.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:24:36.888588469Z | 26 | PC: 12ac0 | Set disk transfer address |
| 2018-12-17T22:24:36.890186808Z | 78 | PC: 12ac8 | Find first file |
| 2018-12-17T22:24:36.898276668Z | 47 | PC: 12ad3 | Get disk transfer address |
| 2018-12-17T22:24:36.90020174Z | 61 | PC: 12ae3 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:24:36.908322799Z | 87 | PC: 12ae9 | Get or set file date and time |
| 2018-12-17T22:24:36.911118234Z | 63 | PC: 12b09 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:24:36.919851363Z | 66 | PC: 12b1b | Move file pointer |
| 2018-12-17T22:24:36.921922687Z | 64 | PC: 12b26 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:24:36.92599702Z | 66 | PC: 12b2f | Move file pointer |
| 2018-12-17T22:24:36.92779349Z | 44 | PC: 12a6a | Get time 0x12a6a: mov byte ptr [bp + 0x120], cl 0x12a6e: mov cx, 0xdd 0x12a71: lea si, word ptr [bp + 0x16d] 0x12a75: lea di, word ptr [bp + 0x232] 0x12a79: movsb byte ptr es:[di], byte ptr [si] 0x12a7a: mov al, byte ptr [bp + 0x232] 0x12a7e: xor al, byte ptr [bp + 0x120] 0x12a82: mov byte ptr [bp + 0x232], al 0x12a86: lea di, word ptr [si - 1] 0x12a89: lea si, word ptr [bp + 0x232] 0x12a8d: movsb byte ptr es:[di], byte ptr [si] 0x12a8e: mov si, di 0x12a90: loop 0x12a75 0x12a92: ret 0x12a93: jmp 0x12aad 0x12a95: call 0x22a66 0x12a98: mov ah, 0x40 0x12a9a: mov cx, 0x14a 0x12a9d: lea dx, word ptr [bp + 0x100] 0x12aa1: int 0x21 |
| 2018-12-17T22:24:36.930672664Z | 64 | PC: 12aa3 | Write file or device (Write 330 bytes on handle 5) |
| 2018-12-17T22:24:36.948451445Z | 87 | PC: 12b41 | Get or set file date and time |
| 2018-12-17T22:24:36.950781545Z | 62 | PC: 12b45 | Close file |
| 2018-12-17T22:24:36.959704537Z | 79 | PC: 12ac8 | Find next file |
| 2018-12-17T22:24:36.962974775Z | 47 | PC: 12ad3 | Get disk transfer address |
| 2018-12-17T22:24:36.970528477Z | 61 | PC: 12ae3 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:24:36.977946216Z | 87 | PC: 12ae9 | Get or set file date and time |
| 2018-12-17T22:24:36.979584963Z | 63 | PC: 12b09 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:24:36.987527265Z | 66 | PC: 12b1b | Move file pointer |
| 2018-12-17T22:24:36.989074434Z | 64 | PC: 12b26 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:24:36.995780307Z | 66 | PC: 12b2f | Move file pointer |
| 2018-12-17T22:24:36.998686953Z | 44 | PC: 12a6a | Get time 0x12a6a: mov byte ptr [bp + 0x120], cl 0x12a6e: mov cx, 0xdd 0x12a71: lea si, word ptr [bp + 0x16d] 0x12a75: lea di, word ptr [bp + 0x232] 0x12a79: movsb byte ptr es:[di], byte ptr [si] 0x12a7a: mov al, byte ptr [bp + 0x232] 0x12a7e: xor al, byte ptr [bp + 0x120] 0x12a82: mov byte ptr [bp + 0x232], al 0x12a86: lea di, word ptr [si - 1] 0x12a89: lea si, word ptr [bp + 0x232] 0x12a8d: movsb byte ptr es:[di], byte ptr [si] 0x12a8e: mov si, di 0x12a90: loop 0x12a75 0x12a92: ret 0x12a93: jmp 0x12aad 0x12a95: call 0x22a66 0x12a98: mov ah, 0x40 0x12a9a: mov cx, 0x14a 0x12a9d: lea dx, word ptr [bp + 0x100] 0x12aa1: int 0x21 |
| 2018-12-17T22:24:37.001621362Z | 64 | PC: 12aa3 | Write file or device (Write 330 bytes on handle 5) |
| 2018-12-17T22:24:37.005170893Z | 87 | PC: 12b41 | Get or set file date and time |
| 2018-12-17T22:24:37.009717402Z | 62 | PC: 12b45 | Close file |
| 2018-12-17T22:24:37.018618191Z | 79 | PC: 12ac8 | Find next file |
| 2018-12-17T22:24:37.022707489Z | 47 | PC: 12ad3 | Get disk transfer address |
| 2018-12-17T22:24:37.02431043Z | 61 | PC: 12ae3 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:24:37.033183965Z | 87 | PC: 12ae9 | Get or set file date and time |
| 2018-12-17T22:24:37.035340762Z | 63 | PC: 12b09 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:24:37.04262223Z | 66 | PC: 12b1b | Move file pointer |
| 2018-12-17T22:24:37.045346697Z | 64 | PC: 12b26 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:24:37.048987329Z | 66 | PC: 12b2f | Move file pointer |
| 2018-12-17T22:24:37.051144388Z | 44 | PC: 12a6a | Get time 0x12a6a: mov byte ptr [bp + 0x120], cl 0x12a6e: mov cx, 0xdd 0x12a71: lea si, word ptr [bp + 0x16d] 0x12a75: lea di, word ptr [bp + 0x232] 0x12a79: movsb byte ptr es:[di], byte ptr [si] 0x12a7a: mov al, byte ptr [bp + 0x232] 0x12a7e: xor al, byte ptr [bp + 0x120] 0x12a82: mov byte ptr [bp + 0x232], al 0x12a86: lea di, word ptr [si - 1] 0x12a89: lea si, word ptr [bp + 0x232] 0x12a8d: movsb byte ptr es:[di], byte ptr [si] 0x12a8e: mov si, di 0x12a90: loop 0x12a75 0x12a92: ret 0x12a93: jmp 0x12aad 0x12a95: call 0x22a66 0x12a98: mov ah, 0x40 0x12a9a: mov cx, 0x14a 0x12a9d: lea dx, word ptr [bp + 0x100] 0x12aa1: int 0x21 |
| 2018-12-17T22:24:37.054641722Z | 64 | PC: 12aa3 | Write file or device (Write 330 bytes on handle 5) |
| 2018-12-17T22:24:37.068161405Z | 87 | PC: 12b41 | Get or set file date and time |
| 2018-12-17T22:24:37.069962172Z | 62 | PC: 12b45 | Close file |
| 2018-12-17T22:24:37.078485216Z | 26 | PC: 12b59 | Set disk transfer address |