.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:26:26.474477525Z | 26 | PC: 18721 | Set disk transfer address |
| 2018-12-17T22:26:26.485869548Z | 78 | PC: 1872c | Find first file |
| 2018-12-17T22:26:26.492121844Z | 61 | PC: 18742 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:26:26.49940739Z | 63 | PC: 18759 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:26:26.512126263Z | 67 | PC: 18777 | Get or set file attributes |
| 2018-12-17T22:26:26.535991344Z | 62 | PC: 18788 | Close file |
| 2018-12-17T22:26:26.53812578Z | 61 | PC: 1878d | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:26:26.545935364Z | 64 | PC: 1879a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:26:26.548848234Z | 66 | PC: 187a3 | Move file pointer |
| 2018-12-17T22:26:26.550561182Z | 44 | PC: 187a7 | Get time 0x187a7: mov word ptr ds:[bp + 0x10c], dx
0x187ac: call 0x286e7
0x187af: mov ax, 0x5701
0x187b2: mov cx, word ptr ds:[bp + 0x23b]
0x187b7: mov dx, word ptr ds:[bp + 0x23d]
0x187bc: int 0x21
0x187be: mov ax, 0x4301
0x187c1: lea dx, word ptr [bp + 0x243]
0x187c5: mov cx, word ptr ds:[bp + 0x23a]
0x187ca: int 0x21
0x187cc: mov ah, 0x3e
0x187ce: int 0x21
0x187d0: jmp 0x18731
0x187d3: sub ch, byte ptr [0x6f63]
0x187d7: insw word ptr es:[di], dx
0x187d8: add byte ptr [bp - 0x18], ah
0x187db: cmp byte ptr [bx + si], al
0x187dd: jmp 0x18974
0x187e0: push sp
0x187e2: outsw dx, word ptr [si]
|
| 2018-12-17T22:26:26.553672065Z | 64 | PC: 186f5 | Write file or device (Write 289 bytes on handle 5) |
| 2018-12-17T22:26:26.562053193Z | 87 | PC: 187be | Get or set file date and time |
| 2018-12-17T22:26:26.563637061Z | 67 | PC: 187cc | Get or set file attributes |
| 2018-12-17T22:26:26.568909901Z | 62 | PC: 187d0 | Close file |
| 2018-12-17T22:26:26.581909843Z | 26 | PC: 18738 | Set disk transfer address |
| 2018-12-17T22:26:26.583156588Z | 48 | PC: 12a63 | Get DOS version |
| 2018-12-17T22:26:26.584838197Z | 47 | PC: 12a6f | Get disk transfer address |
| 2018-12-17T22:26:26.585850651Z | 26 | PC: 12a7f | Set disk transfer address |
| 2018-12-17T22:26:26.58692785Z | 78 | PC: 12b01 | Find first file |
| 2018-12-17T22:26:26.602253836Z | 67 | PC: 12b3a | Get or set file attributes |
| 2018-12-17T22:26:26.61312966Z | 67 | PC: 12b4b | Get or set file attributes |
| 2018-12-17T22:26:26.623914401Z | 61 | PC: 12b56 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:26:26.628932483Z | 87 | PC: 12b62 | Get or set file date and time |
| 2018-12-17T22:26:26.630277828Z | 44 | PC: 12b6c | Get time 0x12b6c: and dh, 7
0x12b6f: jmp 0x12b80
0x12b71: mov ah, 0x40
0x12b73: mov cx, 5
0x12b76: mov dx, si
0x12b78: add dx, 0x8a
0x12b7c: int 0x21
0x12b7e: jmp 0x12be2
0x12b80: mov ah, 0x3f
0x12b82: mov cx, 3
0x12b85: mov dx, 0xa
0x12b88: nop
0x12b89: add dx, si
0x12b8b: int 0x21
0x12b8d: jb 0x12be2
0x12b8f: cmp ax, 3
0x12b92: jne 0x12be2
0x12b94: mov ax, 0x4202
0x12b97: mov cx, 0
0x12b9a: mov dx, 0
|
| 2018-12-17T22:26:26.631938681Z | 63 | PC: 12b8d | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:26:26.636804262Z | 66 | PC: 12b9f | Move file pointer |
| 2018-12-17T22:26:26.638471231Z | 64 | PC: 12bc2 | Write file or device (Write 23693 bytes on handle 5) |
| 2018-12-17T22:26:26.660218868Z | 66 | PC: 12bd4 | Move file pointer |
| 2018-12-17T22:26:26.662521234Z | 64 | PC: 12be2 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:26:26.665520614Z | 87 | PC: 12bf3 | Get or set file date and time |
| 2018-12-17T22:26:26.667170882Z | 62 | PC: 12bf7 | Close file |
| 2018-12-17T22:26:26.686354333Z | 67 | PC: 12c05 | Get or set file attributes |
| 2018-12-17T22:26:26.706992984Z | 26 | PC: 12c0f | Set disk transfer address |
| 2018-12-17T22:26:26.714315751Z | 37 | PC: 12c44 | Set interrupt vector (Interrupt = '96' AKA 'Qualify filename') |
| 2018-12-17T22:26:26.716580472Z | 74 | PC: 46992 | Reallocate memory |
| 2018-12-17T22:26:26.718365829Z | 48 | PC: 469ea | Get DOS version |
| 2018-12-17T22:26:26.730461014Z | 53 | PC: 469f2 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:26:26.732319337Z | 37 | PC: 46a04 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:26:26.733726399Z | 68 | PC: 46a88 | I/O control for devices (Set for = '�����[���������') |
| 2018-12-17T22:26:26.735153122Z | 68 | PC: 46a88 | I/O control for devices (Set for = '') |
| 2018-12-17T22:26:26.736900087Z | 68 | PC: 46a88 | I/O control for devices |
| 2018-12-17T22:26:26.738621814Z | 68 | PC: 46a88 | I/O control for devices |
| 2018-12-17T22:26:26.740191591Z | 68 | PC: 46a88 | I/O control for devices |
| 2018-12-17T22:26:26.746234359Z | 53 | PC: 4721a | Get interrupt vector (Interrupt = '31' AKA 'Get disk parameter block for default drive') |
| 2018-12-17T22:26:28.95553899Z | 37 | PC: 46b1d | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
