.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:29:16.936732802Z | 26 | PC: 12a82 | Set disk transfer address |
| 2018-12-17T22:29:16.938736679Z | 71 | PC: 12a8c | Get current directory |
| 2018-12-17T22:29:16.942261512Z | 53 | PC: 12a99 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:29:16.943881886Z | 37 | PC: 12aa9 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:29:16.945447297Z | 78 | PC: 12ab6 | Find first file |
| 2018-12-17T22:29:16.9589594Z | 61 | PC: 12bd2 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:29:16.967042153Z | 63 | PC: 12aca | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:29:16.974162563Z | 62 | PC: 12ace | Close file |
| 2018-12-17T22:29:16.976852909Z | 67 | PC: 12be0 | Get or set file attributes |
| 2018-12-17T22:29:16.99499771Z | 61 | PC: 12bd2 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:29:17.002597288Z | 64 | PC: 12b53 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:29:17.006593309Z | 66 | PC: 12b5f | Move file pointer |
| 2018-12-17T22:29:17.008287787Z | 44 | PC: 12b63 | Get time 0x12b63: or dx, dx 0x12b65: je 0x12b5f 0x12b67: mov word ptr [bp + 0x104], dx 0x12b6b: xor byte ptr [bp + 0x118], 8 0x12b70: lea di, word ptr [bp + 0x2fa] 0x12b74: mov ax, 0x5355 0x12b77: stosw word ptr es:[di], ax 0x12b78: lea si, word ptr [bp + 0x103] 0x12b7c: mov cx, 0x19 0x12b7f: push si 0x12b80: push cx 0x12b81: rep movsb byte ptr es:[di], byte ptr [si] 0x12b83: lea si, word ptr [bp + 0x2a1] 0x12b87: mov cx, 0xf 0x12b8a: rep movsb byte ptr es:[di], byte ptr [si] 0x12b8c: pop cx 0x12b8d: pop si 0x12b8e: pop dx 0x12b8f: push di 0x12b90: push si |
| 2018-12-17T22:29:17.011765756Z | 64 | PC: 12c62 | Write file or device (Write 503 bytes on handle 5) |
| 2018-12-17T22:29:17.021442708Z | 87 | PC: 12bba | Get or set file date and time |
| 2018-12-17T22:29:17.023383522Z | 62 | PC: 12bbe | Close file |
| 2018-12-17T22:29:17.031778534Z | 67 | PC: 12be0 | Get or set file attributes |
| 2018-12-17T22:29:17.043732238Z | 79 | PC: 12ab6 | Find next file |
| 2018-12-17T22:29:17.047274131Z | 61 | PC: 12bd2 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:29:17.054492076Z | 63 | PC: 12aca | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:29:17.061382217Z | 62 | PC: 12ace | Close file |
| 2018-12-17T22:29:17.064427054Z | 79 | PC: 12ab6 | Find next file |
| 2018-12-17T22:29:17.067990465Z | 61 | PC: 12bd2 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:29:17.079050311Z | 63 | PC: 12aca | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:29:17.102782673Z | 62 | PC: 12ace | Close file |
| 2018-12-17T22:29:17.105560157Z | 79 | PC: 12ab6 | Find next file |
| 2018-12-17T22:29:17.109557258Z | 61 | PC: 12bd2 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:29:17.120825613Z | 63 | PC: 12aca | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:29:17.128440517Z | 62 | PC: 12ace | Close file |
| 2018-12-17T22:29:17.130683389Z | 79 | PC: 12ab6 | Find next file |
| 2018-12-17T22:29:17.138010178Z | 61 | PC: 12bd2 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:29:17.145137977Z | 63 | PC: 12aca | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:29:17.152765162Z | 62 | PC: 12ace | Close file |
| 2018-12-17T22:29:17.156704018Z | 79 | PC: 12ab6 | Find next file |
| 2018-12-17T22:29:17.15991564Z | 61 | PC: 12bd2 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:29:17.169646051Z | 63 | PC: 12aca | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:29:17.194113776Z | 62 | PC: 12ace | Close file |
| 2018-12-17T22:29:17.201238347Z | 67 | PC: 12be0 | Get or set file attributes |
| 2018-12-17T22:29:17.21590951Z | 61 | PC: 12bd2 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:29:17.227514537Z | 64 | PC: 12b53 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:29:17.231310189Z | 66 | PC: 12b5f | Move file pointer |
| 2018-12-17T22:29:17.233115536Z | 44 | PC: 12b63 | Get time 0x12b63: or dx, dx 0x12b65: je 0x12b5f 0x12b67: mov word ptr [bp + 0x104], dx 0x12b6b: xor byte ptr [bp + 0x118], 8 0x12b70: lea di, word ptr [bp + 0x2fa] 0x12b74: mov ax, 0x5355 0x12b77: stosw word ptr es:[di], ax 0x12b78: lea si, word ptr [bp + 0x103] 0x12b7c: mov cx, 0x19 0x12b7f: push si 0x12b80: push cx 0x12b81: rep movsb byte ptr es:[di], byte ptr [si] 0x12b83: lea si, word ptr [bp + 0x2a1] 0x12b87: mov cx, 0xf 0x12b8a: rep movsb byte ptr es:[di], byte ptr [si] 0x12b8c: pop cx 0x12b8d: pop si 0x12b8e: pop dx 0x12b8f: push di 0x12b90: push si |
| 2018-12-17T22:29:17.2363577Z | 64 | PC: 12c62 | Write file or device (Write 503 bytes on handle 5) |
| 2018-12-17T22:29:17.247296786Z | 87 | PC: 12bba | Get or set file date and time |
| 2018-12-17T22:29:17.249691323Z | 62 | PC: 12bbe | Close file |
| 2018-12-17T22:29:17.259654138Z | 67 | PC: 12be0 | Get or set file attributes |
| 2018-12-17T22:29:17.286254185Z | 79 | PC: 12ab6 | Find next file |
| 2018-12-17T22:29:17.289730305Z | 61 | PC: 12bd2 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:29:17.298071128Z | 63 | PC: 12aca | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:29:17.306589948Z | 62 | PC: 12ace | Close file |
| 2018-12-17T22:29:17.310598026Z | 79 | PC: 12ab6 | Find next file |
| 2018-12-17T22:29:17.314071701Z | 61 | PC: 12bd2 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:29:17.322106993Z | 63 | PC: 12aca | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:29:17.326370589Z | 62 | PC: 12ace | Close file |
| 2018-12-17T22:29:17.328871838Z | 79 | PC: 12ab6 | Find next file |
| 2018-12-17T22:29:17.332073394Z | 37 | PC: 12b13 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:29:17.334911796Z | 59 | PC: 12b1d | Change current directory |
| 2018-12-17T22:29:17.339869683Z | 26 | PC: 12b24 | Set disk transfer address |