.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:44:06.964817468Z | 53 | PC: 12c91 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:44:06.966451697Z | 37 | PC: 12ca2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:44:06.967610342Z | 26 | PC: 12ca9 | Set disk transfer address |
| 2018-12-17T22:44:06.968699038Z | 71 | PC: 12cc4 | Get current directory |
| 2018-12-17T22:44:06.971181434Z | 59 | PC: 12ccb | Change current directory |
| 2018-12-17T22:44:06.974206019Z | 78 | PC: 12d79 | Find first file |
| 2018-12-17T22:44:06.978263536Z | 67 | PC: 12c38 | Get or set file attributes |
| 2018-12-17T22:44:07.155079426Z | 61 | PC: 12dbe | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:44:07.170096201Z | 63 | PC: 12dcd | Read file or device (Read 24 bytes on handle 5) |
| 2018-12-17T22:44:07.177971597Z | 66 | PC: 12e95 | Move file pointer |
| 2018-12-17T22:44:07.180098669Z | 64 | PC: 12eae | Write file or device (Write 24 bytes on handle 5) |
| 2018-12-17T22:44:07.184708666Z | 66 | PC: 12eb7 | Move file pointer |
| 2018-12-17T22:44:07.186482993Z | 64 | PC: 12ec8 | Write file or device (Write 896 bytes on handle 5) |
| 2018-12-17T22:44:07.197394798Z | 87 | PC: 12ed5 | Get or set file date and time |
| 2018-12-17T22:44:07.202574435Z | 62 | PC: 12ed9 | Close file |
| 2018-12-17T22:44:07.212138668Z | 67 | PC: 12c38 | Get or set file attributes |
| 2018-12-17T22:44:07.223409472Z | 59 | PC: 12eeb | Change current directory |
| 2018-12-17T22:44:07.229531446Z | 42 | PC: 12eef | Get date 0x12eef: cmp dx, word ptr [0x448] 0x12ef3: je 0x12efb 0x12ef5: cmp dx, word ptr [0x44a] 0x12ef9: jne 0x12f37 0x12efb: mov ah, 0x2c 0x12efd: int 0xfe 0x12eff: cmp ch, 0xa 0x12f02: jb 0x12f37 0x12f04: mov cx, 0xc8 0x12f07: sub dx, dx 0x12f09: mov al, 0x19 0x12f0b: cmp al, 1 0x12f0d: jne 0x12f11 0x12f0f: sub al, al 0x12f11: cmp al, 0xff 0x12f13: jne 0x12f17 0x12f15: mov al, 1 0x12f17: push ax 0x12f18: push cx 0x12f19: int 0xff |
| 2018-12-17T22:44:07.232505202Z | 60 | PC: 12f53 | Create or truncate file |
| 2018-12-17T22:44:07.24007218Z | 37 | PC: 12f64 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:44:07.241827068Z | 76 | PC: 12aa4 | Terminate with return code (Return code = '0') |