.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:28:01.311423865Z | 48 | PC: 13aff | Get DOS version |
| 2018-12-17T22:28:01.313465284Z | 47 | PC: 13b0a | Get disk transfer address |
| 2018-12-17T22:28:01.314952532Z | 26 | PC: 13b19 | Set disk transfer address |
| 2018-12-17T22:28:01.316588074Z | 78 | PC: 13ba4 | Find first file |
| 2018-12-17T22:28:01.324120446Z | 79 | PC: 13bae | Find next file |
| 2018-12-17T22:28:01.328278357Z | 79 | PC: 13bae | Find next file |
| 2018-12-17T22:28:01.331787314Z | 79 | PC: 13bae | Find next file |
| 2018-12-17T22:28:01.335714461Z | 79 | PC: 13bae | Find next file |
| 2018-12-17T22:28:01.339039945Z | 79 | PC: 13bae | Find next file |
| 2018-12-17T22:28:01.342097624Z | 67 | PC: 13c03 | Get or set file attributes |
| 2018-12-17T22:28:01.348677125Z | 67 | PC: 13c13 | Get or set file attributes |
| 2018-12-17T22:28:01.527162677Z | 61 | PC: 13c1d | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:28:01.535076867Z | 87 | PC: 13c2c | Get or set file date and time |
| 2018-12-17T22:28:01.53679114Z | 44 | PC: 13c36 | Get time 0x13c36: mov cx, 3 0x13c39: mov ah, 0x3f 0x13c3b: mov dx, 0xa 0x13c3e: add dx, si 0x13c40: push dx 0x13c41: int 0x21 0x13c43: pop bp 0x13c44: jb 0x13c6a 0x13c46: cmp byte ptr [bp], 0x4d 0x13c4a: jne 0x13c58 0x13c4c: cmp byte ptr [bp + 1], 0x5a 0x13c50: je 0x13c6a 0x13c52: jmp 0x13c58 0x13c54: jmp 0x13caa 0x13c56: jmp 0x13ca8 0x13c58: cmp ax, 3 0x13c5b: jne 0x13cac 0x13c5d: xor cx, cx 0x13c5f: mov ax, 0x4202 0x13c62: xor dx, dx |
| 2018-12-17T22:28:01.540480773Z | 63 | PC: 13c43 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:28:01.547104852Z | 66 | PC: 13c66 | Move file pointer |
| 2018-12-17T22:28:01.549023384Z | 64 | PC: 13cc3 | Write file or device (Write 1159 bytes on handle 5) |
| 2018-12-17T22:28:01.558795222Z | 66 | PC: 13cd3 | Move file pointer |
| 2018-12-17T22:28:01.560892473Z | 64 | PC: 13ce1 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:28:01.567631067Z | 87 | PC: 13cf2 | Get or set file date and time |
| 2018-12-17T22:28:01.570396315Z | 62 | PC: 13cf6 | Close file |
| 2018-12-17T22:28:01.578494326Z | 67 | PC: 13d03 | Get or set file attributes |
| 2018-12-17T22:28:01.588815996Z | 26 | PC: 13d0d | Set disk transfer address |
| 2018-12-17T22:28:01.590509494Z | 26 | PC: 13d6d | Set disk transfer address |
| 2018-12-17T22:28:01.592851019Z | 48 | PC: 1367a | Get DOS version |
| 2018-12-17T22:28:01.594429345Z | 47 | PC: 13685 | Get disk transfer address |
| 2018-12-17T22:28:01.5957863Z | 26 | PC: 13694 | Set disk transfer address |
| 2018-12-17T22:28:01.597563158Z | 78 | PC: 1371f | Find first file |
| 2018-12-17T22:28:01.60455125Z | 79 | PC: 13729 | Find next file |
| 2018-12-17T22:28:01.607576093Z | 79 | PC: 13729 | Find next file |
| 2018-12-17T22:28:01.612843485Z | 79 | PC: 13729 | Find next file |
| 2018-12-17T22:28:01.615592747Z | 79 | PC: 13729 | Find next file |
| 2018-12-17T22:28:01.618276917Z | 79 | PC: 13729 | Find next file |
| 2018-12-17T22:28:01.623912536Z | 79 | PC: 13729 | Find next file |
| 2018-12-17T22:28:01.626573445Z | 79 | PC: 13729 | Find next file |
| 2018-12-17T22:28:01.62925201Z | 67 | PC: 1377e | Get or set file attributes |
| 2018-12-17T22:28:01.636843118Z | 67 | PC: 1378e | Get or set file attributes |
| 2018-12-17T22:28:01.646372154Z | 61 | PC: 13798 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:28:01.652994424Z | 87 | PC: 137a7 | Get or set file date and time |
| 2018-12-17T22:28:01.655490441Z | 44 | PC: 137b1 | Get time 0x137b1: mov cx, 3 0x137b4: mov ah, 0x3f 0x137b6: mov dx, 0xa 0x137b9: add dx, si 0x137bb: push dx 0x137bc: int 0x21 0x137be: pop bp 0x137bf: jb 0x137e5 0x137c1: cmp byte ptr [bp], 0x4d 0x137c5: jne 0x137d3 0x137c7: cmp byte ptr [bp + 1], 0x5a 0x137cb: je 0x137e5 0x137cd: jmp 0x137d3 0x137cf: jmp 0x13825 0x137d1: jmp 0x13823 0x137d3: cmp ax, 3 0x137d6: jne 0x13827 0x137d8: xor cx, cx 0x137da: mov ax, 0x4202 0x137dd: xor dx, dx |
| 2018-12-17T22:28:01.657887831Z | 63 | PC: 137be | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:28:01.66087699Z | 66 | PC: 137e1 | Move file pointer |
| 2018-12-17T22:28:01.664535273Z | 64 | PC: 1383e | Write file or device (Write 1159 bytes on handle 5) |
| 2018-12-17T22:28:01.673510543Z | 66 | PC: 1384e | Move file pointer |
| 2018-12-17T22:28:01.675011447Z | 64 | PC: 1385c | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:28:01.67995472Z | 87 | PC: 1386d | Get or set file date and time |
| 2018-12-17T22:28:01.681500564Z | 62 | PC: 13871 | Close file |
| 2018-12-17T22:28:01.68914697Z | 67 | PC: 1387e | Get or set file attributes |
| 2018-12-17T22:28:01.699624863Z | 26 | PC: 13888 | Set disk transfer address |
| 2018-12-17T22:28:01.701422849Z | 26 | PC: 138e8 | Set disk transfer address |
| 2018-12-17T22:28:01.70292592Z | 9 | PC: 12a4b | Display string (String= 'Refresh v1.0 ') |
| 2018-12-17T22:28:01.708616367Z | 76 | PC: 12a51 | Terminate with return code (Return code = '36') |