.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:27:30.033472644Z | 48 | PC: 12e44 | Get DOS version |
| 2018-12-17T22:27:30.036142337Z | 47 | PC: 12e5d | Get disk transfer address |
| 2018-12-17T22:27:30.037360929Z | 26 | PC: 12e76 | Set disk transfer address |
| 2018-12-17T22:27:30.038488277Z | 42 | PC: 12e7b | Get date 0x12e7b: cmp al, 0x11 0x12e7d: je 0x12ea9 0x12e7f: mov ah, 0x4e 0x12e81: lea dx, word ptr [bp + 0x3e8] 0x12e85: mov cx, 0x20 0x12e88: int 0x21 0x12e8a: jb 0x12eac 0x12e8c: push ds 0x12e8d: push dx 0x12e8e: call 0x12ee1 0x12e91: pop dx 0x12e92: pop ds 0x12e93: mov ah, 0x3e 0x12e95: int 0x21 0x12e97: cmp cl, 0x37 0x12e9a: jne 0x12eac 0x12e9c: mov ah, 0x4f 0x12e9e: int 0x21 0x12ea0: jb 0x12eac 0x12ea2: push ds |
| 2018-12-17T22:27:30.041278236Z | 78 | PC: 12e8a | Find first file |
| 2018-12-17T22:27:30.047041185Z | 61 | PC: 12eed | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:27:30.053474843Z | 63 | PC: 12efb | Read file or device (Read 17 bytes on handle 5) |
| 2018-12-17T22:27:30.060009354Z | 66 | PC: 12f24 | Move file pointer |
| 2018-12-17T22:27:30.061492642Z | 66 | PC: 12f3e | Move file pointer |
| 2018-12-17T22:27:30.062800507Z | 64 | PC: 12f49 | Write file or device (Write 17 bytes on handle 5) |
| 2018-12-17T22:27:30.065342202Z | 66 | PC: 12f52 | Move file pointer |
| 2018-12-17T22:27:30.066925381Z | 64 | PC: 12f60 | Write file or device (Write 511 bytes on handle 5) |
| 2018-12-17T22:27:30.080835093Z | 62 | PC: 12e97 | Close file |
| 2018-12-17T22:27:30.089214057Z | 26 | PC: 12ebb | Set disk transfer address |
| 2018-12-17T22:27:30.091433223Z | 9 | PC: 12e26 | Display string (String= 'BCDEF- This is a 1000 byte COM test, 1994 ') |