a66 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:22:20.614926173Z | 37 | PC: 13a6f | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:22:20.616534913Z | 41 | PC: 13a1d | Parse filename |
| 2018-12-17T22:22:20.619122641Z | 41 | PC: 13a2b | Parse filename |
| 2018-12-17T22:22:20.620229306Z | 75 | PC: 13a36 | Execute program |