.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:33:41.655163469Z | 53 | PC: 12ca5 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:33:41.657400184Z | 44 | PC: 12ced | Get time 0x12ced: mov dh, 0 0x12cef: jmp 0x12d0f 0x12cf1: nop 0x12cf2: mov ax, ds 0x12cf4: mov es, ax 0x12cf6: dec ax 0x12cf7: mov ds, ax 0x12cf9: mov bx, word ptr [3] 0x12cfd: sub bx, 0xe7a 0x12d01: mov cl, 4 0x12d03: rol dx, cl 0x12d05: sub bx, dx 0x12d07: ror dx, cl 0x12d09: mov ah, 0x4a 0x12d0b: int 0x21 0x12d0d: jb 0x12d8b 0x12d0f: mov ah, 0x48 0x12d11: mov bx, 0x104 0x12d14: add bx, dx 0x12d16: int 0x21 |
| 2018-12-17T22:33:41.659990135Z | 72 | PC: 12d18 | Allocate memory |
| 2018-12-17T22:33:41.661990403Z | 74 | PC: 12d0d | Reallocate memory |
| 2018-12-17T22:33:41.663908553Z | 72 | PC: 12d18 | Allocate memory |
| 2018-12-17T22:33:41.666040313Z | 82 | PC: 12d32 | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T22:33:41.667616496Z | 44 | PC: 8d94a | Get time 0x8d94a: mov ax, cs 0x8d94c: mov dh, 0 0x8d94e: sub ax, dx 0x8d950: mov ds, ax 0x8d952: mov ax, dx 0x8d954: mov bl, 0x10 0x8d956: mul bl 0x8d958: add ax, 0x272 0x8d95b: mov dx, ax 0x8d95d: pushf 0x8d95e: push cs 0x8d95f: mov ax, 0x1fb 0x8d962: push ax 0x8d963: mov ax, 0x2521 0x8d966: ljmp ptr cs:[0xc6] 0x8d96b: mov si, 0 0x8d96e: mov bx, word ptr cs:[si + 0xd0] 0x8d973: mov word ptr cs:[si + 0x10f], bx 0x8d978: mov bx, word ptr cs:[si + 0xd2] 0x8d97d: mov word ptr cs:[si + 0x111], bx |
| 2018-12-17T22:33:41.670074567Z | 37 | PC: 8d96b | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:33:41.679544012Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ') |
| 2018-12-17T22:33:41.683826241Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |