.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:33:28.950739007Z | 48 | PC: 1341d | Get DOS version |
| 2018-12-17T22:33:28.95295216Z | 29 | PC: 13438 | Reserved |
| 2018-12-17T22:33:28.954430137Z | 82 | PC: 9f38a | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T22:33:28.955470818Z | 53 | PC: 9f396 | Get interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:33:28.957265826Z | 37 | PC: 9f39f | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:33:28.958367837Z | 53 | PC: 9f3a4 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:33:28.959656053Z | 29 | PC: 9f400 | Reserved |
| 2018-12-17T22:33:28.961055862Z | 37 | PC: 9fa6a | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:33:28.962286287Z | 37 | PC: 9fa6a | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:33:28.963461038Z | 42 | PC: 9f53e | Get date 0x9f53e: mov word ptr cs:[0x32e], ss 0x9f543: mov word ptr cs:[0x333], sp 0x9f548: cli 0x9f549: mov sp, cs 0x9f54b: mov ss, sp 0x9f54d: mov sp, 0x93c 0x9f550: pushf 0x9f551: push ax 0x9f552: push bx 0x9f553: push es 0x9f554: push bp 0x9f555: mov ax, word ptr cs:[0x89e] 0x9f559: cmp ah, 0x11 0x9f55c: jne 0x9f58f 0x9f55e: mov bp, sp 0x9f560: cmp byte ptr [bp + 6], 0xff 0x9f564: je 0x9f58d 0x9f566: mov ah, 0x2f 0x9f568: call 0x9fa63 0x9f56b: cmp byte ptr es:[bx], 0xff |
| 2018-12-17T22:33:28.966099774Z | 9 | PC: 9f53e | Display string (String= 'Goat file (EXE). Size=00000BB8h/0000003000d bytes. ') |
| 2018-12-17T22:33:28.97084324Z | 76 | PC: 9f53e | Terminate with return code (Return code = '36') |