.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:27:29.066389818Z | 42 | PC: 12aaa | Get date 0x12aaa: pop bp 0x12aab: call 0x12aae 0x12aae: nop 0x12aaf: pop bp 0x12ab0: mov di, 0x30 0x12ab3: nop 0x12ab4: sub bp, 0x10d 0x12ab8: nop 0x12ab9: lea si, word ptr [bp + 0x1d4] 0x12abd: nop 0x12abe: mov di, 0x100 0x12ac1: nop 0x12ac2: push di 0x12ac3: nop 0x12ac4: movsb byte ptr es:[di], byte ptr [si] 0x12ac5: nop 0x12ac6: movsw word ptr es:[di], word ptr [si] 0x12ac7: lea dx, word ptr [bp + 0x417] 0x12acb: mov ah, 0x47 0x12acd: mov ah, 0x1a |
| 2018-12-17T22:27:29.07018177Z | 26 | PC: 12ad1 | Set disk transfer address |
| 2018-12-17T22:27:29.079982247Z | 71 | PC: 12ae0 | Get current directory |
| 2018-12-17T22:27:29.083474175Z | 53 | PC: 12af0 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:27:29.085496712Z | 37 | PC: 12b02 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:27:29.087463291Z | 78 | PC: 12b11 | Find first file |
| 2018-12-17T22:27:29.09508342Z | 61 | PC: 12d5b | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:27:29.102803642Z | 63 | PC: 12b23 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:27:29.126547946Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:27:29.129807908Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.146464754Z | 61 | PC: 12d5b | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:27:29.155507988Z | 64 | PC: 12d23 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:27:29.158726921Z | 66 | PC: 12d2b | Move file pointer |
| 2018-12-17T22:27:29.160365819Z | 64 | PC: 12d36 | Write file or device (Write 719 bytes on handle 5) |
| 2018-12-17T22:27:29.175013456Z | 87 | PC: 12d43 | Get or set file date and time |
| 2018-12-17T22:27:29.177306576Z | 62 | PC: 12d47 | Close file |
| 2018-12-17T22:27:29.186849246Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.199547052Z | 79 | PC: 12b11 | Find next file |
| 2018-12-17T22:27:29.203309799Z | 61 | PC: 12d5b | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:27:29.210966405Z | 63 | PC: 12b23 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:27:29.218514195Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:27:29.224331804Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.242645746Z | 61 | PC: 12d5b | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:27:29.250562433Z | 64 | PC: 12d23 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:27:29.25587549Z | 66 | PC: 12d2b | Move file pointer |
| 2018-12-17T22:27:29.257917522Z | 64 | PC: 12d36 | Write file or device (Write 719 bytes on handle 5) |
| 2018-12-17T22:27:29.267238111Z | 87 | PC: 12d43 | Get or set file date and time |
| 2018-12-17T22:27:29.270212738Z | 62 | PC: 12d47 | Close file |
| 2018-12-17T22:27:29.291536195Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.303749317Z | 79 | PC: 12b11 | Find next file |
| 2018-12-17T22:27:29.307998922Z | 61 | PC: 12d5b | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:27:29.317066924Z | 63 | PC: 12b23 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:27:29.324762717Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:27:29.327819476Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.339816392Z | 61 | PC: 12d5b | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:27:29.347713821Z | 64 | PC: 12d23 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:27:29.351560966Z | 66 | PC: 12d2b | Move file pointer |
| 2018-12-17T22:27:29.353535926Z | 64 | PC: 12d36 | Write file or device (Write 719 bytes on handle 5) |
| 2018-12-17T22:27:29.362706917Z | 87 | PC: 12d43 | Get or set file date and time |
| 2018-12-17T22:27:29.364461265Z | 62 | PC: 12d47 | Close file |
| 2018-12-17T22:27:29.374488138Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.386985792Z | 79 | PC: 12b11 | Find next file |
| 2018-12-17T22:27:29.390573384Z | 61 | PC: 12d5b | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:27:29.398964494Z | 63 | PC: 12b23 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:27:29.413733482Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:27:29.416057677Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.428223019Z | 61 | PC: 12d5b | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:27:29.436384256Z | 64 | PC: 12d23 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:27:29.439848406Z | 66 | PC: 12d2b | Move file pointer |
