.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:43:03.812042992Z | 82 | PC: 7869a | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T22:43:03.815194897Z | 42 | PC: 786de | Get date 0x786de: cmp byte ptr cs:[0x11a1], 1
0x786e4: mov byte ptr cs:[0x212], dh
0x786e9: mov byte ptr cs:[0x213], cl
0x786ee: jne 0x78716
0x786f0: pop si
0x786f1: pop es
0x786f2: push es
0x786f3: push si
0x786f4: mov byte ptr es:[si], 0xcf
0x786f8: mov ah, 1
0x786fa: mov byte ptr cs:[0x11a1], 0
0x78700: mov word ptr cs:[0x485], 0x1ba
0x78707: pushf
0x78708: push 0x300
0x7870b: popf
0x7870c: lcall ptr [0x4c]
0x78710: cmp byte ptr cs:[0x11a1], 1
0x78716: mov byte ptr cs:[0x11a1], 1
0x7871c: pop dword ptr [0xc]
0x78721: pop dword ptr [4]
|
| 2018-12-17T22:43:03.818457574Z | 61 | PC: 784d5 | Open file (Filename = '') |
| 2018-12-17T22:43:03.824716853Z | 98 | PC: 783f8 | Get current PSP |
| 2018-12-17T22:43:03.825882403Z | 82 | PC: 7840d | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T22:43:03.8272366Z | 63 | PC: 784d5 | Read file or device (Read 112 bytes on handle 5) |
| 2018-12-17T22:43:03.83257039Z | 62 | PC: 784d5 | Close file |
| 2018-12-17T22:43:03.834979265Z | 61 | PC: 784d5 | Open file (Filename = 'C:\WINDOWS\HIMEM.SYS') |
| 2018-12-17T22:43:03.846420086Z | 98 | PC: 783f8 | Get current PSP |
| 2018-12-17T22:43:03.847255858Z | 82 | PC: 7840d | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T22:43:03.848280016Z | 63 | PC: 784d5 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-17T22:43:03.857219986Z | 64 | PC: 79087 | Write file or device (Write 4007 bytes on handle 5) |
| 2018-12-17T22:43:04.201606723Z | 64 | PC: 784d5 | Write file or device (Write 8 bytes on handle 5) |
| 2018-12-17T22:43:04.204983314Z | 26 | PC: 784d5 | Set disk transfer address |
| 2018-12-17T22:43:04.207651319Z | 78 | PC: 784d5 | Find first file |
| 2018-12-17T22:43:04.212763801Z | 61 | PC: 784d5 | Open file (Filename = '�&�.�>�6�S&6>>Q>�&>6.�RE��N�.G������.>�>�6K����u�EG����') |
| 2018-12-17T22:43:04.220126161Z | 63 | PC: 784d5 | Read file or device (Read 4 bytes on handle 6) |
| 2018-12-17T22:43:04.228133411Z | 62 | PC: 784d5 | Close file |
| 2018-12-17T22:43:04.229881835Z | 79 | PC: 784d5 | Find next file |
| 2018-12-17T22:43:04.232404519Z | 61 | PC: 784d5 | Open file (Filename = '�&�.�>�6�S&6>>Q>�&>6.�RE��N�.G������.>�>�6K����u�EG����') |
| 2018-12-17T22:43:04.240553606Z | 63 | PC: 784d5 | Read file or device (Read 4 bytes on handle 6) |
| 2018-12-17T22:43:04.245874363Z | 62 | PC: 784d5 | Close file |
| 2018-12-17T22:43:04.247739453Z | 79 | PC: 784d5 | Find next file |
| 2018-12-17T22:43:04.255791786Z | 61 | PC: 784d5 | Open file (Filename = '�&�.�>�6�S&6>>Q>�&>6.�RE��N�.G������.>�>�6K����u�EG����') |
| 2018-12-17T22:43:04.261440042Z | 79 | PC: 784d5 | Find next file |
