.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:44:56.374512006Z | 111 | PC: 12d42 | UNKNOWN! |
| 2018-12-17T22:44:56.376003487Z | 61 | PC: 1302d | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-17T22:44:56.386113816Z | 42 | PC: 1302d | Get date 0x1302d: ret 0x1302e: mov al, 0 0x13030: call 0x2301d 0x13033: mov dx, 0x100 0x13036: cmp byte ptr [0x4e6], 1 0x1303b: je 0x13040 0x1303d: mov dx, 0x690 0x13040: mov cx, 0x1c 0x13043: call 0x23017 0x13046: ret 0x13047: mov cx, word ptr [0x326] 0x1304b: mov dx, 0x100 0x1304e: cmp byte ptr [0x4e6], 1 0x13053: jne 0x13058 0x13055: mov dx, 0x12c 0x13058: sub dx, word ptr [0x708] 0x1305c: sub cx, dx 0x1305e: call 0x23017 0x13061: ret 0x13062: mov cx, ax |
| 2018-12-17T22:44:56.388891353Z | 87 | PC: 1302d | Get or set file date and time |
| 2018-12-17T22:44:56.390573111Z | 62 | PC: 1302d | Close file |
| 2018-12-17T22:44:56.394394819Z | 111 | PC: 12d42 | UNKNOWN! |
| 2018-12-17T22:44:56.39565191Z | 61 | PC: 1302d | Open file (Filename = 'C:\COMMAND.COM') |
| 2018-12-17T22:44:56.404818236Z | 42 | PC: 1302d | Get date 0x1302d: ret 0x1302e: mov al, 0 0x13030: call 0x2301d 0x13033: mov dx, 0x100 0x13036: cmp byte ptr [0x4e6], 1 0x1303b: je 0x13040 0x1303d: mov dx, 0x690 0x13040: mov cx, 0x1c 0x13043: call 0x23017 0x13046: ret 0x13047: mov cx, word ptr [0x326] 0x1304b: mov dx, 0x100 0x1304e: cmp byte ptr [0x4e6], 1 0x13053: jne 0x13058 0x13055: mov dx, 0x12c 0x13058: sub dx, word ptr [0x708] 0x1305c: sub cx, dx 0x1305e: call 0x23017 0x13061: ret 0x13062: mov cx, ax |
| 2018-12-17T22:44:56.408818608Z | 87 | PC: 1302d | Get or set file date and time |
| 2018-12-17T22:44:56.411886651Z | 62 | PC: 1302d | Close file |
| 2018-12-17T22:44:56.41475596Z | 74 | PC: 1302d | Reallocate memory |
| 2018-12-17T22:44:56.418500613Z | 72 | PC: 1302d | Allocate memory |