.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T21:54:49.387754827Z | 78 | PC: 12a5e | Find first file |
| 2018-12-17T21:54:49.394600899Z | 44 | PC: 12ab6 | Get time 0x12ab6: mov word ptr [bp + 0x1be], dx 0x12aba: mov ax, 0x3d02 0x12abd: mov dx, 0x9e 0x12ac0: int 0x21 0x12ac2: xchg ax, bx 0x12ac3: mov ah, 0x3f 0x12ac5: mov cx, 2 0x12ac8: mov dx, 0x1b6 0x12acb: int 0x21 0x12acd: cmp word ptr [0x1b6], 0xf68b 0x12ad3: pushf 0x12ad4: je 0x12ae8 0x12ad6: cdq 0x12ad7: mov cx, dx 0x12ad9: mov ax, 0x4200 0x12adc: int 0x21 0x12ade: mov ah, 0x40 0x12ae0: mov cx, 0xc0 0x12ae3: mov dx, 0x100 0x12ae6: int 0x21 |
| 2018-12-17T21:54:49.397404001Z | 61 | PC: 12ac2 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T21:54:49.403847861Z | 63 | PC: 12acd | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T21:54:49.410382107Z | 66 | PC: 12ade | Move file pointer |
| 2018-12-17T21:54:49.412807852Z | 64 | PC: 12ae8 | Write file or device (Write 192 bytes on handle 5) |
| 2018-12-17T21:54:49.415580735Z | 44 | PC: 12aec | Get time 0x12aec: mov word ptr [bp + 0x1be], dx 0x12af0: mov ah, 0x3e 0x12af2: int 0x21 0x12af4: popf 0x12af5: ret 0x12af6: call 0x4f435926 0x12afc: dec bp 0x12afd: add byte ptr [bx + si], al 0x12aff: add byte ptr [bp + di + 0x75], bl 0x12b02: add bh, cl 0x12b04: ret 0x12b05: clc 0x12b06: ret 0x12b07: push bx 0x12b08: push ax 0x12b09: mov ah, 5 0x12b0b: lcall ptr cs:[0x130] 0x12b10: or ax, ax 0x12b12: je 0x12b17 0x12b14: pop ax |
| 2018-12-17T21:54:49.41789878Z | 62 | PC: 12af4 | Close file |