.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:30:00.322036701Z | 26 | PC: 12b90 | Set disk transfer address |
| 2018-12-17T22:30:00.323708201Z | 25 | PC: 12bae | Get default drive |
| 2018-12-17T22:30:00.326489436Z | 71 | PC: 12bc6 | Get current directory |
| 2018-12-17T22:30:00.330058078Z | 78 | PC: 12c58 | Find first file |
| 2018-12-17T22:30:00.337051718Z | 67 | PC: 12c77 | Get or set file attributes |
| 2018-12-17T22:30:00.368571911Z | 61 | PC: 12c7c | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:30:00.376145924Z | 66 | PC: 12c89 | Move file pointer |
| 2018-12-17T22:30:00.378017527Z | 63 | PC: 12c94 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T22:30:00.382235011Z | 62 | PC: 12de7 | Close file |
| 2018-12-17T22:30:00.384207707Z | 67 | PC: 12df7 | Get or set file attributes |
| 2018-12-17T22:30:00.397786399Z | 79 | PC: 12c69 | Find next file |
| 2018-12-17T22:30:00.401115305Z | 78 | PC: 12c58 | Find first file |
| 2018-12-17T22:30:00.418799172Z | 67 | PC: 12c77 | Get or set file attributes |
| 2018-12-17T22:30:00.429999445Z | 61 | PC: 12c7c | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:30:00.43808252Z | 66 | PC: 12c89 | Move file pointer |
| 2018-12-17T22:30:00.441005632Z | 63 | PC: 12c94 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T22:30:00.448557798Z | 66 | PC: 12ca9 | Move file pointer |
| 2018-12-17T22:30:00.450501869Z | 63 | PC: 12cbc | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:30:00.454740014Z | 66 | PC: 12ce5 | Move file pointer |
| 2018-12-17T22:30:00.456645332Z | 64 | PC: 12cf0 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:30:00.460835193Z | 44 | PC: 12da6 | Get time 0x12da6: or dx, dx 0x12da8: je 0x12da2 0x12daa: xor dl, dh 0x12dac: mov byte ptr cs:[bp + 0x12a], dl 0x12db1: cld 0x12db2: lea si, word ptr [bp + 0x104] 0x12db6: lea di, word ptr [bp + 0x4c2] 0x12dba: mov cx, 0x2cb 0x12dbd: rep movsb byte ptr es:[di], byte ptr [si] 0x12dbf: lea si, word ptr [bp + 0x4e9] 0x12dc3: mov cx, 0x2a2 0x12dc6: xor byte ptr cs:[si], dl 0x12dc9: inc si 0x12dca: loop 0x12dc6 0x12dcc: mov ax, 0x4202 0x12dcf: xor dx, dx 0x12dd1: int 0x21 0x12dd3: mov ah, 0x40 0x12dd5: lea dx, word ptr [bp + 0x4c2] 0x12dd9: mov cx, 0x2cb |
| 2018-12-17T22:30:00.46590446Z | 66 | PC: 12dd3 | Move file pointer |
| 2018-12-17T22:30:00.467583883Z | 64 | PC: 12dde | Write file or device (Write 715 bytes on handle 5) |
| 2018-12-17T22:30:00.47710957Z | 62 | PC: 12de7 | Close file |
| 2018-12-17T22:30:00.486506481Z | 67 | PC: 12df7 | Get or set file attributes |
| 2018-12-17T22:30:00.497638777Z | 79 | PC: 12c69 | Find next file |
| 2018-12-17T22:30:00.500685143Z | 67 | PC: 12c77 | Get or set file attributes |
| 2018-12-17T22:30:00.520817341Z | 61 | PC: 12c7c | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:30:00.528007126Z | 66 | PC: 12c89 | Move file pointer |
| 2018-12-17T22:30:00.53001907Z | 63 | PC: 12c94 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T22:30:00.536322394Z | 66 | PC: 12ca9 | Move file pointer |
| 2018-12-17T22:30:00.539444932Z | 63 | PC: 12cbc | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:30:00.542187535Z | 66 | PC: 12ce5 | Move file pointer |
| 2018-12-17T22:30:00.543955877Z | 64 | PC: 12cf0 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:30:00.547354744Z | 44 | PC: 12da6 | Get time 0x12da6: or dx, dx 0x12da8: je 0x12da2 0x12daa: xor dl, dh 0x12dac: mov byte ptr cs:[bp + 0x12a], dl 0x12db1: cld 0x12db2: lea si, word ptr [bp + 0x104] 0x12db6: lea di, word ptr [bp + 0x4c2] 0x12dba: mov cx, 0x2cb 0x12dbd: rep movsb byte ptr es:[di], byte ptr [si] 0x12dbf: lea si, word ptr [bp + 0x4e9] 0x12dc3: mov cx, 0x2a2 0x12dc6: xor byte ptr cs:[si], dl 0x12dc9: inc si 0x12dca: loop 0x12dc6 0x12dcc: mov ax, 0x4202 0x12dcf: xor dx, dx 0x12dd1: int 0x21 0x12dd3: mov ah, 0x40 0x12dd5: lea dx, word ptr [bp + 0x4c2] 0x12dd9: mov cx, 0x2cb |
