.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:39:34.195851795Z | 26 | PC: 12e55 | Set disk transfer address |
| 2018-12-17T22:39:34.19839691Z | 37 | PC: 12e63 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:39:34.203184139Z | 37 | PC: 12e67 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input') |
| 2018-12-17T22:39:34.226706294Z | 78 | PC: 12eb6 | Find first file |
| 2018-12-17T22:39:34.233780864Z | 61 | PC: 13004 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:39:34.242353095Z | 63 | PC: 13013 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:39:34.249888442Z | 66 | PC: 13023 | Move file pointer |
| 2018-12-17T22:39:34.251897301Z | 66 | PC: 13033 | Move file pointer |
| 2018-12-17T22:39:34.254307942Z | 64 | PC: 1303f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:39:34.257623223Z | 66 | PC: 1304c | Move file pointer |
| 2018-12-17T22:39:34.259596275Z | 44 | PC: 13050 | Get time 0x13050: mov byte ptr ds:[bp + 0x352], dl 0x13055: call 0x1306b 0x13058: mov ah, 0x40 0x1305a: mov cx, 0x252 0x1305d: lea dx, word ptr [bp + 0x106] 0x13061: int 0x21 0x13063: call 0x1306b 0x13066: mov ah, 0x3e 0x13068: int 0x21 0x1306a: ret 0x1306b: lea si, word ptr [bp + 0x120] 0x1306f: mov cx, 0x213 0x13072: xor byte ptr [si], 0x2a 0x13075: inc si 0x13076: dec cx 0x13077: jne 0x13072 0x13079: ret 0x1307a: add word ptr [bx], di 0x1307c: aas 0x1307d: aas |
| 2018-12-17T22:39:34.262845944Z | 64 | PC: 13063 | Write file or device (Write 594 bytes on handle 5) |
| 2018-12-17T22:39:34.279259761Z | 62 | PC: 1306a | Close file |
| 2018-12-17T22:39:34.294092689Z | 79 | PC: 12eb6 | Find next file |
| 2018-12-17T22:39:34.300901284Z | 61 | PC: 13004 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:39:34.326736297Z | 63 | PC: 13013 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:39:34.334412569Z | 66 | PC: 13023 | Move file pointer |
| 2018-12-17T22:39:34.337165012Z | 66 | PC: 13033 | Move file pointer |
| 2018-12-17T22:39:34.341969266Z | 64 | PC: 1303f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:39:34.346598736Z | 66 | PC: 1304c | Move file pointer |
| 2018-12-17T22:39:34.359602595Z | 44 | PC: 13050 | Get time 0x13050: mov byte ptr ds:[bp + 0x352], dl 0x13055: call 0x1306b 0x13058: mov ah, 0x40 0x1305a: mov cx, 0x252 0x1305d: lea dx, word ptr [bp + 0x106] 0x13061: int 0x21 0x13063: call 0x1306b 0x13066: mov ah, 0x3e 0x13068: int 0x21 0x1306a: ret 0x1306b: lea si, word ptr [bp + 0x120] 0x1306f: mov cx, 0x213 0x13072: xor byte ptr [si], 0x49 0x13075: inc si 0x13076: dec cx 0x13077: jne 0x13072 0x13079: ret 0x1307a: add word ptr [bx], di 0x1307c: aas 0x1307d: aas |
| 2018-12-17T22:39:34.362860526Z | 64 | PC: 13063 | Write file or device (Write 594 bytes on handle 5) |
| 2018-12-17T22:39:34.372180053Z | 62 | PC: 1306a | Close file |
| 2018-12-17T22:39:34.389972067Z | 79 | PC: 12eb6 | Find next file |
| 2018-12-17T22:39:34.413718303Z | 61 | PC: 13004 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:39:34.427552123Z | 63 | PC: 13013 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:39:34.448529242Z | 66 | PC: 13023 | Move file pointer |
| 2018-12-17T22:39:34.451674817Z | 66 | PC: 13033 | Move file pointer |
| 2018-12-17T22:39:34.453664108Z | 64 | PC: 1303f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:39:34.457047402Z | 66 | PC: 1304c | Move file pointer |
