.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:35:52.946666719Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:35:52.948317581Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:35:52.950136641Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:35:52.951062214Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:35:52.952501612Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:35:52.95375198Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:35:52.955031635Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:35:52.964879125Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:35:52.966662785Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:35:52.9677529Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:35:52.969857578Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:35:52.971023035Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:35:52.97268098Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:35:52.974038582Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:35:52.976527315Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:35:52.977802828Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:35:52.979083439Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:35:52.981206732Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:35:52.982366823Z | 53 | PC: 13e2a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:35:52.983459637Z | 37 | PC: 13e3f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:35:52.985074007Z | 37 | PC: 13e47 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:35:52.986359899Z | 37 | PC: 13e4f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:35:52.987306224Z | 37 | PC: 13e57 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:35:52.989646454Z | 68 | PC: 14b22 | I/O control for devices (Set for = '') |
| 2018-12-17T22:35:53.13635098Z | 37 | PC: 1384b | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:35:53.1385155Z | 26 | PC: 135f9 | Set disk transfer address |
| 2018-12-17T22:35:53.140190525Z | 78 | PC: 13605 | Find first file |
| 2018-12-17T22:35:53.142454124Z | 26 | PC: 135f9 | Set disk transfer address |
| 2018-12-17T22:35:53.143760824Z | 78 | PC: 13605 | Find first file |
| 2018-12-17T22:35:53.146906736Z | 26 | PC: 135f9 | Set disk transfer address |
| 2018-12-17T22:35:53.14831574Z | 78 | PC: 13605 | Find first file |
| 2018-12-17T22:35:53.150857048Z | 26 | PC: 135f9 | Set disk transfer address |
| 2018-12-17T22:35:53.153271266Z | 78 | PC: 13605 | Find first file |
| 2018-12-17T22:35:53.155830181Z | 26 | PC: 135f9 | Set disk transfer address |
| 2018-12-17T22:35:53.156753849Z | 78 | PC: 13605 | Find first file |
| 2018-12-17T22:35:53.159021101Z | 26 | PC: 135f9 | Set disk transfer address |
| 2018-12-17T22:35:53.161959215Z | 78 | PC: 13605 | Find first file |
| 2018-12-17T22:35:53.164209393Z | 26 | PC: 135f9 | Set disk transfer address |
| 2018-12-17T22:35:53.165497665Z | 78 | PC: 13605 | Find first file |
| 2018-12-17T22:35:53.167975602Z | 26 | PC: 135f9 | Set disk transfer address |
| 2018-12-17T22:35:53.168865816Z | 78 | PC: 13605 | Find first file |
| 2018-12-17T22:35:53.170551007Z | 26 | PC: 135f9 | Set disk transfer address |
| 2018-12-17T22:35:53.172198852Z | 78 | PC: 13605 | Find first file |
| 2018-12-17T22:35:53.17378171Z | 26 | PC: 135f9 | Set disk transfer address |
| 2018-12-17T22:35:53.174652188Z | 78 | PC: 13605 | Find first file |
| 2018-12-17T22:35:53.176549932Z | 42 | PC: 13527 | Get date 0x13527: xor ah, ah 0x13529: les di, ptr [bp + 6] 0x1352c: stosw word ptr es:[di], ax 0x1352d: mov al, dl 0x1352f: les di, ptr [bp + 0xa] 0x13532: stosw word ptr es:[di], ax 0x13533: mov al, dh 0x13535: les di, ptr [bp + 0xe] 0x13538: stosw word ptr es:[di], ax 0x13539: xchg ax, cx 0x1353a: les di, ptr [bp + 0x12] 0x1353d: stosw word ptr es:[di], ax 0x1353e: pop bp 0x1353f: retf 0x10 0x13542: push bp 0x13543: mov bp, sp 0x13545: mov cx, word ptr [bp + 0xa] 0x13548: mov dh, byte ptr [bp + 8] 0x1354b: mov dl, byte ptr [bp + 6] 0x1354e: mov ah, 0x2b |
| 2018-12-17T22:35:53.178164839Z | 48 | PC: 1463e | Get DOS version |
| 2018-12-17T22:35:53.179313887Z | 67 | PC: 135a1 | Get or set file attributes |
| 2018-12-17T22:35:53.183269204Z | 67 | PC: 135c8 | Get or set file attributes |
| 2018-12-17T22:35:53.200787521Z | 61 | PC: 144f0 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:35:53.20741933Z | 66 | PC: 14c21 | Move file pointer |
| 2018-12-17T22:35:53.208747614Z | 66 | PC: 14c2f | Move file pointer |
| 2018-12-17T22:35:53.210016094Z | 66 | PC: 14c3d | Move file pointer |
| 2018-12-17T22:35:53.211423794Z | 63 | PC: 145c3 | Read file or device (Read 6416 bytes on handle 5) |
| 2018-12-17T22:35:53.21962977Z | 63 | PC: 145c3 | Read file or device (Read 8000 bytes on handle 5) |
| 2018-12-17T22:35:53.226436529Z | 62 | PC: 14540 | Close file |
| 2018-12-17T22:35:53.22807844Z | 60 | PC: 144f0 | Create or truncate file |
| 2018-12-17T22:35:53.24081558Z | 64 | PC: 145c3 | Write file or device (Write 3232 bytes on handle 5) |
| 2018-12-17T22:35:53.250437815Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:35:53.251490755Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:35:53.253141637Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:35:53.254413868Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:35:53.255794181Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:35:53.257397392Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:35:53.2582417Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:35:53.259067195Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:35:53.260630817Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:35:53.261830974Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:35:53.262902169Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:35:53.264547216Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:35:53.2656964Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:35:53.267071812Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:35:53.268996221Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:35:53.270412943Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:35:53.271820198Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:35:53.273876637Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