.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:43:20.465086715Z | 42 | PC: 12acb | Get date 0x12acb: pop bp
0x12acc: push dx
0x12acd: sub bp, 0x108
0x12ad1: call 0x131dc
0x12ad4: pop dx
0x12ad5: cmp dh, 0xc
0x12ad8: jne 0x12ae7
0x12ada: cmp dl, 0x19
0x12add: je 0x12ae4
0x12adf: cmp dl, 0x1f
0x12ae2: jne 0x12ae7
0x12ae4: call 0x12c6e
0x12ae7: call 0x12bde
0x12aea: call 0x12c03
0x12aed: call 0x12c0e
0x12af0: call 0x12c15
0x12af3: mov ah, 0x4d
0x12af5: inc ah
0x12af7: mov cx, 7
0x12afa: lea dx, word ptr [bp + 0x7ed]
|
| 2018-12-17T22:43:20.467593891Z | 71 | PC: 12c1e | Get current directory |
| 2018-12-17T22:43:20.470866193Z | 26 | PC: 12c25 | Set disk transfer address |
| 2018-12-17T22:43:20.472088698Z | 78 | PC: 12b00 | Find first file |
| 2018-12-17T22:43:20.479282485Z | 67 | PC: 12b31 | Get or set file attributes |
| 2018-12-17T22:43:20.497405104Z | 61 | PC: 12b3f | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:43:20.505026814Z | 63 | PC: 12b4d | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T22:43:20.512543086Z | 66 | PC: 12bdd | Move file pointer |
| 2018-12-17T22:43:20.514905057Z | 66 | PC: 12b69 | Move file pointer |
| 2018-12-17T22:43:20.516790055Z | 64 | PC: 12b76 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:43:20.519821333Z | 66 | PC: 12bdd | Move file pointer |
| 2018-12-17T22:43:20.521888817Z | 44 | PC: 12c42 | Get time 0x12c42: cmp dx, 0
0x12c45: je 0x12c3f
0x12c47: mov word ptr ds:[bp + 0x850], dx
0x12c4c: ret
0x12c4d: sub cx, cx
0x12c4f: mov cl, byte ptr ds:[bp + 0x8a8]
0x12c54: lea dx, word ptr [bp + 0x8b1]
0x12c58: mov ax, 0x4301
0x12c5b: int3
0x12c5c: mov cx, word ptr ds:[bp + 0x8a9]
0x12c61: mov dx, word ptr ds:[bp + 0x8ab]
0x12c66: mov ax, 0x5701
0x12c69: int3
0x12c6a: mov ah, 0x3e
0x12c6c: int3
0x12c6d: ret
0x12c6e: sub cx, cx
0x12c70: mov dx, 0x314f
0x12c73: mov bx, 0x700
0x12c76: mov ax, 0x600
|
| 2018-12-17T22:43:20.524879078Z | 64 | PC: 12b8c | Write file or device (Write 1870 bytes on handle 5) |
| 2018-12-17T22:43:20.535192946Z | 67 | PC: 12c5c | Get or set file attributes |
| 2018-12-17T22:43:20.549227642Z | 87 | PC: 12c6a | Get or set file date and time |
| 2018-12-17T22:43:20.55180767Z | 62 | PC: 12c6d | Close file |
| 2018-12-17T22:43:20.56024225Z | 67 | PC: 12c5c | Get or set file attributes |
| 2018-12-17T22:43:20.57119061Z | 87 | PC: 12c6a | Get or set file date and time |
| 2018-12-17T22:43:20.573716124Z | 62 | PC: 12c6d | Close file |
| 2018-12-17T22:43:20.575260129Z | 79 | PC: 12bc4 | Find next file |
| 2018-12-17T22:43:20.578090977Z | 67 | PC: 12c5c | Get or set file attributes |
| 2018-12-17T22:43:20.589177699Z | 87 | PC: 12c6a | Get or set file date and time |
