.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:40:47.46943399Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:40:47.470771082Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:40:47.472827204Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:40:47.474154527Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:40:47.475465419Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:40:47.477508056Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:40:47.478869092Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:40:47.480176046Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:40:47.482388702Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:40:47.483678274Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:40:47.484845927Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:40:47.495568126Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:40:47.497068705Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:40:47.498723523Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:40:47.500538802Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:40:47.502527788Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:40:47.504563612Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:40:47.5062344Z | 53 | PC: 12ed6 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:40:47.50866235Z | 37 | PC: 12eeb | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:40:47.510263698Z | 37 | PC: 12ef3 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:40:47.511807176Z | 37 | PC: 12efb | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:40:47.513911789Z | 37 | PC: 12f03 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:40:47.515543203Z | 68 | PC: 1344f | I/O control for devices (Set for = '') |
| 2018-12-17T22:40:47.517104035Z | 25 | PC: 13921 | Get default drive |
| 2018-12-17T22:40:47.518976993Z | 71 | PC: 13934 | Get current directory |
| 2018-12-17T22:40:47.522954313Z | 54 | PC: 12dff | Get free disk space |
| 2018-12-17T22:40:47.533821605Z | 26 | PC: 12e35 | Set disk transfer address |
| 2018-12-17T22:40:47.537459156Z | 78 | PC: 12e41 | Find first file |
| 2018-12-17T22:40:47.545615817Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:47.547815057Z | 61 | PC: 13436 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:47.557266299Z | 61 | PC: 13436 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:40:47.56846353Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T22:40:47.571878654Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T22:40:47.575790992Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.578221017Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.580592952Z | 26 | PC: 12e59 | Set disk transfer address |
| 2018-12-17T22:40:47.58242334Z | 79 | PC: 12e5e | Find next file |
| 2018-12-17T22:40:47.586125142Z | 26 | PC: 12e35 | Set disk transfer address |
| 2018-12-17T22:40:47.587720028Z | 78 | PC: 12e41 | Find first file |
| 2018-12-17T22:40:47.593765813Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:47.595775207Z | 61 | PC: 13436 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:47.602162284Z | 61 | PC: 13436 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:40:47.610076207Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T22:40:47.613188984Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T22:40:47.619078847Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.620682719Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.622835492Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:47.624238818Z | 61 | PC: 13746 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:47.629790366Z | 61 | PC: 13746 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:40:47.63676227Z | 63 | PC: 13819 | Read file or device (Read 3428 bytes on handle 5) |
| 2018-12-17T22:40:47.642420547Z | 64 | PC: 13819 | Write file or device (Write 3428 bytes on handle 6) |
| 2018-12-17T22:40:47.655277495Z | 62 | PC: 13796 | Close file |
| 2018-12-17T22:40:47.662572227Z | 62 | PC: 13796 | Close file |
| 2018-12-17T22:40:47.664239398Z | 26 | PC: 12e59 | Set disk transfer address |
| 2018-12-17T22:40:47.665392894Z | 79 | PC: 12e5e | Find next file |
| 2018-12-17T22:40:47.668727688Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:47.670152063Z | 61 | PC: 13436 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:47.675228869Z | 61 | PC: 13436 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:40:47.684210839Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T22:40:47.687158686Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T22:40:47.692406111Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.694124689Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.696496474Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:47.698066052Z | 61 | PC: 13746 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:47.70411356Z | 61 | PC: 13746 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:40:47.709951175Z | 63 | PC: 13819 | Read file or device (Read 3428 bytes on handle 5) |
