.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T21:50:48.288517035Z | 44 | PC: 12a47 | Get time 0x12a47: or dh, dh 0x12a49: jne 0x12a52 0x12a4b: mov dx, 0x2ff 0x12a4e: mov ah, 9 0x12a50: int 0x21 0x12a52: mov byte ptr [0x314], 0 0x12a57: mov dx, 0x31b 0x12a5a: mov ah, 0x1a 0x12a5c: int 0x21 0x12a5e: mov dx, 0x2be 0x12a61: mov cx, 0x3f 0x12a64: mov ah, 0x4e 0x12a66: int 0x21 0x12a68: jb 0x12aa0 0x12a6a: mov dx, 0x2be 0x12a6d: cmp byte ptr [0x314], 0 0x12a72: je 0x12a86 0x12a74: push es 0x12a75: push cs 0x12a76: pop es |
| 2018-12-17T21:50:48.291888837Z | 26 | PC: 12a5e | Set disk transfer address |
| 2018-12-17T21:50:48.293230731Z | 78 | PC: 12a68 | Find first file |
| 2018-12-17T21:50:48.299366876Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.304474937Z | 61 | PC: 12ae0 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T21:50:48.317458993Z | 66 | PC: 12aee | Move file pointer |
| 2018-12-17T21:50:48.322723727Z | 63 | PC: 12af8 | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T21:50:48.329084904Z | 66 | PC: 12b11 | Move file pointer |
| 2018-12-17T21:50:48.333217534Z | 66 | PC: 12b26 | Move file pointer |
| 2018-12-17T21:50:48.334400207Z | 63 | PC: 12b30 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T21:50:48.338519974Z | 64 | PC: 12b51 | Write file or device (Write 18 bytes on handle 5) |
| 2018-12-17T21:50:48.340876647Z | 66 | PC: 12b72 | Move file pointer |
| 2018-12-17T21:50:48.341856048Z | 64 | PC: 12b85 | Write file or device (Write 532 bytes on handle 5) |
| 2018-12-17T21:50:48.352477064Z | 66 | PC: 12bef | Move file pointer |
| 2018-12-17T21:50:48.353904085Z | 64 | PC: 12bf9 | Write file or device (Write 24 bytes on handle 5) |
| 2018-12-17T21:50:48.35585787Z | 62 | PC: 12bfd | Close file |
| 2018-12-17T21:50:48.36090147Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.362672998Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.364336487Z | 26 | PC: 12ab2 | Set disk transfer address |
| 2018-12-17T21:50:48.365256001Z | 78 | PC: 12abc | Find first file |
| 2018-12-17T21:50:48.37461853Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.378298212Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.384348225Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.386708453Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.393832854Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.399429598Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.405966409Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.407400051Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.410570022Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.416468073Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.422525865Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.423482426Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.426252518Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.43201975Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.438217922Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.439359721Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.444245601Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.44977988Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.456492247Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.457952098Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.463656254Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.46918766Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.475616344Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.476532106Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.479439591Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.485764906Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.49188508Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.492850441Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.496342873Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.50229039Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.508740765Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.510207121Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.514050705Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.519934522Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.527372365Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.529571044Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.53270856Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.538608312Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.545736549Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.546770607Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.549682377Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.556408779Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.562589719Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.564036193Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.568270775Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.574194103Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.580997113Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.58322388Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.586454215Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.593007493Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.599293167Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.601561355Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.604755333Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.610580581Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.617804284Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.619168669Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.622347316Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.629171406Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.635711477Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.637290662Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.643146946Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.654029116Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.661428548Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.662942515Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.665801568Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.671572019Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.676657376Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.677655931Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.679769965Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.685313531Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.691417949Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.69233919Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.695652583Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.701427198Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.707726971Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.709812483Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.713450203Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.719400005Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.727170574Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.728868433Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.73203493Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.738625722Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.745345483Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.746717244Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.750702974Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.75689796Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.763273445Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.76467299Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.767135246Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.770865987Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.774969558Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.776271787Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.780336Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.784274317Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.791234337Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.792002543Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.79489559Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.800327385Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.806033436Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.8070298Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.810637643Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.816085314Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.821247185Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.82222873Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.824148069Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.829353862Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.835043664Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.835801866Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.837939329Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.841676379Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.845752837Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.846514528Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.848642833Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.852694505Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.857217832Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.861722127Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.865820171Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.86983136Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.874391429Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.875328909Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.880759545Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.887912648Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.895354942Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.89670398Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.903197708Z | 67 | PC: 12a8e | Get or set file attributes |
| 2018-12-17T21:50:48.90893846Z | 61 | PC: 12ae0 | Open file (Filename = 'c:\windows\') |
| 2018-12-17T21:50:48.915192574Z | 26 | PC: 12a98 | Set disk transfer address |
| 2018-12-17T21:50:48.917408857Z | 79 | PC: 12a9c | Find next file |
| 2018-12-17T21:50:48.924276361Z | 76 | PC: 12acd | Terminate with return code (Return code = '0') |