.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:38:28.368630854Z | 44 | PC: 12c66 | Get time 0x12c66: mov byte ptr ds:[bp + 0x146], dl 0x12c6b: mov ah, 0x2a 0x12c6d: int 0x21 0x12c6f: cmp cx, 0x7c8 0x12c73: jle 0x12c82 0x12c75: cmp dh, 0xb 0x12c78: jne 0x12c82 0x12c7a: cmp dl, 9 0x12c7d: jne 0x12c82 0x12c7f: call 0x22c21 0x12c82: mov byte ptr ds:[bp + 0x516], 0 0x12c88: lea si, word ptr [bp + 0x104] 0x12c8c: mov di, 0x100 0x12c8f: mov cx, 4 0x12c92: cld 0x12c93: rep movsb byte ptr es:[di], byte ptr [si] 0x12c95: mov ah, 0x1a 0x12c97: lea dx, word ptr [bp + 0x4eb] 0x12c9b: int 0x21 0x12c9d: mov ah, 0x4e |
| 2018-12-17T22:38:28.371085501Z | 42 | PC: 12c6f | Get date 0x12c6f: cmp cx, 0x7c8 0x12c73: jle 0x12c82 0x12c75: cmp dh, 0xb 0x12c78: jne 0x12c82 0x12c7a: cmp dl, 9 0x12c7d: jne 0x12c82 0x12c7f: call 0x22c21 0x12c82: mov byte ptr ds:[bp + 0x516], 0 0x12c88: lea si, word ptr [bp + 0x104] 0x12c8c: mov di, 0x100 0x12c8f: mov cx, 4 0x12c92: cld 0x12c93: rep movsb byte ptr es:[di], byte ptr [si] 0x12c95: mov ah, 0x1a 0x12c97: lea dx, word ptr [bp + 0x4eb] 0x12c9b: int 0x21 0x12c9d: mov ah, 0x4e 0x12c9f: lea dx, word ptr [bp + 0x2ec] 0x12ca3: lea si, word ptr [bp + 0x509] 0x12ca7: push dx |
| 2018-12-17T22:38:28.373055514Z | 26 | PC: 12c9d | Set disk transfer address |
| 2018-12-17T22:38:28.373981654Z | 78 | PC: 12cdb | Find first file |
| 2018-12-17T22:38:28.379861784Z | 61 | PC: 12ce7 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:38:28.383798824Z | 63 | PC: 12cf6 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:28.387539094Z | 66 | PC: 12d07 | Move file pointer |
| 2018-12-17T22:38:28.38862539Z | 64 | PC: 12d1c | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:28.391708872Z | 64 | PC: 12bde | Write file or device (Write 995 bytes on handle 5) |
| 2018-12-17T22:38:28.754123286Z | 66 | PC: 12d28 | Move file pointer |
| 2018-12-17T22:38:28.75541849Z | 64 | PC: 12d4a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:28.761928256Z | 62 | PC: 12ccf | Close file |
| 2018-12-17T22:38:28.770088858Z | 79 | PC: 12cdb | Find next file |
| 2018-12-17T22:38:28.772508498Z | 61 | PC: 12ce7 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:38:28.779334585Z | 63 | PC: 12cf6 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:28.785577472Z | 66 | PC: 12d07 | Move file pointer |
| 2018-12-17T22:38:28.786957889Z | 64 | PC: 12d1c | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:28.790477408Z | 64 | PC: 12bde | Write file or device (Write 995 bytes on handle 5) |
| 2018-12-17T22:38:28.799291323Z | 66 | PC: 12d28 | Move file pointer |
| 2018-12-17T22:38:28.800883301Z | 64 | PC: 12d4a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:28.809026019Z | 62 | PC: 12ccf | Close file |
| 2018-12-17T22:38:28.814646708Z | 79 | PC: 12cdb | Find next file |
| 2018-12-17T22:38:28.817282445Z | 61 | PC: 12ce7 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:38:28.82417102Z | 63 | PC: 12cf6 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:28.83109686Z | 66 | PC: 12d07 | Move file pointer |
| 2018-12-17T22:38:28.832566931Z | 64 | PC: 12d1c | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:28.836224612Z | 64 | PC: 12bde | Write file or device (Write 995 bytes on handle 5) |
| 2018-12-17T22:38:28.844790809Z | 66 | PC: 12d28 | Move file pointer |
