.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:29:22.398882042Z | 48 | PC: 13113 | Get DOS version |
| 2018-12-17T22:29:22.400954858Z | 53 | PC: 13191 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:29:22.402487492Z | 37 | PC: 131c8 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:29:22.403896357Z | 48 | PC: 13225 | Get DOS version |
| 2018-12-17T22:29:22.405593552Z | 53 | PC: 1322f | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:29:22.409550884Z | 37 | PC: 13244 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:29:22.412681545Z | 47 | PC: 1324a | Get disk transfer address |
| 2018-12-17T22:29:22.413856161Z | 26 | PC: 1325a | Set disk transfer address |
| 2018-12-17T22:29:22.415794767Z | 78 | PC: 13264 | Find first file |
| 2018-12-17T22:29:22.422706797Z | 53 | PC: 9ee82 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:29:22.424240631Z | 37 | PC: 9ee82 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:29:22.429738045Z | 67 | PC: 9ee82 | Get or set file attributes |
| 2018-12-17T22:29:22.435787833Z | 67 | PC: 9ee82 | Get or set file attributes |
| 2018-12-17T22:29:22.450484015Z | 61 | PC: 9ee82 | Open file (Filename = 'FILENAME.EXT') |
| 2018-12-17T22:29:22.45922037Z | 87 | PC: 9ee82 | Get or set file date and time |
| 2018-12-17T22:29:22.464947705Z | 66 | PC: 9ee82 | Move file pointer |
| 2018-12-17T22:29:22.466423053Z | 66 | PC: 9ee82 | Move file pointer |
| 2018-12-17T22:29:22.468541296Z | 63 | PC: 9ee82 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-17T22:29:22.47038043Z | 62 | PC: 9ee82 | Close file |
| 2018-12-17T22:29:22.471775912Z | 42 | PC: 9ee82 | Get date 0x9ee82: ret
0x9ee83: push ds
0x9ee84: pop es
0x9ee85: push ds
0x9ee86: pop word ptr cs:[0xc2c]
0x9ee8b: mov word ptr cs:[0xc2a], dx
0x9ee90: mov ax, 0x4300
0x9ee93: call 0xaee7c
0x9ee96: jb 0x9ee67
0x9ee98: mov word ptr cs:[0xc30], cx
0x9ee9d: and cx, 0xfe
0x9eea1: mov dx, word ptr cs:[0xc2a]
0x9eea6: mov ax, 0x4301
0x9eea9: call 0xaee7c
0x9eeac: jb 0x9ee67
0x9eeae: mov dx, word ptr cs:[0xc2a]
0x9eeb3: mov di, dx
0x9eeb5: xor al, al
0x9eeb7: mov cx, 0x100
0x9eeba: cld
|
| 2018-12-17T22:29:22.474366553Z | 37 | PC: 9ee82 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:29:22.476000268Z | 61 | PC: 1326e | Open file (Filename = '!<�s��') |
| 2018-12-17T22:29:22.482520708Z | 62 | PC: 13276 | Close file |
| 2018-12-17T22:29:22.484443267Z | 79 | PC: 13286 | Find next file |
| 2018-12-17T22:29:22.48713632Z | 37 | PC: 1329a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:29:22.488495085Z | 26 | PC: 132a3 | Set disk transfer address |
| 2018-12-17T22:29:22.489882384Z | 9 | PC: 136e7 | Display string (String= '�����������������������������X X X X ��#�������X X ���
�
�
�
�
��8�8�8�8�8���X X ��#�#���X #�#�#�#�������COMMAND.COM�AIDSTEST.EXE�
Ce��ac �� ����a
') |
| 2018-12-17T22:29:22.494941244Z | 76 | PC: 136ec | Terminate with return code (Return code = '0') |
