.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:39:44.517477823Z | 48 | PC: 12a4c | Get DOS version |
| 2018-12-17T22:39:44.52001283Z | 53 | PC: 12b75 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:39:44.52126818Z | 53 | PC: 12b82 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T22:39:44.522477162Z | 53 | PC: 12b8f | Get interrupt vector (Interrupt = '5' AKA 'Printer output') |
| 2018-12-17T22:39:44.524313656Z | 53 | PC: 12b9c | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O') |
| 2018-12-17T22:39:44.525481967Z | 37 | PC: 12bb0 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:39:44.526712767Z | 74 | PC: 12af4 | Reallocate memory |
| 2018-12-17T22:39:44.529264602Z | 74 | PC: 13ea4 | Reallocate memory |
| 2018-12-17T22:39:44.534147698Z | 42 | PC: 16b28 | Get date 0x16b28: les bx, ptr [bp + 6]
0x16b2b: mov word ptr es:[bx], cx
0x16b2e: les bx, ptr [bp + 6]
0x16b31: mov word ptr es:[bx + 2], dx
0x16b35: pop bp
0x16b36: retf
0x16b37: push bp
0x16b38: mov bp, sp
0x16b3a: mov ah, 0x2c
0x16b3c: int 0x21
0x16b3e: les bx, ptr [bp + 6]
0x16b41: mov word ptr es:[bx], cx
0x16b44: les bx, ptr [bp + 6]
0x16b47: mov word ptr es:[bx + 2], dx
0x16b4b: pop bp
0x16b4c: retf
0x16b4d: push bp
0x16b4e: mov bp, sp
0x16b50: sub sp, 4
0x16b53: push si
|
| 2018-12-17T22:39:44.53657256Z | 44 | PC: 16b3e | Get time 0x16b3e: les bx, ptr [bp + 6]
0x16b41: mov word ptr es:[bx], cx
0x16b44: les bx, ptr [bp + 6]
0x16b47: mov word ptr es:[bx + 2], dx
0x16b4b: pop bp
0x16b4c: retf
0x16b4d: push bp
0x16b4e: mov bp, sp
0x16b50: sub sp, 4
0x16b53: push si
0x16b54: push di
0x16b55: les di, ptr [bp + 6]
0x16b58: mov ax, es
0x16b5a: or ax, di
0x16b5c: je 0x16b7e
0x16b5e: mov al, 0
0x16b60: mov ah, byte ptr es:[di]
0x16b63: mov cx, 0xffff
0x16b66: cld
0x16b67: repne scasb al, byte ptr es:[di]
|
| 2018-12-17T22:39:44.541843197Z | 74 | PC: 13ea4 | Reallocate memory |
| 2018-12-17T22:39:44.554503252Z | 61 | PC: 1434a | Open file (Filename = '') |
| 2018-12-17T22:39:44.561931601Z | 68 | PC: 14721 | I/O control for devices (Set for = 'Divide error
Abnormal program termination
W��') |
| 2018-12-17T22:39:44.563399963Z | 68 | PC: 14745 | I/O control for devices (Set for = '') |
| 2018-12-17T22:39:44.56614229Z | 74 | PC: 13ea4 | Reallocate memory |
| 2018-12-17T22:39:44.568886851Z | 63 | PC: 14c91 | Read file or device (Read 27136 bytes on handle 5) |
| 2018-12-17T22:39:44.579607424Z | 63 | PC: 14c91 | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T22:39:44.58883608Z | 74 | PC: 13ea4 | Reallocate memory |
| 2018-12-17T22:39:44.59098266Z | 62 | PC: 149a2 | Close file |
| 2018-12-17T22:39:44.593335595Z | 25 | PC: 161c5 | Get default drive |
| 2018-12-17T22:39:44.595566747Z | 42 | PC: 16b28 | Get date 0x16b28: les bx, ptr [bp + 6]
0x16b2b: mov word ptr es:[bx], cx
0x16b2e: les bx, ptr [bp + 6]
0x16b31: mov word ptr es:[bx + 2], dx
0x16b35: pop bp
0x16b36: retf
0x16b37: push bp
0x16b38: mov bp, sp
0x16b3a: mov ah, 0x2c
0x16b3c: int 0x21
0x16b3e: les bx, ptr [bp + 6]
0x16b41: mov word ptr es:[bx], cx
0x16b44: les bx, ptr [bp + 6]
0x16b47: mov word ptr es:[bx + 2], dx
0x16b4b: pop bp
0x16b4c: retf
0x16b4d: push bp
0x16b4e: mov bp, sp
0x16b50: sub sp, 4
0x16b53: push si
|
| 2018-12-17T22:39:44.59798296Z | 44 | PC: 16b3e | Get time 0x16b3e: les bx, ptr [bp + 6]
0x16b41: mov word ptr es:[bx], cx
0x16b44: les bx, ptr [bp + 6]
0x16b47: mov word ptr es:[bx + 2], dx
0x16b4b: pop bp
0x16b4c: retf
0x16b4d: push bp
0x16b4e: mov bp, sp
0x16b50: sub sp, 4
0x16b53: push si
0x16b54: push di
0x16b55: les di, ptr [bp + 6]
0x16b58: mov ax, es
0x16b5a: or ax, di
0x16b5c: je 0x16b7e
0x16b5e: mov al, 0
0x16b60: mov ah, byte ptr es:[di]
0x16b63: mov cx, 0xffff
0x16b66: cld
0x16b67: repne scasb al, byte ptr es:[di]
|
| 2018-12-17T22:39:44.60214412Z | 74 | PC: 13ea4 | Reallocate memory |
| 2018-12-17T22:39:44.605068434Z | 14 | PC: 161d4 | Set default drive (Drive = 'A') |
| 2018-12-17T22:39:44.60737347Z | 59 | PC: 161b0 | Change current directory |
| 2018-12-17T22:39:44.615203118Z | 26 | PC: 16752 | Set disk transfer address |
| 2018-12-17T22:39:44.617326557Z | 78 | PC: 1675c | Find first file |
| 2018-12-17T22:39:44.624573288Z | 37 | PC: 12bbc | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:39:44.625987658Z | 37 | PC: 12bc7 | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T22:39:44.628728016Z | 37 | PC: 12bd2 | Set interrupt vector (Interrupt = '5' AKA 'Printer output') |
| 2018-12-17T22:39:44.63017238Z | 37 | PC: 12bdd | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O') |
| 2018-12-17T22:39:44.631620728Z | 76 | PC: 12b65 | Terminate with return code (Return code = '1') |