| 2018-12-17T22:30:00.549957935Z | 66 | PC: 12dd3 | Move file pointer |
| 2018-12-17T22:30:00.551654703Z | 64 | PC: 12dde | Write file or device (Write 715 bytes on handle 5) |
| 2018-12-17T22:30:00.560405137Z | 62 | PC: 12de7 | Close file |
| 2018-12-17T22:30:00.568985175Z | 67 | PC: 12df7 | Get or set file attributes |
| 2018-12-17T22:30:00.580016985Z | 79 | PC: 12c69 | Find next file |
| 2018-12-17T22:30:00.583450558Z | 67 | PC: 12c77 | Get or set file attributes |
| 2018-12-17T22:30:00.59463624Z | 61 | PC: 12c7c | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:30:00.609798191Z | 66 | PC: 12c89 | Move file pointer |
| 2018-12-17T22:30:00.61559574Z | 63 | PC: 12c94 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T22:30:00.626514704Z | 66 | PC: 12ca9 | Move file pointer |
| 2018-12-17T22:30:00.628300073Z | 63 | PC: 12cbc | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:30:00.633206633Z | 66 | PC: 12ce5 | Move file pointer |
| 2018-12-17T22:30:00.636709428Z | 64 | PC: 12cf0 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:30:00.639735118Z | 44 | PC: 12da6 | Get time 0x12da6: or dx, dx 0x12da8: je 0x12da2 0x12daa: xor dl, dh 0x12dac: mov byte ptr cs:[bp + 0x12a], dl 0x12db1: cld 0x12db2: lea si, word ptr [bp + 0x104] 0x12db6: lea di, word ptr [bp + 0x4c2] 0x12dba: mov cx, 0x2cb 0x12dbd: rep movsb byte ptr es:[di], byte ptr [si] 0x12dbf: lea si, word ptr [bp + 0x4e9] 0x12dc3: mov cx, 0x2a2 0x12dc6: xor byte ptr cs:[si], dl 0x12dc9: inc si 0x12dca: loop 0x12dc6 0x12dcc: mov ax, 0x4202 0x12dcf: xor dx, dx 0x12dd1: int 0x21 0x12dd3: mov ah, 0x40 0x12dd5: lea dx, word ptr [bp + 0x4c2] 0x12dd9: mov cx, 0x2cb |
| 2018-12-17T22:30:00.642654823Z | 66 | PC: 12dd3 | Move file pointer |
| 2018-12-17T22:30:00.645408121Z | 64 | PC: 12dde | Write file or device (Write 715 bytes on handle 5) |
| 2018-12-17T22:30:00.654621967Z | 62 | PC: 12de7 | Close file |
| 2018-12-17T22:30:00.668582026Z | 67 | PC: 12df7 | Get or set file attributes |
| 2018-12-17T22:30:00.680338473Z | 79 | PC: 12c69 | Find next file |
| 2018-12-17T22:30:00.68359227Z | 67 | PC: 12c77 | Get or set file attributes |
| 2018-12-17T22:30:00.69508683Z | 61 | PC: 12c7c | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:30:00.703859112Z | 66 | PC: 12c89 | Move file pointer |
| 2018-12-17T22:30:00.705711894Z | 63 | PC: 12c94 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T22:30:00.713086878Z | 66 | PC: 12ca9 | Move file pointer |
| 2018-12-17T22:30:00.715734424Z | 63 | PC: 12cbc | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:30:00.718517226Z | 66 | PC: 12ce5 | Move file pointer |
| 2018-12-17T22:30:00.720024282Z | 64 | PC: 12cf0 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:30:00.72363372Z | 44 | PC: 12da6 | Get time 0x12da6: or dx, dx 0x12da8: je 0x12da2 0x12daa: xor dl, dh 0x12dac: mov byte ptr cs:[bp + 0x12a], dl 0x12db1: cld 0x12db2: lea si, word ptr [bp + 0x104] 0x12db6: lea di, word ptr [bp + 0x4c2] 0x12dba: mov cx, 0x2cb 0x12dbd: rep movsb byte ptr es:[di], byte ptr [si] 0x12dbf: lea si, word ptr [bp + 0x4e9] 0x12dc3: mov cx, 0x2a2 0x12dc6: xor byte ptr cs:[si], dl 0x12dc9: inc si 0x12dca: loop 0x12dc6 0x12dcc: mov ax, 0x4202 0x12dcf: xor dx, dx 0x12dd1: int 0x21 0x12dd3: mov ah, 0x40 0x12dd5: lea dx, word ptr [bp + 0x4c2] 0x12dd9: mov cx, 0x2cb |
| 2018-12-17T22:30:00.732420886Z | 66 | PC: 12dd3 | Move file pointer |
| 2018-12-17T22:30:00.73482959Z | 64 | PC: 12dde | Write file or device (Write 715 bytes on handle 5) |
