.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:43:55.827582881Z | 26 | PC: 12a73 | Set disk transfer address |
| 2018-12-17T22:43:55.829864835Z | 71 | PC: 12a7d | Get current directory |
| 2018-12-17T22:43:55.832639558Z | 78 | PC: 12a98 | Find first file |
| 2018-12-17T22:43:55.838520164Z | 67 | PC: 12ab5 | Get or set file attributes |
| 2018-12-17T22:43:55.859423702Z | 61 | PC: 12aba | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:43:55.876902973Z | 63 | PC: 12ac6 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:43:55.883430563Z | 66 | PC: 12b02 | Move file pointer |
| 2018-12-17T22:43:55.88499633Z | 64 | PC: 12b1e | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:43:55.888651595Z | 66 | PC: 12b27 | Move file pointer |
| 2018-12-17T22:43:55.890452038Z | 44 | PC: 12b2b | Get time 0x12b2b: mov word ptr [bp + 0x276], dx 0x12b2f: mov ax, cs 0x12b31: add ax, 0x100 0x12b34: mov es, ax 0x12b36: mov cx, 0xbe 0x12b39: lea si, word ptr [bp + 0x103] 0x12b3d: xor di, di 0x12b3f: rep movsd dword ptr es:[di], dword ptr [si] 0x12b41: inc word ptr es:[0xb4] 0x12b46: push bx 0x12b47: mov bx, 0xf 0x12b4a: push es 0x12b4b: pop ds 0x12b4c: call 0x12bb1 0x12b4f: pop bx 0x12b50: xor dx, dx 0x12b52: mov cx, 0x17b 0x12b55: mov ah, 0x40 0x12b57: int 0x21 0x12b59: mov ax, 0x5701 |
| 2018-12-17T22:43:55.893037696Z | 64 | PC: 12b59 | Write file or device (Write 379 bytes on handle 5) |
| 2018-12-17T22:43:55.902075421Z | 87 | PC: 12b66 | Get or set file date and time |
| 2018-12-17T22:43:55.903550501Z | 62 | PC: 12b6a | Close file |
| 2018-12-17T22:43:55.910949448Z | 67 | PC: 12b7d | Get or set file attributes |
| 2018-12-17T22:43:55.921158161Z | 59 | PC: 12a8d | Change current directory |
| 2018-12-17T22:43:55.925325023Z | 26 | PC: 12b87 | Set disk transfer address |
| 2018-12-17T22:43:55.926482741Z | 59 | PC: 12b8f | Change current directory |