| 2018-12-17T22:43:20.591240347Z | 62 | PC: 12c6d | Close file |
| 2018-12-17T22:43:20.593246592Z | 79 | PC: 12bc4 | Find next file |
| 2018-12-17T22:43:20.597345926Z | 67 | PC: 12c5c | Get or set file attributes |
| 2018-12-17T22:43:20.609084875Z | 87 | PC: 12c6a | Get or set file date and time |
| 2018-12-17T22:43:20.611355745Z | 62 | PC: 12c6d | Close file |
| 2018-12-17T22:43:20.614475517Z | 79 | PC: 12bc4 | Find next file |
| 2018-12-17T22:43:20.617935406Z | 67 | PC: 12c5c | Get or set file attributes |
| 2018-12-17T22:43:20.629283207Z | 87 | PC: 12c6a | Get or set file date and time |
| 2018-12-17T22:43:20.632543256Z | 62 | PC: 12c6d | Close file |
| 2018-12-17T22:43:20.634966911Z | 79 | PC: 12bc4 | Find next file |
| 2018-12-17T22:43:20.638331502Z | 67 | PC: 12c5c | Get or set file attributes |
| 2018-12-17T22:43:20.649958057Z | 87 | PC: 12c6a | Get or set file date and time |
| 2018-12-17T22:43:20.651666351Z | 62 | PC: 12c6d | Close file |
| 2018-12-17T22:43:20.653555435Z | 79 | PC: 12bc4 | Find next file |
| 2018-12-17T22:43:20.656558349Z | 67 | PC: 12b31 | Get or set file attributes |
| 2018-12-17T22:43:20.668204872Z | 61 | PC: 12b3f | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:43:20.677219395Z | 63 | PC: 12b4d | Read file or device (Read 5 bytes on handle 5) |
| 2018-12-17T22:43:20.684872436Z | 66 | PC: 12bdd | Move file pointer |
| 2018-12-17T22:43:20.687545091Z | 66 | PC: 12b69 | Move file pointer |
| 2018-12-17T22:43:20.68920691Z | 64 | PC: 12b76 | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:43:20.692452829Z | 66 | PC: 12bdd | Move file pointer |
| 2018-12-17T22:43:20.694537921Z | 44 | PC: 12c42 | Get time 0x12c42: cmp dx, 0
0x12c45: je 0x12c3f
0x12c47: mov word ptr ds:[bp + 0x850], dx
0x12c4c: ret
0x12c4d: sub cx, cx
0x12c4f: mov cl, byte ptr ds:[bp + 0x8a8]
0x12c54: lea dx, word ptr [bp + 0x8b1]
0x12c58: mov ax, 0x4301
0x12c5b: int3
0x12c5c: mov cx, word ptr ds:[bp + 0x8a9]
0x12c61: mov dx, word ptr ds:[bp + 0x8ab]
0x12c66: mov ax, 0x5701
0x12c69: int3
0x12c6a: mov ah, 0x3e
0x12c6c: int3
0x12c6d: ret
0x12c6e: sub cx, cx
0x12c70: mov dx, 0x314f
0x12c73: mov bx, 0x700
0x12c76: mov ax, 0x600
|
| 2018-12-17T22:43:20.697513517Z | 64 | PC: 12b8c | Write file or device (Write 1870 bytes on handle 5) |
| 2018-12-17T22:43:20.708673771Z | 67 | PC: 12c5c | Get or set file attributes |
| 2018-12-17T22:43:20.730111643Z | 87 | PC: 12c6a | Get or set file date and time |
| 2018-12-17T22:43:20.732000491Z | 62 | PC: 12c6d | Close file |
| 2018-12-17T22:43:20.740784011Z | 26 | PC: 12baa | Set disk transfer address |
| 2018-12-17T22:43:20.742776471Z | 59 | PC: 12bb2 | Change current directory |
