.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:22:32.033357817Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:22:32.03527813Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:22:32.036839246Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:22:32.038908678Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:22:32.040183069Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:22:32.041780299Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:22:32.042972742Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:22:32.044143481Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:22:32.045912819Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:22:32.047108586Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:22:32.048264111Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:22:32.050078295Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:22:32.051260091Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:22:32.052407688Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:22:32.055087421Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:22:32.056467014Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:22:32.057782633Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:22:32.059528406Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:22:32.061646591Z | 53 | PC: 1447a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:22:32.06377626Z | 37 | PC: 1448f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:22:32.065780699Z | 37 | PC: 14497 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:22:32.067776716Z | 37 | PC: 1449f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:22:32.069357395Z | 37 | PC: 144a7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:22:32.071328305Z | 68 | PC: 151d7 | I/O control for devices (Set for = '') |
| 2018-12-17T22:22:32.165158225Z | 37 | PC: 13c71 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:22:32.167025172Z | 54 | PC: 14213 | Get free disk space |
| 2018-12-17T22:22:32.17852848Z | 48 | PC: 14d02 | Get DOS version |
| 2018-12-17T22:22:32.180274174Z | 60 | PC: 14b40 | Create or truncate file |
| 2018-12-17T22:22:32.523888851Z | 61 | PC: 14b40 | Open file (Filename = 'A:\TEST.COM') |
| 2018-12-17T22:22:32.533287244Z | 63 | PC: 14c13 | Read file or device (Read 11824 bytes on handle 6) |
| 2018-12-17T22:22:32.54227805Z | 64 | PC: 14c13 | Write file or device (Write 11824 bytes on handle 5) |
| 2018-12-17T22:22:32.56077239Z | 62 | PC: 14b90 | Close file |
| 2018-12-17T22:22:32.565890936Z | 62 | PC: 14b90 | Close file |
| 2018-12-17T22:22:32.585506074Z | 44 | PC: 1530e | Get time 0x1530e: mov word ptr [0x3e], cx 0x15312: mov word ptr [0x40], dx 0x15316: retf 0x15317: call 0x1535e 0x1531a: jb 0x1532b 0x1531c: mov cx, word ptr es:[di + 4] 0x15320: cmp cx, 1 0x15323: je 0x1532b 0x15325: xor bx, bx 0x15327: push cs 0x15328: call 0x24e9a 0x1532b: retf 4 0x1532e: call 0x1535e 0x15331: jb 0x15346 0x15333: mov ax, cx 0x15335: mov dx, bx 0x15337: mov cx, word ptr es:[di + 4] 0x1533b: cmp cx, 1 0x1533e: je 0x15346 0x15340: xor bx, bx |
| 2018-12-17T22:22:32.58847951Z | 25 | PC: 14d8f | Get default drive |
| 2018-12-17T22:22:32.590418335Z | 71 | PC: 14da2 | Get current directory |
| 2018-12-17T22:22:32.594946729Z | 48 | PC: 14d02 | Get DOS version |
| 2018-12-17T22:22:32.597247658Z | 26 | PC: 1428b | Set disk transfer address |
| 2018-12-17T22:22:32.598487248Z | 78 | PC: 14297 | Find first file |
| 2018-12-17T22:22:32.606310955Z | 48 | PC: 14d02 | Get DOS version |
| 2018-12-17T22:22:32.608852221Z | 86 | PC: 14ccd | Rename file |
| 2018-12-17T22:22:32.630198177Z | 67 | PC: 14233 | Get or set file attributes |
| 2018-12-17T22:22:32.638746088Z | 67 | PC: 1425a | Get or set file attributes |
| 2018-12-17T22:22:32.650084204Z | 61 | PC: 14b40 | Open file (Filename = 'A:\TEST.OLD') |
| 2018-12-17T22:22:32.658051399Z | 48 | PC: 14d02 | Get DOS version |
| 2018-12-17T22:22:32.660688146Z | 60 | PC: 14b40 | Create or truncate file |
| 2018-12-17T22:22:32.691570791Z | 66 | PC: 14c72 | Move file pointer |
| 2018-12-17T22:22:32.693283195Z | 63 | PC: 14c13 | Read file or device (Read 4000 bytes on handle 5) |
| 2018-12-17T22:22:32.697025892Z | 62 | PC: 14b90 | Close file |
| 2018-12-17T22:22:32.700249527Z | 62 | PC: 14b90 | Close file |
| 2018-12-17T22:22:32.702722688Z | 48 | PC: 14d02 | Get DOS version |
| 2018-12-17T22:22:32.70486551Z | 67 | PC: 1425a | Get or set file attributes |
| 2018-12-17T22:22:32.716882793Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:22:32.71821746Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:22:32.719450717Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:22:32.721078009Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:22:32.723019939Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:22:32.724975798Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:22:32.727568226Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:22:32.729382625Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:22:32.731161707Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:22:32.733980695Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:22:32.735821429Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:22:32.737674338Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:22:32.74032551Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:22:32.742373758Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:22:32.744068817Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:22:32.747350066Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:22:32.74887236Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:22:32.750457351Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:22:32.752561727Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:22:32.755302036Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:22:32.756876158Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:22:32.758504006Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:22:32.761653563Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:22:32.763279988Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