.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T21:56:38.88412058Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T21:56:38.886137794Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T21:56:38.887313307Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T21:56:38.888567098Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T21:56:38.890172547Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T21:56:38.89119273Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:56:38.89221741Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T21:56:38.893677629Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T21:56:38.895012912Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T21:56:38.896256404Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T21:56:38.89783402Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T21:56:38.899085307Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T21:56:38.901029575Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T21:56:38.902994711Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T21:56:38.904091913Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T21:56:38.905348353Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T21:56:38.907179321Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T21:56:38.908456867Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T21:56:38.909653684Z | 53 | PC: 14192 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T21:56:38.911411854Z | 37 | PC: 141a7 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T21:56:38.912992615Z | 37 | PC: 141af | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T21:56:38.914508482Z | 37 | PC: 141b7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:56:38.916843308Z | 37 | PC: 141bf | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T21:56:38.918087777Z | 68 | PC: 1452f | I/O control for devices (Set for = '') |
| 2018-12-17T21:56:38.997901685Z | 37 | PC: 137c5 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T21:56:38.999431626Z | 44 | PC: 14ac4 | Get time 0x14ac4: mov word ptr [0x3e], cx 0x14ac8: mov word ptr [0x40], dx 0x14acc: retf 0x14acd: mov bx, sp 0x14acf: push ds 0x14ad0: les di, ptr ss:[bx + 8] 0x14ad4: lds si, ptr ss:[bx + 4] 0x14ad8: cld 0x14ad9: xor ax, ax 0x14adb: stosw word ptr es:[di], ax 0x14adc: mov ax, 0xd7b0 0x14adf: stosw word ptr es:[di], ax 0x14ae0: xor ax, ax 0x14ae2: mov cx, 0x16 0x14ae5: rep stosd dword ptr es:[di], eax 0x14ae7: lodsb al, byte ptr [si] 0x14ae8: cmp al, 0x4f 0x14aea: jbe 0x14aee 0x14aec: mov al, 0x4f 0x14aee: mov cl, al |
| 2018-12-17T21:56:39.005015478Z | 42 | PC: 13d57 | Get date 0x13d57: xor ah, ah 0x13d59: les di, ptr [bp + 6] 0x13d5c: stosw word ptr es:[di], ax 0x13d5d: mov al, dl 0x13d5f: les di, ptr [bp + 0xa] 0x13d62: stosw word ptr es:[di], ax 0x13d63: mov al, dh 0x13d65: les di, ptr [bp + 0xe] 0x13d68: stosw word ptr es:[di], ax 0x13d69: xchg ax, cx 0x13d6a: les di, ptr [bp + 0x12] 0x13d6d: stosw word ptr es:[di], ax 0x13d6e: pop bp 0x13d6f: retf 0x10 0x13d72: push bp 0x13d73: mov bp, sp 0x13d75: mov cx, word ptr [bp + 0xa] 0x13d78: mov dh, byte ptr [bp + 8] 0x13d7b: mov dl, byte ptr [bp + 6] 0x13d7e: mov ah, 0x2b |
| 2018-12-17T21:56:39.007018257Z | 67 | PC: 13fc2 | Get or set file attributes |
| 2018-12-17T21:56:39.008550918Z | 67 | PC: 13fc2 | Get or set file attributes |
| 2018-12-17T21:56:39.015382026Z | 48 | PC: 14cf7 | Get DOS version |
| 2018-12-17T21:56:39.01728364Z | 25 | PC: 1402e | Get default drive |
| 2018-12-17T21:56:39.018928626Z | 71 | PC: 1404d | Get current directory |
| 2018-12-17T21:56:39.022971937Z | 26 | PC: 13e29 | Set disk transfer address |
| 2018-12-17T21:56:39.024325467Z | 78 | PC: 13e35 | Find first file |
| 2018-12-17T21:56:39.02993342Z | 48 | PC: 14cf7 | Get DOS version |
| 2018-12-17T21:56:39.031710919Z | 61 | PC: 14b43 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T21:56:39.039165455Z | 60 | PC: 14b43 | Create or truncate file |
| 2018-12-17T21:56:39.38726644Z | 60 | PC: 14b43 | Create or truncate file |
| 2018-12-17T21:56:39.398146056Z | 63 | PC: 14c16 | Read file or device (Read 9840 bytes on handle 5) |
| 2018-12-17T21:56:39.406254607Z | 64 | PC: 14c16 | Write file or device (Write 9840 bytes on handle 6) |
| 2018-12-17T21:56:39.420214078Z | 62 | PC: 14b93 | Close file |
| 2018-12-17T21:56:39.428142207Z | 63 | PC: 14c16 | Read file or device (Read 9840 bytes on handle 5) |
| 2018-12-17T21:56:39.429973344Z | 62 | PC: 14b93 | Close file |
| 2018-12-17T21:56:39.432505914Z | 62 | PC: 14b93 | Close file |
| 2018-12-17T21:56:39.43497257Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T21:56:39.436031016Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T21:56:39.437164755Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T21:56:39.438404528Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T21:56:39.43932603Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T21:56:39.440322197Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T21:56:39.441586261Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T21:56:39.442515614Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T21:56:39.443447849Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T21:56:39.444859639Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T21:56:39.445890135Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:56:39.446818236Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:56:39.448192597Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T21:56:39.449139712Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T21:56:39.450166734Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T21:56:39.451546178Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T21:56:39.452476208Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T21:56:39.453446092Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T21:56:39.454642751Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T21:56:39.4558102Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T21:56:39.456672088Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T21:56:39.457845319Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T21:56:39.458714166Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T21:56:39.459516551Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T21:56:39.460761987Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T21:56:39.461692729Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T21:56:39.463065278Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T21:56:39.464157998Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T21:56:39.465088792Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T21:56:39.466225677Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T21:56:39.467474605Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T21:56:39.468254096Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T21:56:39.468898091Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T21:56:39.470532463Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T21:56:39.471438518Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T21:56:39.472379267Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T21:56:39.474212405Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T21:56:39.475189379Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T21:56:39.476222078Z | 41 | PC: 13f5e | Parse filename |
| 2018-12-17T21:56:39.485692433Z | 41 | PC: 13f6c | Parse filename |
| 2018-12-17T21:56:39.486928046Z | 75 | PC: 13f77 | Execute program |
| 2018-12-17T21:56:39.495230543Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T21:56:39.496751461Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T21:56:39.497858335Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T21:56:39.498796378Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T21:56:39.500235477Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T21:56:39.501312978Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T21:56:39.502320112Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T21:56:39.504055833Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T21:56:39.505126801Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T21:56:39.506093057Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T21:56:39.507444887Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:56:39.508492601Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T21:56:39.509565407Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T21:56:39.511041607Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T21:56:39.512027188Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T21:56:39.513143886Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T21:56:39.514438039Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T21:56:39.515534723Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T21:56:39.516571955Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T21:56:39.517884849Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T21:56:39.518940179Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T21:56:39.519767323Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T21:56:39.521249172Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T21:56:39.522265793Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T21:56:39.524274998Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T21:56:39.525582849Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T21:56:39.526627983Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T21:56:39.527600328Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T21:56:39.529953003Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T21:56:39.531306014Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T21:56:39.532557894Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T21:56:39.534430751Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T21:56:39.535352293Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T21:56:39.536290904Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T21:56:39.53809592Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T21:56:39.539405289Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T21:56:39.540501261Z | 53 | PC: 13ebb | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T21:56:39.542652661Z | 37 | PC: 13ec4 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T21:56:39.543884867Z | 65 | PC: 14c8c | Delete file (Filename = 'c:\nuevo2.exe') |
| 2018-12-17T21:56:39.552568345Z | 67 | PC: 13df8 | Get or set file attributes |
| 2018-12-17T21:56:39.561564964Z | 25 | PC: 1402e | Get default drive |
| 2018-12-17T21:56:39.562770365Z | 71 | PC: 1404d | Get current directory |
| 2018-12-17T21:56:39.567182172Z | 67 | PC: 13df8 | Get or set file attributes |
| 2018-12-17T21:56:39.577196601Z | 61 | PC: 14b43 | Open file (Filename = 'c:\AUTOEXEC.BAT') |
| 2018-12-17T21:56:39.583295516Z | 63 | PC: 14c16 | Read file or device (Read 1700 bytes on handle 5) |
| 2018-12-17T21:56:39.585979169Z | 62 | PC: 14b93 | Close file |
| 2018-12-17T21:56:39.588994671Z | 61 | PC: 14516 | Open file (Filename = 'c:\autoexec.bat') |
| 2018-12-17T21:56:39.594866995Z | 68 | PC: 1452f | I/O control for devices (Set for = 'c:\autoexec.bat') |
| 2018-12-17T21:56:39.596297974Z | 66 | PC: 14576 | Move file pointer |
| 2018-12-17T21:56:39.599745686Z | 66 | PC: 1458d | Move file pointer |
| 2018-12-17T21:56:39.602121001Z | 63 | PC: 1459a | Read file or device (Read 128 bytes on handle 5) |
| 2018-12-17T21:56:39.605370978Z | 64 | PC: 1460d | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T21:56:39.60896842Z | 62 | PC: 1464c | Close file |