| 2018-12-17T22:27:29.442618921Z | 64 | PC: 12d36 | Write file or device (Write 719 bytes on handle 5) |
| 2018-12-17T22:27:29.453009651Z | 87 | PC: 12d43 | Get or set file date and time |
| 2018-12-17T22:27:29.455136146Z | 62 | PC: 12d47 | Close file |
| 2018-12-17T22:27:29.465444817Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.477188265Z | 79 | PC: 12b11 | Find next file |
| 2018-12-17T22:27:29.480575519Z | 61 | PC: 12d5b | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:27:29.489077136Z | 63 | PC: 12b23 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:27:29.497481128Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:27:29.499977654Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.513484354Z | 61 | PC: 12d5b | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:27:29.521470987Z | 64 | PC: 12d23 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:27:29.524975264Z | 66 | PC: 12d2b | Move file pointer |
| 2018-12-17T22:27:29.526921191Z | 64 | PC: 12d36 | Write file or device (Write 719 bytes on handle 5) |
| 2018-12-17T22:27:29.537147619Z | 87 | PC: 12d43 | Get or set file date and time |
| 2018-12-17T22:27:29.539230265Z | 62 | PC: 12d47 | Close file |
| 2018-12-17T22:27:29.548674137Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.561067334Z | 79 | PC: 12b11 | Find next file |
| 2018-12-17T22:27:29.56431952Z | 61 | PC: 12d5b | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:27:29.571984183Z | 63 | PC: 12b23 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:27:29.58164043Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:27:29.584321009Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.596614641Z | 61 | PC: 12d5b | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:27:29.605190752Z | 64 | PC: 12d23 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:27:29.608325654Z | 66 | PC: 12d2b | Move file pointer |
| 2018-12-17T22:27:29.60994416Z | 64 | PC: 12d36 | Write file or device (Write 719 bytes on handle 5) |
| 2018-12-17T22:27:29.62019988Z | 87 | PC: 12d43 | Get or set file date and time |
| 2018-12-17T22:27:29.622399299Z | 62 | PC: 12d47 | Close file |
| 2018-12-17T22:27:29.632045729Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.644181995Z | 79 | PC: 12b11 | Find next file |
| 2018-12-17T22:27:29.648702121Z | 61 | PC: 12d5b | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:27:29.656907764Z | 63 | PC: 12b23 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:27:29.664000689Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:27:29.66711339Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.678621694Z | 61 | PC: 12d5b | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:27:29.686138414Z | 64 | PC: 12d23 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:27:29.690932549Z | 66 | PC: 12d2b | Move file pointer |
| 2018-12-17T22:27:29.692585137Z | 64 | PC: 12d36 | Write file or device (Write 719 bytes on handle 5) |
| 2018-12-17T22:27:29.701666623Z | 87 | PC: 12d43 | Get or set file date and time |
| 2018-12-17T22:27:29.704735928Z | 62 | PC: 12d47 | Close file |
| 2018-12-17T22:27:29.714437366Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:27:29.725743285Z | 79 | PC: 12b11 | Find next file |
| 2018-12-17T22:27:29.72907733Z | 61 | PC: 12d5b | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:27:29.738018965Z | 63 | PC: 12b23 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:27:29.74144802Z | 62 | PC: 12b27 | Close file |
| 2018-12-17T22:27:29.744476613Z | 79 | PC: 12b11 | Find next file |
| 2018-12-17T22:27:29.748454784Z | 44 | PC: 12b55 | Get time 0x12b55: cmp dl, 5 0x12b58: jbe 0x12b78 0x12b5a: mov ax, 0x2524 0x12b5d: lds dx, ptr [bp + 0x3d2] 0x12b61: int 0x21 0x12b63: push cs 0x12b64: pop ds 0x12b65: mov ah, 0x3b 0x12b67: lea dx, word ptr [bp + 0x3d6] 0x12b6b: int 0x21 0x12b6d: mov ah, 0x1a 0x12b6f: mov dx, 0x80 0x12b72: int 0x21 0x12b74: ret 0x12b75: mov dx, 0x10d 0x12b78: mov dx, 0x21c 0x12b7b: call 0x12bb9 0x12b7e: mov dx, 0x243 0x12b81: call 0x12bb9 0x12b84: mov dx, 0x26a |
| 2018-12-17T22:27:29.751621123Z | 37 | PC: 12b63 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:27:29.753800414Z | 59 | PC: 12b6d | Change current directory |
| 2018-12-17T22:27:29.759989334Z | 26 | PC: 12b74 | Set disk transfer address |