:35:53.274876945Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:35:53.276208674Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:35:53.277778848Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:35:53.278650603Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:35:53.279565364Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:35:53.280946229Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:35:53.281998621Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:35:53.282854048Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:35:53.284565605Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:35:53.285566884Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:35:53.286572027Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:35:53.288291602Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:35:53.289445517Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:35:53.290419477Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:35:53.292183201Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:35:53.293078394Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:35:53.293786024Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:35:53.295036172Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:35:53.295794187Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:35:53.29652579Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:35:53.298057425Z | 48 | PC: 1463e | Get DOS version |
| 2018-12-17T22:35:53.299435715Z | 41 | PC: 1371f | Parse filename |
| 2018-12-17T22:35:53.300602365Z | 41 | PC: 1372d | Parse filename |
| 2018-12-17T22:35:53.310439107Z | 75 | PC: 13738 | Execute program |
| 2018-12-17T22:35:53.318456827Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:35:53.319418442Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:35:53.325760385Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:35:53.326861377Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:35:53.32820518Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:35:53.329690517Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:35:53.330635568Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:35:53.33163931Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:35:53.333602371Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:35:53.334651437Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:35:53.335518343Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:35:53.337205002Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:35:53.338548654Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:35:53.339747424Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:35:53.341309371Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:35:53.342750873Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:35:53.344221974Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:35:53.349780315Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:35:53.350712837Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:35:53.351492744Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:35:53.352659257Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:35:53.353855169Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:35:53.354619428Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:35:53.35594786Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:35:53.356722335Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:35:53.357749221Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:35:53.359275187Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:35:53.360046578Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:35:53.36077255Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:35:53.362151242Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:35:53.363147872Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:35:53.363917234Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:35:53.365026426Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:35:53.365823859Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:35:53.367055127Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:35:53.368213173Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:35:53.369088783Z | 53 | PC: 13768 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:35:53.369779881Z | 37 | PC: 13771 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:35:53.371051398Z | 62 | PC: 14540 | Close file |
| 2018-12-17T22:35:53.375914144Z | 60 | PC: 144f0 | Create or truncate file |
| 2018-12-17T22:35:53.384071449Z | 64 | PC: 145c3 | Write file or device (Write 6416 bytes on handle 5) |
| 2018-12-17T22:35:53.390341711Z | 64 | PC: 145c3 | Write file or device (Write 3232 bytes on handle 5) |
| 2018-12-17T22:35:53.397597343Z | 67 | PC: 135c8 | Get or set file attributes |
| 2018-12-17T22:35:53.404589276Z | 62 | PC: 14540 | Close file |
| 2018-12-17T22:35:53.40965514Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:35:53.410408186Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:35:53.411263815Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:35:53.412202082Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:35:53.413039277Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:35:53.413878457Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:35:53.414827363Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:35:53.415754294Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:35:53.416709302Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:35:53.417808504Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:35:53.418942698Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:35:53.42005495Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:35:53.421494517Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:35:53.422330282Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:35:53.424559676Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:35:53.42756623Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:35:53.429252447Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:35:53.430499793Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:35:53.431923559Z | 37 | PC: 13f81 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:35:53.433190629Z | 76 | PC: 13fc0 | Terminate with return code (Return code = '0') |