.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:27:41.489215631Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:27:41.492117033Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:27:41.493170875Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:27:41.494213088Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:27:41.49632978Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:27:41.497626966Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:27:41.498885907Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:27:41.500829276Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:27:41.502526243Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:27:41.504115854Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:27:41.506265406Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:27:41.507867963Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:27:41.50890404Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:27:41.511019493Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:27:41.512230473Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:27:41.513141279Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:27:41.514614205Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:27:41.515958363Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:27:41.51739821Z | 53 | PC: 14faa | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:27:41.519704508Z | 37 | PC: 14fbf | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:27:41.521032995Z | 37 | PC: 14fc7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:27:41.522176193Z | 37 | PC: 14fcf | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:27:41.523745856Z | 37 | PC: 14fd7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:27:41.525297567Z | 68 | PC: 15d97 | I/O control for devices (Set for = '') |
| 2018-12-17T22:27:41.582685671Z | 37 | PC: 149d1 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:27:41.586339675Z | 48 | PC: 158c2 | Get DOS version |
| 2018-12-17T22:27:41.587765504Z | 25 | PC: 1594f | Get default drive |
| 2018-12-17T22:27:41.588797452Z | 71 | PC: 15962 | Get current directory |
| 2018-12-17T22:27:41.595601734Z | 44 | PC: 1454d | Get time 0x1454d: xor ah, ah 0x1454f: mov al, dl 0x14551: les di, ptr [bp + 6] 0x14554: stosw word ptr es:[di], ax 0x14555: mov al, dh 0x14557: les di, ptr [bp + 0xa] 0x1455a: stosw word ptr es:[di], ax 0x1455b: mov al, cl 0x1455d: les di, ptr [bp + 0xe] 0x14560: stosw word ptr es:[di], ax 0x14561: mov al, ch 0x14563: les di, ptr [bp + 0x12] 0x14566: stosw word ptr es:[di], ax 0x14567: pop bp 0x14568: retf 0x10 0x1456b: push bp 0x1456c: mov bp, sp 0x1456e: mov ch, byte ptr [bp + 0xc] 0x14571: mov cl, byte ptr [bp + 0xa] 0x14574: mov dh, byte ptr [bp + 8] |
| 2018-12-17T22:27:41.597987159Z | 61 | PC: 15700 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:27:41.60487688Z | 66 | PC: 15832 | Move file pointer |
| 2018-12-17T22:27:41.608041927Z | 63 | PC: 157d3 | Read file or device (Read 15701 bytes on handle 5) |
| 2018-12-17T22:27:41.61624017Z | 62 | PC: 15750 | Close file |
| 2018-12-17T22:27:41.618389908Z | 60 | PC: 15700 | Create or truncate file |
| 2018-12-17T22:27:41.636243854Z | 62 | PC: 15750 | Close file |
| 2018-12-17T22:27:41.63836412Z | 65 | PC: 15849 | Delete file (Filename = '\�') |
| 2018-12-17T22:27:41.647793931Z | 25 | PC: 1594f | Get default drive |
| 2018-12-17T22:27:41.649061474Z | 71 | PC: 15962 | Get current directory |
| 2018-12-17T22:27:41.652838266Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:27:41.655219365Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:27:41.656732065Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:27:41.658662183Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:27:41.659756803Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:27:41.662774883Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:27:41.664311453Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:27:41.665813651Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:27:41.666881731Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:27:41.670306891Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:27:41.671356483Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:27:41.672450097Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:27:41.675182717Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:27:41.676267646Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:27:41.677384037Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:27:41.679499113Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:27:41.680775696Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:27:41.682344775Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:27:41.684631155Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:27:41.685804465Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:27:41.686902106Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:27:41.688668687Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:27:41.689865848Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:27:41.691011505Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:27:41.69337847Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:27:41.694596439Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:27:41.695875991Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:27:41.698002018Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:27:41.700472103Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:27:41.70189447Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:27:41.704839207Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:27:41.705911603Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:27:41.70710777Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:27:41.709157897Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:27:41.71049674Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:27:41.711998984Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:27:41.714143979Z | 53 | PC: 148ff | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:27:41.715839553Z | 37 | PC: 14908 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:27:41.719027683Z | 41 | PC: 148b6 | Parse filename |
| 2018-12-17T22:27:41.725622702Z | 41 | PC: 148c4 | Parse filename |
| 2018-12-17T22:27:41.727071933Z | 75 | PC: 148cf | Execute program |
| 2018-12-17T22:27:41.74715871Z | 80 | PC: 27b39 | Set current PSP |
| 2018-12-17T22:27:41.748626637Z | 48 | PC: 27b3e | Get DOS version |
| 2018-12-17T22:27:41.750299969Z | 99 | PC: 2e320 | Get DBCS lead byte table pointer |
| 2018-12-17T22:27:41.753518735Z | 101 | PC: 27bc4 | Get extended country info |
| 2018-12-17T22:27:41.762526365Z | 99 | PC: 27bca | Get DBCS lead byte table pointer |
| 2018-12-17T22:27:41.763845142Z | 74 | PC: 27c2c | Reallocate memory |
| 2018-12-17T22:27:41.765611997Z | 25 | PC: 27c63 | Get default drive |
| 2018-12-17T22:27:41.767356351Z | 37 | PC: 27723 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-17T22:27:41.768722219Z | 37 | PC: 2772a | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:27:41.770166707Z | 37 | PC: 27731 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:27:41.775018648Z | 74 | PC: 268cc | Reallocate memory |
| 2018-12-17T22:27:41.776766328Z | 72 | PC: 2690d | Allocate memory |
| 2018-12-17T22:27:41.778712776Z | 72 | PC: 26945 | Allocate memory |
| 2018-12-17T22:27:41.781382064Z | 72 | PC: 2694d | Allocate memory |