.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:44:15.141308665Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:44:15.143328458Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:44:15.144824961Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:44:15.146300594Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:44:15.148357684Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:44:15.149585144Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:44:15.151161573Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:44:15.15360102Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:44:15.154977853Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:44:15.156377605Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:44:15.158702745Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:44:15.159975427Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:44:15.161087953Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:44:15.162627518Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:44:15.164074329Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:44:15.165382062Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:44:15.166969627Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:44:15.168327174Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:44:15.169503195Z | 53 | PC: 1403a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:44:15.170870642Z | 37 | PC: 1404f | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:44:15.172515431Z | 37 | PC: 14057 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:44:15.174273584Z | 37 | PC: 1405f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:44:15.175964105Z | 37 | PC: 14067 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:44:15.178063147Z | 68 | PC: 14cb1 | I/O control for devices (Set for = 'A') |
| 2018-12-17T22:44:15.242813341Z | 37 | PC: 13a61 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:44:15.244785716Z | 48 | PC: 148c2 | Get DOS version |
| 2018-12-17T22:44:15.246635517Z | 65 | PC: 14849 | Delete file (Filename = 'frv_1.tmp') |
| 2018-12-17T22:44:15.2530517Z | 65 | PC: 14849 | Delete file (Filename = 'frv1exe.exe') |
| 2018-12-17T22:44:15.260302914Z | 60 | PC: 14700 | Create or truncate file |
| 2018-12-17T22:44:15.278890053Z | 65 | PC: 14849 | Delete file (Filename = '�') |
| 2018-12-17T22:44:15.305609971Z | 26 | PC: 137c7 | Set disk transfer address |
| 2018-12-17T22:44:15.307803324Z | 78 | PC: 137d3 | Find first file |
| 2018-12-17T22:44:15.314092183Z | 61 | PC: 14700 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:44:15.320811739Z | 66 | PC: 151b3 | Move file pointer |
| 2018-12-17T22:44:15.323099167Z | 66 | PC: 151c1 | Move file pointer |
| 2018-12-17T22:44:15.324477676Z | 66 | PC: 151cf | Move file pointer |
| 2018-12-17T22:44:15.325819603Z | 66 | PC: 14832 | Move file pointer |
| 2018-12-17T22:44:15.328145729Z | 63 | PC: 147d3 | Read file or device (Read 4 bytes on handle 6) |
| 2018-12-17T22:44:15.336503631Z | 62 | PC: 14750 | Close file |
| 2018-12-17T22:44:15.337874671Z | 26 | PC: 137eb | Set disk transfer address |
| 2018-12-17T22:44:15.339245403Z | 79 | PC: 137f0 | Find next file |
| 2018-12-17T22:44:15.342897826Z | 61 | PC: 14700 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:44:15.347486879Z | 66 | PC: 151b3 | Move file pointer |
| 2018-12-17T22:44:15.349233377Z | 66 | PC: 151c1 | Move file pointer |
| 2018-12-17T22:44:15.351457979Z | 66 | PC: 151cf | Move file pointer |
| 2018-12-17T22:44:15.353519073Z | 62 | PC: 14750 | Close file |
| 2018-12-17T22:44:15.356537558Z | 61 | PC: 14700 | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:44:15.363124989Z | 60 | PC: 14700 | Create or truncate file |
| 2018-12-17T22:44:15.3756409Z | 63 | PC: 147d3 | Read file or device (Read 11648 bytes on handle 6) |
| 2018-12-17T22:44:15.384108899Z | 63 | PC: 147d3 | Read file or device (Read 2048 bytes on handle 6) |
| 2018-12-17T22:44:15.391257317Z | 64 | PC: 147d3 | Write file or device (Write 2048 bytes on handle 7) |
| 2018-12-17T22:44:15.398990119Z | 63 | PC: 147d3 | Read file or device (Read 2048 bytes on handle 6) |
| 2018-12-17T22:44:15.408017494Z | 64 | PC: 147d3 | Write file or device (Write 2048 bytes on handle 7) |
| 2018-12-17T22:44:15.414584496Z | 63 | PC: 147d3 | Read file or device (Read 2048 bytes on handle 6) |
| 2018-12-17T22:44:15.418961105Z | 64 | PC: 147d3 | Write file or device (Write 1028 bytes on handle 7) |
| 2018-12-17T22:44:15.425635099Z | 63 | PC: 147d3 | Read file or device (Read 2048 bytes on handle 6) |
| 2018-12-17T22:44:15.427012494Z | 62 | PC: 14750 | Close file |
| 2018-12-17T22:44:15.428405105Z | 62 | PC: 14750 | Close file |
| 2018-12-17T22:44:15.434379548Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:44:15.43530741Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:44:15.436144256Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:44:15.438844197Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:44:15.439750457Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:44:15.44191175Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:44:15.443252962Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:44:15.444945033Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:44:15.445792251Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:44:15.447142937Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:44:15.447932808Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:44:15.448699075Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:44:15.449962708Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:44:15.45081836Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:44:15.451901204Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:44:15.453624818Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:44:15.454654647Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:44:15.456468915Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:44:15.457953653Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:44:15.458939588Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:44:15.460060655Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:44:15.461681666Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:44:15.462697268Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