| 2018-12-17T22:38:28.846094359Z | 64 | PC: 12d4a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:28.852914266Z | 62 | PC: 12ccf | Close file |
| 2018-12-17T22:38:28.860827187Z | 79 | PC: 12cdb | Find next file |
| 2018-12-17T22:38:28.86324676Z | 61 | PC: 12ce7 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:38:28.870118366Z | 63 | PC: 12cf6 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:28.876514886Z | 66 | PC: 12d07 | Move file pointer |
| 2018-12-17T22:38:28.877982971Z | 64 | PC: 12d1c | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:28.881802656Z | 64 | PC: 12bde | Write file or device (Write 995 bytes on handle 5) |
| 2018-12-17T22:38:28.89293168Z | 66 | PC: 12d28 | Move file pointer |
| 2018-12-17T22:38:28.89428678Z | 64 | PC: 12d4a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:28.901536473Z | 62 | PC: 12ccf | Close file |
| 2018-12-17T22:38:28.910168199Z | 79 | PC: 12cdb | Find next file |
| 2018-12-17T22:38:28.912755681Z | 61 | PC: 12ce7 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:38:28.919425297Z | 63 | PC: 12cf6 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:28.926723458Z | 66 | PC: 12d07 | Move file pointer |
| 2018-12-17T22:38:28.928382461Z | 64 | PC: 12d1c | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:28.931626775Z | 64 | PC: 12bde | Write file or device (Write 995 bytes on handle 5) |
| 2018-12-17T22:38:28.940507622Z | 66 | PC: 12d28 | Move file pointer |
| 2018-12-17T22:38:28.941931817Z | 64 | PC: 12d4a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:28.94824139Z | 62 | PC: 12ccf | Close file |
| 2018-12-17T22:38:28.956777291Z | 79 | PC: 12cdb | Find next file |
| 2018-12-17T22:38:28.959257475Z | 61 | PC: 12ce7 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:38:28.966348676Z | 63 | PC: 12cf6 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:28.973387385Z | 66 | PC: 12d07 | Move file pointer |
| 2018-12-17T22:38:28.974698261Z | 64 | PC: 12d1c | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:28.977570315Z | 64 | PC: 12bde | Write file or device (Write 995 bytes on handle 5) |
| 2018-12-17T22:38:28.991077198Z | 66 | PC: 12d28 | Move file pointer |
| 2018-12-17T22:38:28.99288599Z | 64 | PC: 12d4a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:28.998337856Z | 62 | PC: 12ccf | Close file |
| 2018-12-17T22:38:29.005346603Z | 79 | PC: 12cdb | Find next file |
| 2018-12-17T22:38:29.007739469Z | 61 | PC: 12ce7 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:38:29.013082421Z | 63 | PC: 12cf6 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:38:29.018996375Z | 66 | PC: 12d07 | Move file pointer |
| 2018-12-17T22:38:29.020754Z | 64 | PC: 12d1c | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:29.023444002Z | 64 | PC: 12bde | Write file or device (Write 995 bytes on handle 5) |
| 2018-12-17T22:38:29.031271562Z | 66 | PC: 12d28 | Move file pointer |
| 2018-12-17T22:38:29.033099217Z | 64 | PC: 12d4a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:38:29.038864652Z | 62 | PC: 12ccf | Close file |
| 2018-12-17T22:38:29.047370622Z | 79 | PC: 12cdb | Find next file |
| 2018-12-17T22:38:29.05037432Z | 26 | PC: 12cb1 | Set disk transfer address |
| 2018-12-17T22:38:29.051462517Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ') |
| 2018-12-17T22:38:29.055623386Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |