.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:45:14.037959975Z | 48 | PC: 12a4b | Get DOS version |
| 2018-12-17T22:45:14.040689632Z | 53 | PC: 12bca | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:45:14.042471248Z | 53 | PC: 12bd7 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T22:45:14.044235241Z | 53 | PC: 12be4 | Get interrupt vector (Interrupt = '5' AKA 'Printer output') |
| 2018-12-17T22:45:14.047521753Z | 53 | PC: 12bf1 | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O') |
| 2018-12-17T22:45:14.051903523Z | 37 | PC: 12c05 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:45:14.053712821Z | 74 | PC: 12af6 | Reallocate memory |
| 2018-12-17T22:45:14.0640418Z | 68 | PC: 142a4 | I/O control for devices (Set for = 'W�W����') |
| 2018-12-17T22:45:14.066677541Z | 68 | PC: 142a4 | I/O control for devices (Set for = '� ��') |
| 2018-12-17T22:45:14.070241765Z | 42 | PC: 1409e | Get date 0x1409e: mov word ptr [si], cx
0x140a0: mov word ptr [si + 2], dx
0x140a3: pop si
0x140a4: pop bp
0x140a5: ret
0x140a6: push bp
0x140a7: mov bp, sp
0x140a9: push si
0x140aa: mov si, word ptr [bp + 4]
0x140ad: mov ah, 0x2c
0x140af: int 0x21
0x140b1: mov word ptr [si], cx
0x140b3: mov word ptr [si + 2], dx
0x140b6: pop si
0x140b7: pop bp
0x140b8: ret
0x140b9: push bp
0x140ba: mov bp, sp
0x140bc: sub sp, 2
0x140bf: lea ax, word ptr [bp - 2]
|
| 2018-12-17T22:45:14.073069225Z | 44 | PC: 140b1 | Get time 0x140b1: mov word ptr [si], cx
0x140b3: mov word ptr [si + 2], dx
0x140b6: pop si
0x140b7: pop bp
0x140b8: ret
0x140b9: push bp
0x140ba: mov bp, sp
0x140bc: sub sp, 2
0x140bf: lea ax, word ptr [bp - 2]
0x140c2: push ax
0x140c3: call 0x23fe0
0x140c6: pop cx
0x140c7: mov ax, word ptr [bp - 2]
0x140ca: dec ax
0x140cb: mov sp, bp
0x140cd: pop bp
0x140ce: ret
0x140cf: push bp
0x140d0: mov bp, sp
0x140d2: sub sp, 2
|
| 2018-12-17T22:45:14.082348763Z | 53 | PC: 14169 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:45:14.08386422Z | 37 | PC: 1417c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:45:14.085709365Z | 67 | PC: 15357 | Get or set file attributes |
| 2018-12-17T22:45:14.093216174Z | 67 | PC: 15357 | Get or set file attributes |
| 2018-12-17T22:45:14.101966338Z | 47 | PC: 1558b | Get disk transfer address |
| 2018-12-17T22:45:14.103821412Z | 26 | PC: 15594 | Set disk transfer address |
| 2018-12-17T22:45:14.10609377Z | 78 | PC: 1559e | Find first file |
| 2018-12-17T22:45:14.11281845Z | 26 | PC: 155a7 | Set disk transfer address |
| 2018-12-17T22:45:14.114806253Z | 67 | PC: 15357 | Get or set file attributes |
| 2018-12-17T22:45:14.127827679Z | 67 | PC: 15357 | Get or set file attributes |
| 2018-12-17T22:45:14.138210901Z | 61 | PC: 15e3a | Open file (Filename = 'c:\dos386.sys') |
| 2018-12-17T22:45:14.14506292Z | 42 | PC: 1409e | Get date 0x1409e: mov word ptr [si], cx
0x140a0: mov word ptr [si + 2], dx
0x140a3: pop si
0x140a4: pop bp
0x140a5: ret
0x140a6: push bp
0x140a7: mov bp, sp
0x140a9: push si
0x140aa: mov si, word ptr [bp + 4]
0x140ad: mov ah, 0x2c
0x140af: int 0x21
0x140b1: mov word ptr [si], cx
0x140b3: mov word ptr [si + 2], dx
0x140b6: pop si
0x140b7: pop bp
0x140b8: ret
0x140b9: push bp
0x140ba: mov bp, sp
0x140bc: sub sp, 2
0x140bf: lea ax, word ptr [bp - 2]
|
| 2018-12-17T22:45:14.149696472Z | 44 | PC: 140b1 | Get time 0x140b1: mov word ptr [si], cx
0x140b3: mov word ptr [si + 2], dx
0x140b6: pop si
0x140b7: pop bp
0x140b8: ret
0x140b9: push bp
0x140ba: mov bp, sp
0x140bc: sub sp, 2
0x140bf: lea ax, word ptr [bp - 2]
0x140c2: push ax
0x140c3: call 0x23fe0
0x140c6: pop cx
0x140c7: mov ax, word ptr [bp - 2]
0x140ca: dec ax
0x140cb: mov sp, bp
0x140cd: pop bp
0x140ce: ret
0x140cf: push bp
0x140d0: mov bp, sp
0x140d2: sub sp, 2
|
| 2018-12-17T22:45:14.153577813Z | 67 | PC: 15357 | Get or set file attributes |
| 2018-12-17T22:45:14.160857244Z | 25 | PC: 13feb | Get default drive |
| 2018-12-17T22:45:14.166121582Z | 71 | PC: 14498 | Get current directory |
| 2018-12-17T22:45:14.169969318Z | 47 | PC: 13f88 | Get disk transfer address |
| 2018-12-17T22:45:14.171550377Z | 26 | PC: 13f91 | Set disk transfer address |
| 2018-12-17T22:45:14.174044421Z | 78 | PC: 13f9b | Find first file |
| 2018-12-17T22:45:14.181826728Z | 26 | PC: 13fa4 | Set disk transfer address |
| 2018-12-17T22:45:14.184080811Z | 47 | PC: 13f88 | Get disk transfer address |
| 2018-12-17T22:45:14.186374058Z | 26 | PC: 13f91 | Set disk transfer address |
| 2018-12-17T22:45:14.188630617Z | 78 | PC: 13f9b | Find first file |
| 2018-12-17T22:45:14.196383477Z | 26 | PC: 13fa4 | Set disk transfer address |
| 2018-12-17T22:45:14.200169779Z | 25 | PC: 13feb | Get default drive |
| 2018-12-17T22:45:14.202086809Z | 71 | PC: 14498 | Get current directory |
| 2018-12-17T22:45:14.205820151Z | 47 | PC: 13f88 | Get disk transfer address |
| 2018-12-17T22:45:14.207376113Z | 26 | PC: 13f91 | Set disk transfer address |
| 2018-12-17T22:45:14.209794896Z | 78 | PC: 13f9b | Find first file |
| 2018-12-17T22:45:14.216417755Z | 26 | PC: 13fa4 | Set disk transfer address |
| 2018-12-17T22:45:14.21853419Z | 47 | PC: 13f88 | Get disk transfer address |
| 2018-12-17T22:45:14.220992907Z | 26 | PC: 13f91 | Set disk transfer address |
| 2018-12-17T22:45:14.22259142Z | 78 | PC: 13f9b | Find first file |
| 2018-12-17T22:45:14.229611144Z | 26 | PC: 13fa4 | Set disk transfer address |
| 2018-12-17T22:45:14.233729539Z | 47 | PC: 1558b | Get disk transfer address |
| 2018-12-17T22:45:14.235729816Z | 26 | PC: 15594 | Set disk transfer address |
| 2018-12-17T22:45:14.237037362Z | 78 | PC: 1559e | Find first file |
| 2018-12-17T22:45:14.244562605Z | 26 | PC: 155a7 | Set disk transfer address |
| 2018-12-17T22:45:14.248592384Z | 25 | PC: 13feb | Get default drive |
| 2018-12-17T22:45:14.250276146Z | 71 | PC: 14498 | Get current directory |
| 2018-12-17T22:45:14.25424518Z | 47 | PC: 13f88 | Get disk transfer address |
| 2018-12-17T22:45:14.25731705Z | 26 | PC: 13f91 | Set disk transfer address |
| 2018-12-17T22:45:14.258843697Z | 78 | PC: 13f9b | Find first file |
| 2018-12-17T22:45:14.265402024Z | 26 | PC: 13fa4 | Set disk transfer address |
| 2018-12-17T22:45:14.26848768Z | 47 | PC: 13f88 | Get disk transfer address |
| 2018-12-17T22:45:14.270073168Z | 26 | PC: 13f91 | Set disk transfer address |
| 2018-12-17T22:45:14.271590548Z | 78 | PC: 13f9b | Find first file |
| 2018-12-17T22:45:14.279723242Z | 26 | PC: 13fa4 | Set disk transfer address |
| 2018-12-17T22:45:14.283115273Z | 47 | PC: 1558b | Get disk transfer address |
| 2018-12-17T22:45:14.284741417Z | 26 | PC: 15594 | Set disk transfer address |
| 2018-12-17T22:45:14.287127969Z | 78 | PC: 1559e | Find first file |
| 2018-12-17T22:45:14.29395931Z | 26 | PC: 155a7 | Set disk transfer address |
| 2018-12-17T22:45:14.295634997Z | 67 | PC: 15357 | Get or set file attributes |
| 2018-12-17T22:45:14.3044433Z | 25 | PC: 13feb | Get default drive |
| 2018-12-17T22:45:14.305942115Z | 54 | PC: 14128 | Get free disk space |
| 2018-12-17T22:45:14.316087219Z | 67 | PC: 15357 | Get or set file attributes |
| 2018-12-17T22:45:14.323224433Z | 61 | PC: 15e3a | Open file (Filename = 'A:\TEST.COM') |
| 2018-12-17T22:45:14.332992309Z | 68 | PC: 14d16 | I/O control for devices (Set for = '� ��') |
| 2018-12-17T22:45:14.335015729Z | 68 | PC: 142a4 | I/O control for devices |
| 2018-12-17T22:45:14.338094682Z | 63 | PC: 1445a | Read file or device (Read 25088 bytes on handle 5) |
| 2018-12-17T22:45:14.348752248Z | 63 | PC: 1445a | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T22:45:14.356657496Z | 67 | PC: 15357 | Get or set file attributes |
| 2018-12-17T22:45:14.364038549Z | 60 | PC: 15ca7 | Create or truncate file |
| 2018-12-17T22:45:14.709007191Z | 68 | PC: 142a4 | I/O control for devices (Set for = ' &�,') |
| 2018-12-17T22:45:14.711228062Z | 64 | PC: 16c6e | Write file or device (Write 25599 bytes on handle 6) |
| 2018-12-17T22:45:14.730135212Z | 63 | PC: 1445a | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T22:45:14.73891393Z | 63 | PC: 1445a | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T22:45:14.746977715Z | 63 | PC: 1445a | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T22:45:14.754788124Z | 63 | PC: 1445a | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T22:45:14.763776846Z | 63 | PC: 1445a | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T22:45:14.772712308Z | 63 | PC: 1445a | Read file or device (Read 512 bytes on handle 5) |
| 2018-12-17T22:45:14.775743721Z | 64 | PC: 16c6e | Write file or device (Write 2305 bytes on handle 6) |
| 2018-12-17T22:45:14.787166766Z | 63 | PC: 1445a | Read file or device (Read 25088 bytes on handle 5) |
| 2018-12-17T22:45:14.790126454Z | 62 | PC: 15392 | Close file |
| 2018-12-17T22:45:14.792963653Z | 62 | PC: 15392 | Close file |
| 2018-12-17T22:45:14.803250734Z | 67 | PC: 15357 | Get or set file attributes |
| 2018-12-17T22:45:14.811342982Z | 67 | PC: 15357 | Get or set file attributes |
| 2018-12-17T22:45:14.82264012Z | 67 | PC: 15357 | Get or set file attributes |
| 2018-12-17T22:45:14.829831416Z | 61 | PC: 15e3a | Open file (Filename = 'C:\DOS\ATTRIB.EXE') |
| 2018-12-17T22:45:14.838736902Z | 68 | PC: 14d16 | I/O control for devices (Set for = 'C:\DOS\ATTRIB.COM') |
| 2018-12-17T22:45:14.840895436Z | 67 | PC: 15357 | Get or set file attributes |
| 2018-12-17T22:45:14.847378502Z | 61 | PC: 15e3a | Open file (Filename = 'C:\DOS\ATTRIB.COM') |
| 2018-12-17T22:45:14.854579888Z | 68 | PC: 14d16 | I/O control for devices (Set for = 'C:\DOS\ATTRIB.COM') |
| 2018-12-17T22:45:14.855948758Z | 87 | PC: 1414a | Get or set file date and time |
| 2018-12-17T22:45:14.857185972Z | 87 | PC: 14767 | Get or set file date and time |
| 2018-12-17T22:45:14.859051867Z | 62 | PC: 15392 | Close file |
| 2018-12-17T22:45:14.860555872Z | 62 | PC: 15392 | Close file |
| 2018-12-17T22:45:14.865493325Z | 67 | PC: 15357 | Get or set file attributes |
| 2018-12-17T22:45:14.874063491Z | 47 | PC: 1558b | Get disk transfer address |
| 2018-12-17T22:45:14.875344657Z | 26 | PC: 15594 | Set disk transfer address |
| 2018-12-17T22:45:14.876329156Z | 78 | PC: 1559e | Find first file |
| 2018-12-17T22:45:14.883138956Z | 26 | PC: 155a7 | Set disk transfer address |
| 2018-12-17T22:45:14.884606472Z | 60 | PC: 153b5 | Create or truncate file |
| 2018-12-17T22:45:14.897258254Z | 37 | PC: 1417c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:45:14.901842724Z | 47 | PC: 13f88 | Get disk transfer address |
| 2018-12-17T22:45:14.903399909Z | 26 | PC: 13f91 | Set disk transfer address |
| 2018-12-17T22:45:14.904570006Z | 78 | PC: 13f9b | Find first file |
| 2018-12-17T22:45:14.911741455Z | 26 | PC: 13fa4 | Set disk transfer address |
| 2018-12-17T22:45:14.913469992Z | 47 | PC: 13f88 | Get disk transfer address |
| 2018-12-17T22:45:14.914697577Z | 26 | PC: 13f91 | Set disk transfer address |
| 2018-12-17T22:45:14.917338166Z | 78 | PC: 13f9b | Find first file |
| 2018-12-17T22:45:14.925085818Z | 26 | PC: 13fa4 | Set disk transfer address |
| 2018-12-17T22:45:14.927457322Z | 25 | PC: 13feb | Get default drive |
| 2018-12-17T22:45:14.929725281Z | 71 | PC: 14498 | Get current directory |
| 2018-12-17T22:45:14.932995894Z | 47 | PC: 13f88 | Get disk transfer address |
| 2018-12-17T22:45:14.934294884Z | 26 | PC: 13f91 | Set disk transfer address |
| 2018-12-17T22:45:14.935713007Z | 78 | PC: 13f9b | Find first file |
| 2018-12-17T22:45:14.942854871Z | 26 | PC: 13fa4 | Set disk transfer address |
| 2018-12-17T22:45:14.944210818Z | 25 | PC: 13feb | Get default drive |
| 2018-12-17T22:45:14.945425219Z | 71 | PC: 14498 | Get current directory |
| 2018-12-17T22:45:14.949401747Z | 47 | PC: 13f88 | Get disk transfer address |
| 2018-12-17T22:45:14.950819951Z | 26 | PC: 13f91 | Set disk transfer address |
| 2018-12-17T22:45:14.952255567Z | 78 | PC: 13f9b | Find first file |
| 2018-12-17T22:45:14.959086737Z | 26 | PC: 13fa4 | Set disk transfer address |
| 2018-12-17T22:45:14.960723721Z | 25 | PC: 13feb | Get default drive |
| 2018-12-17T22:45:14.962170238Z | 71 | PC: 14498 | Get current directory |
| 2018-12-17T22:45:14.96588724Z | 47 | PC: 13f88 | Get disk transfer address |
| 2018-12-17T22:45:14.967104055Z | 26 | PC: 13f91 | Set disk transfer address |
| 2018-12-17T22:45:14.968271618Z | 78 | PC: 13f9b | Find first file |
| 2018-12-17T22:45:14.974449991Z | 26 | PC: 13fa4 | Set disk transfer address |
| 2018-12-17T22:45:14.976022094Z | 37 | PC: 12c11 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:45:14.977192432Z | 37 | PC: 12c1c | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T22:45:14.979291515Z | 37 | PC: 12c27 | Set interrupt vector (Interrupt = '5' AKA 'Printer output') |
| 2018-12-17T22:45:14.9804816Z | 37 | PC: 12c32 | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O') |
| 2018-12-17T22:45:14.982039005Z | 62 | PC: 15392 | Close file |
| 2018-12-17T22:45:14.984979467Z | 62 | PC: 15392 | Close file |
| 2018-12-17T22:45:14.986978572Z | 62 | PC: 15392 | Close file |
| 2018-12-17T22:45:14.989026278Z | 62 | PC: 15392 | Close file |
| 2018-12-17T22:45:14.992069554Z | 62 | PC: 15392 | Close file |
| 2018-12-17T22:45:14.994130314Z | 76 | PC: 12bbb | Terminate with return code (Return code = '255') |