:44:15.463734415Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:44:15.465129731Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:44:15.466199419Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:44:15.467196531Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:44:15.469322906Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:44:15.470406125Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:44:15.471551897Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:44:15.473246838Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:44:15.474300081Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:44:15.475264Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:44:15.476700577Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:44:15.477778502Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:44:15.478889025Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:44:15.480916493Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:44:15.48254532Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:44:15.483712598Z | 41 | PC: 13948 | Parse filename |
| 2018-12-17T22:44:15.48527148Z | 41 | PC: 13956 | Parse filename |
| 2018-12-17T22:44:15.486794963Z | 75 | PC: 13961 | Execute program |
| 2018-12-17T22:44:15.502047579Z | 9 | PC: 19c0c | Display string (Could not find end pointer) |
| 2018-12-17T22:44:15.507597089Z | 76 | PC: 19c11 | Terminate with return code (Return code = '0') |
| 2018-12-17T22:44:15.510373878Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:44:15.511378852Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:44:15.512854951Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:44:15.513869386Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:44:15.51480865Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:44:15.516157209Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:44:15.517205399Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:44:15.518379608Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:44:15.519620583Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:44:15.52082706Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:44:15.521799872Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:44:15.523297694Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:44:15.524363729Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:44:15.525417128Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:44:15.526831266Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:44:15.528001217Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:44:15.528953377Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:44:15.530466818Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:44:15.531567685Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:44:15.532584739Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:44:15.533938966Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:44:15.534924001Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:44:15.53593598Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:44:15.538145762Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:44:15.539110071Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:44:15.539975807Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:44:15.541369379Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:44:15.542270018Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:44:15.543494544Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:44:15.544780978Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:44:15.545826748Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:44:15.547306135Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:44:15.550608903Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:44:15.551385499Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:44:15.552123987Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:44:15.553890855Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:44:15.554908154Z | 53 | PC: 13991 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:44:15.555960083Z | 37 | PC: 1399a | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:44:15.557829124Z | 65 | PC: 14849 | Delete file (Filename = 'frv1exe.exe') |
| 2018-12-17T22:44:15.56559188Z | 42 | PC: 13737 | Get date 0x13737: xor ah, ah 0x13739: les di, ptr [bp + 6] 0x1373c: stosw word ptr es:[di], ax 0x1373d: mov al, dl 0x1373f: les di, ptr [bp + 0xa] 0x13742: stosw word ptr es:[di], ax 0x13743: mov al, dh 0x13745: les di, ptr [bp + 0xe] 0x13748: stosw word ptr es:[di], ax 0x13749: xchg ax, cx 0x1374a: les di, ptr [bp + 0x12] 0x1374d: stosw word ptr es:[di], ax 0x1374e: pop bp 0x1374f: retf 0x10 0x13752: push bp 0x13753: mov bp, sp 0x13755: mov cx, word ptr [bp + 0xa] 0x13758: mov dh, byte ptr [bp + 8] 0x1375b: mov dl, byte ptr [bp + 6] 0x1375e: mov ah, 0x2b |
| 2018-12-17T22:44:15.56731748Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:44:15.5688653Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:44:15.569744872Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:44:15.570722399Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:44:15.572405678Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:44:15.57380912Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:44:15.574687272Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:44:15.5759861Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:44:15.576777217Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:44:15.577570906Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:44:15.578985846Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:44:15.579816345Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:44:15.580535022Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:44:15.581695663Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:44:15.582476569Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:44:15.583210541Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:44:15.584469452Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:44:15.585471166Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:44:15.586340025Z | 37 | PC: 14191 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:44:15.587257979Z | 76 | PC: 141d0 | Terminate with return code (Return code = '0') |