.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:24:53.1495205Z | 238 | PC: 150f7 | UNKNOWN! |
| 2018-12-17T22:24:53.151307326Z | 61 | PC: 151a4 | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-17T22:24:53.157012927Z | 87 | PC: 151ad | Get or set file date and time |
| 2018-12-17T22:24:53.158186113Z | 62 | PC: 151b1 | Close file |
| 2018-12-17T22:24:53.160010389Z | 53 | PC: 15165 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:24:53.161335462Z | 37 | PC: 15176 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:24:53.162224406Z | 67 | PC: 1517e | Get or set file attributes |
| 2018-12-17T22:24:53.167377959Z | 67 | PC: 1518a | Get or set file attributes |
| 2018-12-17T22:24:53.511581293Z | 61 | PC: 151c8 | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-17T22:24:53.518619485Z | 87 | PC: 151d4 | Get or set file date and time |
| 2018-12-17T22:24:53.519891006Z | 63 | PC: 151e6 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:24:53.523169678Z | 66 | PC: 151ef | Move file pointer |
| 2018-12-17T22:24:53.524853568Z | 64 | PC: 151fb | Write file or device (Write 1024 bytes on handle 5) |
| 2018-12-17T22:24:53.534565186Z | 66 | PC: 15206 | Move file pointer |
| 2018-12-17T22:24:53.541511146Z | 64 | PC: 15211 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:24:53.544263443Z | 87 | PC: 15226 | Get or set file date and time |
| 2018-12-17T22:24:53.545671478Z | 62 | PC: 1522a | Close file |
| 2018-12-17T22:24:53.553366288Z | 67 | PC: 15236 | Get or set file attributes |
| 2018-12-17T22:24:53.563675258Z | 37 | PC: 1519a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:24:53.564866791Z | 53 | PC: 15146 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:24:53.566867774Z | 37 | PC: 15156 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:24:53.56822291Z | 53 | PC: 12a45 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive') |
| 2018-12-17T22:24:53.56956495Z | 53 | PC: 12a5c | Get interrupt vector (Interrupt = '31' AKA 'Get disk parameter block for default drive') |