| 2018-12-17T22:30:00.756137661Z | 62 | PC: 12de7 | Close file |
| 2018-12-17T22:30:00.765587014Z | 67 | PC: 12df7 | Get or set file attributes |
| 2018-12-17T22:30:00.78820908Z | 79 | PC: 12c69 | Find next file |
| 2018-12-17T22:30:00.792234749Z | 67 | PC: 12c77 | Get or set file attributes |
| 2018-12-17T22:30:00.805189507Z | 61 | PC: 12c7c | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:30:00.813292014Z | 66 | PC: 12c89 | Move file pointer |
| 2018-12-17T22:30:00.815391Z | 63 | PC: 12c94 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T22:30:00.823546288Z | 66 | PC: 12ca9 | Move file pointer |
| 2018-12-17T22:30:00.825621088Z | 63 | PC: 12cbc | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:30:00.828911567Z | 66 | PC: 12ce5 | Move file pointer |
| 2018-12-17T22:30:00.831451899Z | 64 | PC: 12cf0 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:30:00.834719929Z | 44 | PC: 12da6 | Get time 0x12da6: or dx, dx 0x12da8: je 0x12da2 0x12daa: xor dl, dh 0x12dac: mov byte ptr cs:[bp + 0x12a], dl 0x12db1: cld 0x12db2: lea si, word ptr [bp + 0x104] 0x12db6: lea di, word ptr [bp + 0x4c2] 0x12dba: mov cx, 0x2cb 0x12dbd: rep movsb byte ptr es:[di], byte ptr [si] 0x12dbf: lea si, word ptr [bp + 0x4e9] 0x12dc3: mov cx, 0x2a2 0x12dc6: xor byte ptr cs:[si], dl 0x12dc9: inc si 0x12dca: loop 0x12dc6 0x12dcc: mov ax, 0x4202 0x12dcf: xor dx, dx 0x12dd1: int 0x21 0x12dd3: mov ah, 0x40 0x12dd5: lea dx, word ptr [bp + 0x4c2] 0x12dd9: mov cx, 0x2cb |
| 2018-12-17T22:30:00.837800745Z | 66 | PC: 12dd3 | Move file pointer |
| 2018-12-17T22:30:00.840424957Z | 64 | PC: 12dde | Write file or device (Write 715 bytes on handle 5) |
| 2018-12-17T22:30:00.849955323Z | 62 | PC: 12de7 | Close file |
| 2018-12-17T22:30:00.859936325Z | 67 | PC: 12df7 | Get or set file attributes |
| 2018-12-17T22:30:00.8717591Z | 79 | PC: 12c69 | Find next file |
| 2018-12-17T22:30:00.875168966Z | 67 | PC: 12c77 | Get or set file attributes |
| 2018-12-17T22:30:00.88656298Z | 61 | PC: 12c7c | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:30:00.894897671Z | 66 | PC: 12c89 | Move file pointer |
| 2018-12-17T22:30:00.896627068Z | 63 | PC: 12c94 | Read file or device (Read 2 bytes on handle 5) |
| 2018-12-17T22:30:00.901364562Z | 66 | PC: 12ca9 | Move file pointer |
| 2018-12-17T22:30:00.903071208Z | 63 | PC: 12cbc | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:30:00.905089746Z | 66 | PC: 12ce5 | Move file pointer |
| 2018-12-17T22:30:00.906376252Z | 64 | PC: 12cf0 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:30:00.908941569Z | 44 | PC: 12da6 | Get time 0x12da6: or dx, dx 0x12da8: je 0x12da2 0x12daa: xor dl, dh 0x12dac: mov byte ptr cs:[bp + 0x12a], dl 0x12db1: cld 0x12db2: lea si, word ptr [bp + 0x104] 0x12db6: lea di, word ptr [bp + 0x4c2] 0x12dba: mov cx, 0x2cb 0x12dbd: rep movsb byte ptr es:[di], byte ptr [si] 0x12dbf: lea si, word ptr [bp + 0x4e9] 0x12dc3: mov cx, 0x2a2 0x12dc6: xor byte ptr cs:[si], dl 0x12dc9: inc si 0x12dca: loop 0x12dc6 0x12dcc: mov ax, 0x4202 0x12dcf: xor dx, dx 0x12dd1: int 0x21 0x12dd3: mov ah, 0x40 0x12dd5: lea dx, word ptr [bp + 0x4c2] 0x12dd9: mov cx, 0x2cb |
| 2018-12-17T22:30:00.910785124Z | 66 | PC: 12dd3 | Move file pointer |
| 2018-12-17T22:30:00.912068662Z | 64 | PC: 12dde | Write file or device (Write 715 bytes on handle 5) |
| 2018-12-17T22:30:00.918760942Z | 62 | PC: 12de7 | Close file |
| 2018-12-17T22:30:00.92504379Z | 67 | PC: 12df7 | Get or set file attributes |
| 2018-12-17T22:30:00.931658218Z | 59 | PC: 12bd7 | Change current directory |
| 2018-12-17T22:30:00.935627426Z | 26 | PC: 12be1 | Set disk transfer address |
| 2018-12-17T22:30:00.936930805Z | 59 | PC: 12be9 | Change current directory |