.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:41:43.231507084Z | 47 | PC: 13622 | Get disk transfer address |
| 2018-12-17T22:41:43.237502738Z | 26 | PC: 13634 | Set disk transfer address |
| 2018-12-17T22:41:43.238960592Z | 25 | PC: 13642 | Get default drive |
| 2018-12-17T22:41:43.240313277Z | 14 | PC: 1364c | Set default drive (Drive = 'C') |
| 2018-12-17T22:41:43.245217378Z | 78 | PC: 13658 | Find first file |
| 2018-12-17T22:41:43.251520306Z | 67 | PC: 13694 | Get or set file attributes |
| 2018-12-17T22:41:43.256577363Z | 67 | PC: 136a1 | Get or set file attributes |
| 2018-12-17T22:41:43.588564803Z | 61 | PC: 136a9 | Open file (Filename = 'COMMAND.COM') |
| 2018-12-17T22:41:43.595540606Z | 87 | PC: 136b0 | Get or set file date and time |
| 2018-12-17T22:41:43.596950256Z | 44 | PC: 136be | Get time 0x136be: or dl, dl 0x136c0: je 0x136ba 0x136c2: mov byte ptr [bp + 0x160], dl 0x136c6: mov ah, 0x3f 0x136c8: lea dx, word ptr [bp + 0x62] 0x136cb: mov cx, 3 0x136ce: int 0x21 0x136d0: mov ax, 0x4202 0x136d3: sub cx, cx 0x136d5: sub dx, dx 0x136d7: int 0x21 0x136d9: sub ax, 3 0x136dc: mov word ptr cs:[0xfb2d], ax 0x136e0: mov byte ptr cs:[0xfb2c], 0xe9 0x136e6: lea si, word ptr [bp - 3] 0x136e9: mov di, 0xfcbc 0x136ec: mov cx, 0x166 0x136ef: cld 0x136f0: rep movsb byte ptr es:[di], byte ptr [si] 0x136f2: mov si, 0xfcd8 |
| 2018-12-17T22:41:43.599253047Z | 63 | PC: 136d0 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:41:43.603090857Z | 66 | PC: 136d9 | Move file pointer |
| 2018-12-17T22:41:43.604886409Z | 64 | PC: 13702 | Write file or device (Write 358 bytes on handle 5) |
| 2018-12-17T22:41:43.612317853Z | 66 | PC: 1370b | Move file pointer |
| 2018-12-17T22:41:43.615274876Z | 64 | PC: 13715 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:41:43.6182815Z | 87 | PC: 1372a | Get or set file date and time |
| 2018-12-17T22:41:43.619804263Z | 62 | PC: 1372e | Close file |
| 2018-12-17T22:41:43.630728374Z | 67 | PC: 1373b | Get or set file attributes |
| 2018-12-17T22:41:43.640785431Z | 26 | PC: 1374a | Set disk transfer address |
| 2018-12-17T22:41:43.642341047Z | 14 | PC: 13754 | Set default drive (Drive = 'A') |