| 2018-12-17T22:40:47.715424475Z | 64 | PC: 13819 | Write file or device (Write 3428 bytes on handle 6) |
| 2018-12-17T22:40:47.721953057Z | 62 | PC: 13796 | Close file |
| 2018-12-17T22:40:47.729124447Z | 62 | PC: 13796 | Close file |
| 2018-12-17T22:40:47.73192665Z | 26 | PC: 12e59 | Set disk transfer address |
| 2018-12-17T22:40:47.733481851Z | 79 | PC: 12e5e | Find next file |
| 2018-12-17T22:40:47.737925477Z | 26 | PC: 12e35 | Set disk transfer address |
| 2018-12-17T22:40:47.739184502Z | 78 | PC: 12e41 | Find first file |
| 2018-12-17T22:40:47.745904874Z | 54 | PC: 12dff | Get free disk space |
| 2018-12-17T22:40:47.750519261Z | 14 | PC: 1397a | Set default drive (Drive = 'A') |
| 2018-12-17T22:40:47.752143021Z | 25 | PC: 1397e | Get default drive |
| 2018-12-17T22:40:47.753647176Z | 59 | PC: 139e8 | Change current directory |
| 2018-12-17T22:40:47.759215024Z | 26 | PC: 12e35 | Set disk transfer address |
| 2018-12-17T22:40:47.760525665Z | 78 | PC: 12e41 | Find first file |
| 2018-12-17T22:40:47.772048377Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:47.775171663Z | 61 | PC: 13436 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:47.782311624Z | 61 | PC: 13436 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:40:47.789589063Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T22:40:47.798143259Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T22:40:47.802955027Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.805297757Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.807507417Z | 26 | PC: 12e59 | Set disk transfer address |
| 2018-12-17T22:40:47.8098038Z | 79 | PC: 12e5e | Find next file |
| 2018-12-17T22:40:47.812084544Z | 26 | PC: 12e35 | Set disk transfer address |
| 2018-12-17T22:40:47.813100032Z | 78 | PC: 12e41 | Find first file |
| 2018-12-17T22:40:47.819226217Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:47.821132167Z | 61 | PC: 13436 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:47.826650532Z | 61 | PC: 13436 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:40:47.832371758Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T22:40:47.834686906Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T22:40:47.840760854Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.843997343Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.846084964Z | 26 | PC: 12e59 | Set disk transfer address |
| 2018-12-17T22:40:47.847246927Z | 79 | PC: 12e5e | Find next file |
| 2018-12-17T22:40:47.852832478Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:47.85459604Z | 61 | PC: 13436 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:47.861480691Z | 61 | PC: 13436 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:40:47.869116713Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T22:40:47.872491983Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T22:40:47.880230718Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.882131919Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.88527921Z | 26 | PC: 12e59 | Set disk transfer address |
| 2018-12-17T22:40:47.886506605Z | 79 | PC: 12e5e | Find next file |
| 2018-12-17T22:40:47.889500007Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:47.891737009Z | 61 | PC: 13436 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:47.898679137Z | 61 | PC: 13436 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:40:47.905655742Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T22:40:47.909581945Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T22:40:47.917289522Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.91933296Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.922302417Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:47.924000667Z | 61 | PC: 13746 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:47.929088694Z | 61 | PC: 13746 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:40:47.934195756Z | 63 | PC: 13819 | Read file or device (Read 3428 bytes on handle 5) |
| 2018-12-17T22:40:47.940880391Z | 64 | PC: 13819 | Write file or device (Write 3428 bytes on handle 6) |
| 2018-12-17T22:40:47.948327017Z | 62 | PC: 13796 | Close file |
| 2018-12-17T22:40:47.956331131Z | 62 | PC: 13796 | Close file |
| 2018-12-17T22:40:47.958596546Z | 26 | PC: 12e59 | Set disk transfer address |
| 2018-12-17T22:40:47.959915593Z | 79 | PC: 12e5e | Find next file |
| 2018-12-17T22:40:47.963275224Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:47.965872532Z | 61 | PC: 13436 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:47.971272604Z | 61 | PC: 13436 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:40:47.981139917Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T22:40:47.988080684Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T22:40:47.993795958Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:47.995581893Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:48.003129739Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:48.004606483Z | 61 | PC: 13746 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:48.010862353Z | 61 | PC: 13746 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:40:48.017695377Z | 63 | PC: 13819 | Read file or device (Read 3428 bytes on handle 5) |
