.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:40:23.00054176Z | 53 | PC: 12a8a | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive') |
| 2018-12-17T22:40:23.002876373Z | 61 | PC: 12aea | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-17T22:40:23.007157128Z | 63 | PC: 12afe | Read file or device (Read 6 bytes on handle 5) |
| 2018-12-17T22:40:23.008730732Z | 66 | PC: 12b1b | Move file pointer |
| 2018-12-17T22:40:23.010194816Z | 64 | PC: 12b35 | Write file or device (Write 11 bytes on handle 5) |
| 2018-12-17T22:40:23.013257202Z | 64 | PC: 12b41 | Write file or device (Write 492 bytes on handle 5) |
| 2018-12-17T22:40:23.349634137Z | 66 | PC: 12b4e | Move file pointer |
| 2018-12-17T22:40:23.351898706Z | 64 | PC: 12b5a | Write file or device (Write 6 bytes on handle 5) |
| 2018-12-17T22:40:23.354701807Z | 62 | PC: 12b83 | Close file |
| 2018-12-17T22:40:23.37137791Z | 37 | PC: 12ab8 | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive') |
| 2018-12-17T22:40:23.373466596Z | 53 | PC: 12abd | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:40:23.37495725Z | 37 | PC: 12acd | Set interrupt vector (Interrupt = '33' AKA 'Random read') |