.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:42:53.749216181Z | 84 | PC: 13a99 | Get verify flag |
| 2018-12-17T22:42:53.751181342Z | 9 | PC: 12a82 | Display string (String= 'Goat file (EXE). Size=000011A0h/0000004512d bytes. ') |
| 2018-12-17T22:42:53.759926798Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |
| 2018-12-17T22:42:53.76462944Z | 77 | PC: 11fe0 | Get program return code |
| 2018-12-17T22:42:53.766163812Z | 72 | PC: 12174 | Allocate memory |
| 2018-12-17T22:42:53.769353292Z | 72 | PC: 1218d | Allocate memory |
| 2018-12-17T22:42:53.771651498Z | 37 | PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-17T22:42:53.773085883Z | 37 | PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:42:53.774935607Z | 37 | PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:42:53.776394046Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.778325784Z | 69 | PC: 9f557 | Duplicate handle |
| 2018-12-17T22:42:53.788858627Z | 44 | PC: 9f557 | Get time 0x9f557: ret 0x9f558: add byte ptr [bp + di + 0x6f], dl 0x9f55b: imul esp, dword ptr [bx + di + 0x20], 0x34393931 0x9f563: and byte ptr [bp + si + 0x79], ah 0x9f566: and byte ptr [si + 0x45], dl 0x9f569: push dx 0x9f56a: dec bp 0x9f56b: dec cx 0x9f56c: dec si 0x9f56d: inc cx 0x9f56e: push sp 0x9f56f: dec di 0x9f570: push dx 0x9f571: add byte ptr [bx + si], al 0x9f573: add byte ptr [bx + si], al 0x9f575: add byte ptr [bx + si], al 0x9f577: add byte ptr [bx + si], al 0x9f579: add byte ptr [bx + si], al 0x9f57b: add byte ptr [bx + si], al 0x9f57d: add byte ptr [bx + si], al |
| 2018-12-17T22:42:53.791677892Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.793797663Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.796207329Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.800003048Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.802457067Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.804519421Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.807402205Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.80907141Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.810717291Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.812995791Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.815181676Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.817279616Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.820161629Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.82226484Z | 62 | PC: 122ab | Close file |
| 2018-12-17T22:42:53.826611273Z | 99 | PC: 999d7 | Get DBCS lead byte table pointer |
| 2018-12-17T22:42:53.829165501Z | 56 | PC: 941f9 | Get or set country info |
| 2018-12-17T22:42:53.831807182Z | 64 | PC: 99c48 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-17T22:42:53.837003932Z | 25 | PC: 94262 | Get default drive |
| 2018-12-17T22:42:53.839794403Z | 71 | PC: 964dd | Get current directory |
| 2018-12-17T22:42:53.845092493Z | 64 | PC: 99c48 | Write file or device (Write 3 bytes on handle 1) |
| 2018-12-17T22:42:53.850442282Z | 2 | PC: 964b2 | Character output (Char = '3e') |
| 2018-12-17T22:42:53.854309906Z | 93 | PC: 94320 | File sharing functions |
| 2018-12-17T22:42:53.857056935Z | 93 | PC: 94327 | File sharing functions |
| 2018-12-17T22:42:53.859712944Z | 10 | PC: 94339 | Buffered keyboard input |
| 2018-12-17T22:43:08.731787183Z | 0 | PC: 0 | Program terminate |
| 2018-12-17T22:43:10.08672994Z | 0 | PC: 0 | Program terminate |
| 2018-12-17T22:43:10.190420288Z | 64 | PC: 99c48 | Write file or device (Write 2 bytes on handle 1) |
| 2018-12-17T22:43:10.201654919Z | 41 | PC: 943ae | Parse filename |
| 2018-12-17T22:43:10.205020339Z | 41 | PC: 9442f | Parse filename |
| 2018-12-17T22:43:10.207270686Z | 41 | PC: 9444c | Parse filename |
| 2018-12-17T22:43:10.210039776Z | 26 | PC: 978f7 | Set disk transfer address |
| 2018-12-17T22:43:10.211917323Z | 71 | PC: 97af3 | Get current directory |
| 2018-12-17T22:43:10.221865728Z | 78 | PC: 9f557 | Find first file |
| 2018-12-17T22:43:10.233228278Z | 47 | PC: 9f557 | Get disk transfer address |
| 2018-12-17T22:43:10.23526825Z | 71 | PC: 9796c | Get current directory |
| 2018-12-17T22:43:10.239264005Z | 73 | PC: 97009 | Release memory |
| 2018-12-17T22:43:10.242384375Z | 61 | PC: 9f557 | Open file (Filename = '') |
| 2018-12-17T22:43:10.249731765Z | 87 | PC: 9f557 | Get or set file date and time |
| 2018-12-17T22:43:10.251612177Z | 66 | PC: 9f557 | Move file pointer |
| 2018-12-17T22:43:10.25474997Z | 63 | PC: 9f557 | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T22:43:10.261828865Z | 66 | PC: 9f557 | Move file pointer |
| 2018-12-17T22:43:10.263884837Z | 87 | PC: 9f557 | Get or set file date and time |
| 2018-12-17T22:43:10.266548179Z | 62 | PC: 9f557 | Close file |
| 2018-12-17T22:43:10.280861432Z | 44 | PC: 9f557 | Get time 0x9f557: ret 0x9f558: add byte ptr [bp + di + 0x6f], dl 0x9f55b: imul esp, dword ptr [bx + di + 0x20], 0x34393931 0x9f563: and byte ptr [bp + si + 0x79], ah 0x9f566: and byte ptr [si + 0x45], dl 0x9f569: push dx 0x9f56a: dec bp 0x9f56b: dec cx 0x9f56c: dec si 0x9f56d: inc cx 0x9f56e: push sp 0x9f56f: dec di 0x9f570: push dx 0x9f571: add byte ptr [bx + si], al 0x9f573: add byte ptr [bx + si], al 0x9f575: add byte ptr [bx + si], al 0x9f577: add byte ptr [bx + si], al 0x9f579: add byte ptr [bx + si], al 0x9f57b: add byte ptr [bx + si], al 0x9f57d: add byte ptr [bx + si], al |
| 2018-12-17T22:43:10.286372472Z | 75 | PC: 11821 | Execute program |
| 2018-12-17T22:43:10.301142163Z | 9 | PC: 12a47 | Display string (String= 'Hello, World! ') |
| 2018-12-17T22:43:10.305649538Z | 76 | PC: 12a4b | Terminate with return code (Return code = '36') |