| 2018-12-17T22:40:48.024316923Z | 64 | PC: 13819 | Write file or device (Write 3428 bytes on handle 6) |
| 2018-12-17T22:40:48.031216943Z | 62 | PC: 13796 | Close file |
| 2018-12-17T22:40:48.03931342Z | 62 | PC: 13796 | Close file |
| 2018-12-17T22:40:48.040984328Z | 26 | PC: 12e59 | Set disk transfer address |
| 2018-12-17T22:40:48.042421999Z | 79 | PC: 12e5e | Find next file |
| 2018-12-17T22:40:48.045552709Z | 26 | PC: 12e35 | Set disk transfer address |
| 2018-12-17T22:40:48.046638017Z | 78 | PC: 12e41 | Find first file |
| 2018-12-17T22:40:48.051141486Z | 54 | PC: 12dff | Get free disk space |
| 2018-12-17T22:40:48.086031567Z | 14 | PC: 1397a | Set default drive (Drive = 'C') |
| 2018-12-17T22:40:48.087280683Z | 25 | PC: 1397e | Get default drive |
| 2018-12-17T22:40:48.088365972Z | 59 | PC: 139e8 | Change current directory |
| 2018-12-17T22:40:48.092253584Z | 26 | PC: 12e35 | Set disk transfer address |
| 2018-12-17T22:40:48.093404125Z | 78 | PC: 12e41 | Find first file |
| 2018-12-17T22:40:48.1000463Z | 26 | PC: 12e35 | Set disk transfer address |
| 2018-12-17T22:40:48.101913878Z | 78 | PC: 12e41 | Find first file |
| 2018-12-17T22:40:48.106186693Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:48.107623973Z | 61 | PC: 13436 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:48.117838989Z | 61 | PC: 13436 | Open file (Filename = 'COMMAND.COM') |
| 2018-12-17T22:40:48.124954223Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T22:40:48.131543508Z | 63 | PC: 134fb | Read file or device (Read 128 bytes on handle 6) |
| 2018-12-17T22:40:48.137821651Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:48.139332849Z | 62 | PC: 1356c | Close file |
| 2018-12-17T22:40:48.140746724Z | 48 | PC: 13894 | Get DOS version |
| 2018-12-17T22:40:48.142468438Z | 61 | PC: 13746 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:40:48.147619122Z | 61 | PC: 13746 | Open file (Filename = 'COMMAND.COM') |
| 2018-12-17T22:40:48.152371829Z | 63 | PC: 13819 | Read file or device (Read 3428 bytes on handle 5) |
| 2018-12-17T22:40:48.161065418Z | 64 | PC: 13819 | Write file or device (Write 3428 bytes on handle 6) |
| 2018-12-17T22:40:48.519148206Z | 62 | PC: 13796 | Close file |
| 2018-12-17T22:40:48.526482852Z | 62 | PC: 13796 | Close file |
| 2018-12-17T22:40:48.53493622Z | 26 | PC: 12e59 | Set disk transfer address |
| 2018-12-17T22:40:48.536280644Z | 79 | PC: 12e5e | Find next file |
| 2018-12-17T22:40:48.54026078Z | 26 | PC: 12e35 | Set disk transfer address |
| 2018-12-17T22:40:48.543852947Z | 78 | PC: 12e41 | Find first file |
| 2018-12-17T22:40:48.551923094Z | 42 | PC: 12db5 | Get date 0x12db5: pushf 0x12db6: push es 0x12db7: push di 0x12db8: push bp 0x12db9: mov bp, sp 0x12dbb: les di, ptr [bp + 0x10] 0x12dbe: cld 0x12dbf: stosw word ptr es:[di], ax 0x12dc0: mov ax, bx 0x12dc2: stosw word ptr es:[di], ax 0x12dc3: mov ax, cx 0x12dc5: stosw word ptr es:[di], ax 0x12dc6: mov ax, dx 0x12dc8: stosw word ptr es:[di], ax 0x12dc9: pop ax 0x12dca: stosw word ptr es:[di], ax 0x12dcb: mov ax, si 0x12dcd: stosw word ptr es:[di], ax 0x12dce: pop ax 0x12dcf: stosw word ptr es:[di], ax |
| 2018-12-17T22:40:48.554761706Z | 14 | PC: 1397a | Set default drive (Drive = 'A') |
| 2018-12-17T22:40:48.557272082Z | 25 | PC: 1397e | Get default drive |
| 2018-12-17T22:40:48.559011378Z | 59 | PC: 139e8 | Change current directory |
| 2018-12-17T22:40:48.563769875Z | 64 | PC: 13552 | Write file or device (Write 0 bytes on handle 1) |
| 2018-12-17T22:40:48.566309926Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:40:48.567972609Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:40:48.569296946Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:40:48.571672217Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:40:48.573171894Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:40:48.574959432Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:40:48.576868458Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:40:48.579052009Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:40:48.580379963Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:40:48.582293266Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:40:48.58486131Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:40:48.586780695Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:40:48.588209849Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:40:48.59111185Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:40:48.59286922Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:40:48.594473593Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:40:48.596678595Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:40:48.598303277Z | 37 | PC: 12fe5 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:40:48.59984916Z | 76 | PC: 13024 | Terminate with return code (Return code = '0') |