.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T21:55:39.577683443Z | 61 | PC: 12ddc | Open file (Filename = 'c:\config.sys') |
| 2018-12-17T21:55:39.594353628Z | 63 | PC: 12dea | Read file or device (Read 1024 bytes on handle 5) |
| 2018-12-17T21:55:39.599874602Z | 61 | PC: 12e52 | Open file (Filename = 'C:\WINDOWS\HIMEM.SYS') |
| 2018-12-17T21:55:39.610400064Z | 62 | PC: 12eef | Close file |
| 2018-12-17T21:55:39.613899988Z | 63 | PC: 12efd | Read file or device (Read 65535 bytes on handle 6) |
| 2018-12-17T21:55:39.622151295Z | 66 | PC: 12f32 | Move file pointer |
| 2018-12-17T21:55:39.623455204Z | 64 | PC: 12f44 | Write file or device (Write 20 bytes on handle 6) |
| 2018-12-17T21:55:39.6296736Z | 64 | PC: 12f50 | Write file or device (Write 2700 bytes on handle 6) |
| 2018-12-17T21:55:39.983259527Z | 64 | PC: 12f5d | Write file or device (Write 13824 bytes on handle 6) |
| 2018-12-17T21:55:39.995485355Z | 62 | PC: 12f61 | Close file |
| 2018-12-17T21:55:40.003805579Z | 76 | PC: 12b1d | Terminate with return code (Return code = '164') |