.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:29:54.629480265Z | 48 | PC: 1361d | Get DOS version |
| 2018-12-17T22:29:54.6406672Z | 25 | PC: 137a8 | Get default drive |
| 2018-12-17T22:29:54.642095177Z | 14 | PC: 137ae | Set default drive (Drive = 'A') |
| 2018-12-17T22:29:54.643593876Z | 37 | PC: 13643 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:29:54.645580924Z | 46 | PC: 13636 | Set verify flag |
| 2018-12-17T22:29:54.649446703Z | 71 | PC: 131ec | Get current directory |
| 2018-12-17T22:29:54.653050919Z | 59 | PC: 131be | Change current directory |
| 2018-12-17T22:29:54.668510233Z | 59 | PC: 131be | Change current directory |
| 2018-12-17T22:29:54.673082109Z | 71 | PC: 131ec | Get current directory |
| 2018-12-17T22:29:54.676368103Z | 59 | PC: 131be | Change current directory |
| 2018-12-17T22:29:54.685691139Z | 65 | PC: 133ef | Delete file (Filename = 'A:\TEST.COM') |
| 2018-12-17T22:29:54.705648332Z | 28 | PC: 13798 | Get allocation info for specified drive |
| 2018-12-17T22:29:54.743721736Z | 26 | PC: 1376d | Set disk transfer address |
| 2018-12-17T22:29:54.746059062Z | 78 | PC: 13302 | Find first file |
| 2018-12-17T22:29:54.756162308Z | 67 | PC: 133d7 | Get or set file attributes |
| 2018-12-17T22:29:55.440103443Z | 61 | PC: 13531 | Open file (Filename = 'C:\IO.SYS') |
| 2018-12-17T22:29:55.447079737Z | 66 | PC: 13488 | Move file pointer |
| 2018-12-17T22:29:55.448393672Z | 66 | PC: 13493 | Move file pointer |
| 2018-12-17T22:29:55.449704865Z | 66 | PC: 1349f | Move file pointer |
| 2018-12-17T22:29:55.451766718Z | 54 | PC: 1377e | Get free disk space |
| 2018-12-17T22:29:55.457072225Z | 66 | PC: 1356d | Move file pointer |
| 2018-12-17T22:29:55.45836226Z | 64 | PC: 13575 | Write file or device (Write 0 bytes on handle 5) |
| 2018-12-17T22:29:55.60057702Z | 66 | PC: 13580 | Move file pointer |
| 2018-12-17T22:29:55.602360765Z | 62 | PC: 13444 | Close file |
| 2018-12-17T22:29:55.61554083Z | 67 | PC: 133d7 | Get or set file attributes |
| 2018-12-17T22:29:55.626319449Z | 28 | PC: 13798 | Get allocation info for specified drive |
| 2018-12-17T22:29:55.627820197Z | 28 | PC: 13798 | Get allocation info for specified drive |
| 2018-12-17T22:29:55.629203368Z | 28 | PC: 13798 | Get allocation info for specified drive |
| 2018-12-17T22:29:55.630850817Z | 74 | PC: 13744 | Reallocate memory |
| 2018-12-17T22:29:55.633122786Z | 42 | PC: 130a0 | Get date 0x130a0: xchg ax, cx 0x130a1: xchg ax, dx 0x130a2: mov ch, bh 0x130a4: pop bx 0x130a5: ret 0x130a6: push cx 0x130a7: mov ah, 0x2c 0x130a9: int 0x21 0x130ab: xchg ax, dx 0x130ac: mov dx, cx 0x130ae: pop cx 0x130af: ret 0x130b0: push bx 0x130b1: push cx 0x130b2: push di 0x130b3: mov dx, cx 0x130b5: xchg ax, bx 0x130b6: mov bx, 0x5dc 0x130b9: cmp dx, bx 0x130bb: jae 0x130e8 |
| 2018-12-17T22:29:55.635167901Z | 44 | PC: 130ab | Get time 0x130ab: xchg ax, dx 0x130ac: mov dx, cx 0x130ae: pop cx 0x130af: ret 0x130b0: push bx 0x130b1: push cx 0x130b2: push di 0x130b3: mov dx, cx 0x130b5: xchg ax, bx 0x130b6: mov bx, 0x5dc 0x130b9: cmp dx, bx 0x130bb: jae 0x130e8 0x130bd: div bx 0x130bf: mov cx, dx 0x130c1: mov bl, 0xf0 0x130c3: cmp ah, bl 0x130c5: jae 0x130e8 0x130c7: div bl 0x130c9: mov di, ax 0x130cb: xchg ah, al |
| 2018-12-17T22:29:55.637245785Z | 61 | PC: 13531 | Open file (Filename = 'A:\TEST.COM') |
| 2018-12-17T22:29:55.647199548Z | 74 | PC: 13744 | Reallocate memory |
| 2018-12-17T22:29:55.649246166Z | 81 | PC: 12145 | Get current PSP |