.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:42:30.235799947Z | 44 | PC: 14975 | Get time 0x14975: cmp bx, 0xbabe
0x14979: jne 0x149c6
0x1497b: cmp cx, 0xb0b0
0x1497f: jne 0x149c6
0x14981: cmp word ptr cs:[0x142], 1
0x14987: je 0x149a6
0x14989: mov es, word ptr cs:[0x14c]
0x1498e: push cs
0x1498f: pop ds
0x14990: mov di, 0x100
0x14993: mov si, 0x16c
0x14996: mov cx, word ptr cs:[0x13c]
0x1499b: cld
0x1499c: rep movsb byte ptr es:[di], byte ptr [si]
0x1499e: push es
0x1499f: pop ds
0x149a0: push es
0x149a1: mov ax, 0x100
0x149a4: push ax
0x149a5: retf
|
| 2018-12-17T22:42:30.240075681Z | 53 | PC: 12c7a | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:42:30.241800734Z | 53 | PC: 12c97 | Get interrupt vector (Interrupt = '22' AKA 'Create or truncate file') |
| 2018-12-17T22:42:30.243774251Z | 37 | PC: 12ca9 | Set interrupt vector (Interrupt = '22' AKA 'Create or truncate file') |
| 2018-12-17T22:42:30.247466546Z | 49 | PC: 12cda | Terminate and stay resident (Return code = '0' | Memory size = '132') |
| 2018-12-17T22:42:30.24972627Z | 75 | PC: 12d58 | Execute program |
| 2018-12-17T22:42:30.264539954Z | 48 | PC: 148f3 | Get DOS version |
| 2018-12-17T22:42:30.266569697Z | 9 | PC: 14a1d | Display string (String= '������������������!������������[���06/23/������[���06/23/��������� win TEMP=C:\WINDOWS\TEMP �������������������������������������������������������������������������������������������������������.���0�5�POWER') |
| 2018-12-17T22:42:30.273807517Z | 76 | PC: 14a23 | Terminate with return code (Return code = '1') |