| 2018-12-17T22:43:04.263942437Z | 61 | PC: 784d5 | Open file (Filename = '�&�.�>�6�S&6>>Q>�&>6.�RE��N�.G������.>�>�6K����u�EG����') |
| 2018-12-17T22:43:04.270956159Z | 79 | PC: 784d5 | Find next file |
| 2018-12-17T22:43:04.273634017Z | 61 | PC: 784d5 | Open file (Filename = '�&�.�>�6�S&6>>Q>�&>6.�RE��N�.G������.>�>�6K����u�EG����') |
| 2018-12-17T22:43:04.279702551Z | 63 | PC: 784d5 | Read file or device (Read 4 bytes on handle 6) |
| 2018-12-17T22:43:04.284462212Z | 62 | PC: 784d5 | Close file |
| 2018-12-17T22:43:04.286399207Z | 79 | PC: 784d5 | Find next file |
| 2018-12-17T22:43:04.289197395Z | 61 | PC: 784d5 | Open file (Filename = '�&�.�>�6�S&6>>Q>�&>6.�RE��N�.G������.>�>�6K����u�EG����') |
| 2018-12-17T22:43:04.29622129Z | 79 | PC: 784d5 | Find next file |
| 2018-12-17T22:43:04.300922033Z | 61 | PC: 784d5 | Open file (Filename = '�&�.�>�6�S&6>>Q>�&>6.�RE��N�.G������.>�>�6K����u�EG����') |
| 2018-12-17T22:43:04.307093622Z | 63 | PC: 784d5 | Read file or device (Read 4 bytes on handle 6) |
| 2018-12-17T22:43:04.310225071Z | 62 | PC: 784d5 | Close file |
| 2018-12-17T22:43:04.312350943Z | 79 | PC: 784d5 | Find next file |
| 2018-12-17T22:43:04.315689185Z | 61 | PC: 784d5 | Open file (Filename = '�&�.�>�6�S&6>>Q>�&>6.�RE��N�.G������.>�>�6K����u�EG����') |
| 2018-12-17T22:43:04.322205537Z | 63 | PC: 784d5 | Read file or device (Read 4 bytes on handle 6) |
| 2018-12-17T22:43:04.325918143Z | 62 | PC: 784d5 | Close file |
| 2018-12-17T22:43:04.32793378Z | 79 | PC: 784d5 | Find next file |
| 2018-12-17T22:43:04.330736094Z | 98 | PC: 784d5 | Get current PSP |
| 2018-12-17T22:43:04.333023449Z | 26 | PC: 784d5 | Set disk transfer address |
| 2018-12-17T22:43:04.334655803Z | 65 | PC: 784d5 | Delete file (Filename = 'C:\WINDOWS\CHKLIST.MS') |
| 2018-12-17T22:43:04.341159093Z | 62 | PC: 784d5 | Close file |
| 2018-12-17T22:43:04.346602013Z | 61 | PC: 784d5 | Open file (Filename = 'C:\WINDOWS\SMARTDRV.EXE') |
| 2018-12-17T22:43:04.353326846Z | 98 | PC: 783f8 | Get current PSP |
| 2018-12-17T22:43:04.354219359Z | 82 | PC: 7840d | Get DOS internal pointers (SYSVARS) |
| 2018-12-17T22:43:04.356036372Z | 63 | PC: 784d5 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-17T22:43:04.359600839Z | 63 | PC: 784d5 | Read file or device (Read 28 bytes on handle 5) |
| 2018-12-17T22:43:04.370333739Z | 64 | PC: 79087 | Write file or device (Write 3999 bytes on handle 5) |
| 2018-12-17T22:43:04.381724981Z | 64 | PC: 784d5 | Write file or device (Write 8 bytes on handle 5) |
| 2018-12-17T22:43:04.38396346Z | 64 | PC: 784d5 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:43:04.386276842Z | 65 | PC: 784d5 | Delete file (Filename = 'C:\WINDOWS\CHKLIST.MS') |
| 2018-12-17T22:43:04.391654422Z | 62 | PC: 784d5 | Close file |
| 2018-12-17T22:43:04.399434475Z | 76 | PC: 14a6d | Terminate with return code (Return code = '0') |