:22:32.764865989Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:22:32.767682512Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:22:32.769407134Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:22:32.77122176Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:22:32.774031692Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:22:32.776155542Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:22:32.778553657Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:22:32.781318243Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:22:32.783047171Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:22:32.784850374Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:22:32.787325474Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:22:32.789196117Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:22:32.790560753Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:22:32.792728184Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:22:32.793807355Z | 48 | PC: 14d02 | Get DOS version |
| 2018-12-17T22:22:32.795082239Z | 41 | PC: 143a7 | Parse filename |
| 2018-12-17T22:22:32.797275543Z | 41 | PC: 143b5 | Parse filename |
| 2018-12-17T22:22:32.798783356Z | 75 | PC: 143c0 | Execute program |
| 2018-12-17T22:22:32.804535932Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:22:32.805980397Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:22:32.807939176Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:22:32.809024557Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:22:32.810115537Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:22:32.811998333Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:22:32.812975319Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:22:32.814014833Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:22:32.816909504Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:22:32.819622577Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:22:32.821752937Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:22:32.82376911Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:22:32.825277499Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:22:32.826497092Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:22:32.828490669Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:22:32.830271621Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:22:32.831859238Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:22:32.834168184Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:22:32.836424584Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:22:32.838266056Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:22:32.841097338Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:22:32.84281706Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:22:32.844460286Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:22:32.847341696Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:22:32.848996602Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:22:32.850650843Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:22:32.853409087Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:22:32.854769049Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:22:32.85635867Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:22:32.857764136Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:22:32.859778829Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:22:32.861651125Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:22:32.863922481Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:22:32.865821053Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:22:32.867545572Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:22:32.869344279Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:22:32.872185141Z | 53 | PC: 143f0 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:22:32.874242341Z | 37 | PC: 143f9 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:22:32.881128889Z | 48 | PC: 14d02 | Get DOS version |
| 2018-12-17T22:22:32.883695885Z | 26 | PC: 1428b | Set disk transfer address |
| 2018-12-17T22:22:32.885028352Z | 78 | PC: 14297 | Find first file |
| 2018-12-17T22:22:32.891998555Z | 67 | PC: 1425a | Get or set file attributes |
| 2018-12-17T22:22:32.904963594Z | 65 | PC: 14c89 | Delete file (Filename = 'A:\TEST.COM') |
| 2018-12-17T22:22:32.923248458Z | 48 | PC: 14d02 | Get DOS version |
| 2018-12-17T22:22:32.926436881Z | 86 | PC: 14ccd | Rename file |
| 2018-12-17T22:22:32.943827031Z | 48 | PC: 14d02 | Get DOS version |
| 2018-12-17T22:22:32.945618679Z | 67 | PC: 1425a | Get or set file attributes |
| 2018-12-17T22:22:32.958278881Z | 54 | PC: 14213 | Get free disk space |
| 2018-12-17T22:22:32.963083868Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:22:32.964612884Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:22:32.965987311Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:22:32.969486126Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:22:32.970903353Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:22:32.974408531Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:22:32.976318901Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:22:32.978067482Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:22:32.979439479Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:22:32.981332767Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:22:32.983012781Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:22:32.986308427Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:22:32.989427721Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:22:32.991571429Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:22:32.993555333Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:22:32.996767019Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:22:32.998898065Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:22:33.000859882Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:22:33.004050841Z | 37 | PC: 145d1 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:22:33.006048152Z | 76 | PC: 14610 | Terminate with return code (Return code = '0') |