| 2018-12-17T22:39:34.460559084Z | 44 | PC: 13050 | Get time 0x13050: mov byte ptr ds:[bp + 0x352], dl 0x13055: call 0x1306b 0x13058: mov ah, 0x40 0x1305a: mov cx, 0x252 0x1305d: lea dx, word ptr [bp + 0x106] 0x13061: int 0x21 0x13063: call 0x1306b 0x13066: mov ah, 0x3e 0x13068: int 0x21 0x1306a: ret 0x1306b: lea si, word ptr [bp + 0x120] 0x1306f: mov cx, 0x213 0x13072: xor byte ptr [si], 0x54 0x13075: inc si 0x13076: dec cx 0x13077: jne 0x13072 0x13079: ret 0x1307a: add word ptr [bx], di 0x1307c: aas 0x1307d: aas |
| 2018-12-17T22:39:34.463503365Z | 64 | PC: 13063 | Write file or device (Write 594 bytes on handle 5) |
| 2018-12-17T22:39:34.483507683Z | 62 | PC: 1306a | Close file |
| 2018-12-17T22:39:34.494639081Z | 79 | PC: 12eb6 | Find next file |
| 2018-12-17T22:39:34.49862205Z | 61 | PC: 13004 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:39:34.506895796Z | 63 | PC: 13013 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:39:34.516196904Z | 66 | PC: 13023 | Move file pointer |
| 2018-12-17T22:39:34.518295783Z | 66 | PC: 13033 | Move file pointer |
| 2018-12-17T22:39:34.52057486Z | 64 | PC: 1303f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:39:34.524442085Z | 66 | PC: 1304c | Move file pointer |
| 2018-12-17T22:39:34.527652457Z | 44 | PC: 13050 | Get time 0x13050: mov byte ptr ds:[bp + 0x352], dl 0x13055: call 0x1306b 0x13058: mov ah, 0x40 0x1305a: mov cx, 0x252 0x1305d: lea dx, word ptr [bp + 0x106] 0x13061: int 0x21 0x13063: call 0x1306b 0x13066: mov ah, 0x3e 0x13068: int 0x21 0x1306a: ret 0x1306b: lea si, word ptr [bp + 0x120] 0x1306f: mov cx, 0x213 0x13072: xor byte ptr [si], 0x59 0x13075: inc si 0x13076: dec cx 0x13077: jne 0x13072 0x13079: ret 0x1307a: add word ptr [bx], di 0x1307c: aas 0x1307d: aas |
| 2018-12-17T22:39:34.530812276Z | 64 | PC: 13063 | Write file or device (Write 594 bytes on handle 5) |
| 2018-12-17T22:39:34.847261545Z | 62 | PC: 1306a | Close file |
| 2018-12-17T22:39:34.857827469Z | 79 | PC: 12eb6 | Find next file |
| 2018-12-17T22:39:34.861399325Z | 61 | PC: 13004 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:39:34.874849407Z | 63 | PC: 13013 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:39:34.903512804Z | 66 | PC: 13023 | Move file pointer |
| 2018-12-17T22:39:34.906410001Z | 66 | PC: 13033 | Move file pointer |
| 2018-12-17T22:39:34.910686708Z | 64 | PC: 1303f | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:39:34.919191896Z | 66 | PC: 1304c | Move file pointer |
| 2018-12-17T22:39:34.924529281Z | 44 | PC: 13050 | Get time 0x13050: mov byte ptr ds:[bp + 0x352], dl 0x13055: call 0x1306b 0x13058: mov ah, 0x40 0x1305a: mov cx, 0x252 0x1305d: lea dx, word ptr [bp + 0x106] 0x13061: int 0x21 0x13063: call 0x1306b 0x13066: mov ah, 0x3e 0x13068: int 0x21 0x1306a: ret 0x1306b: lea si, word ptr [bp + 0x120] 0x1306f: mov cx, 0x213 0x13072: xor byte ptr [si], 0x5f 0x13075: inc si 0x13076: dec cx 0x13077: jne 0x13072 0x13079: ret 0x1307a: add word ptr [bx], di 0x1307c: aas 0x1307d: aas |
| 2018-12-17T22:39:34.927635521Z | 64 | PC: 13063 | Write file or device (Write 594 bytes on handle 5) |
| 2018-12-17T22:39:34.938255083Z | 62 | PC: 1306a | Close file |
| 2018-12-17T22:39:34.948338581Z | 26 | PC: 12ed0 | Set disk transfer address |
| 2018-12-17T22:39:34.950592025Z | 9 | PC: 12ee8 | Display string (Could not find end pointer) |
| 2018-12-17T22:39:34.987068706Z | 19 | PC: 12efd | Delete file |
| 2018-12-17T22:39:34.994685738Z | 9 | PC: 12f30 | Display string (String= '????????OV?�') |