.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:45:14.248140959Z | 26 | PC: 12a73 | Set disk transfer address |
| 2018-12-17T22:45:14.249688881Z | 37 | PC: 12a81 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T22:45:14.250926925Z | 37 | PC: 12a85 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input') |
| 2018-12-17T22:45:14.252771596Z | 78 | PC: 12ad1 | Find first file |
| 2018-12-17T22:45:14.261346481Z | 61 | PC: 12c1e | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:45:14.268044528Z | 63 | PC: 12c2d | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:45:14.273890798Z | 66 | PC: 12c3c | Move file pointer |
| 2018-12-17T22:45:14.275843449Z | 66 | PC: 12c4b | Move file pointer |
| 2018-12-17T22:45:14.276963614Z | 64 | PC: 12c57 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:45:14.2785699Z | 66 | PC: 12c63 | Move file pointer |
| 2018-12-17T22:45:14.280064282Z | 44 | PC: 12c67 | Get time 0x12c67: mov byte ptr [bp + 0x24a], dl
0x12c6b: call 0x12c81
0x12c6e: mov ah, 0x40
0x12c70: mov cx, 0x24a
0x12c73: lea dx, word ptr [bp + 6]
0x12c77: int 0x21
0x12c79: call 0x12c81
0x12c7c: mov ah, 0x3e
0x12c7e: int 0x21
0x12c80: ret
0x12c81: lea si, word ptr [bp + 0x20]
0x12c85: mov cx, 0x20b
0x12c88: xor byte ptr [si], 0
0x12c8b: inc si
0x12c8c: dec cx
0x12c8d: jne 0x12c88
0x12c8f: ret
0x12c90: add word ptr [bx], di
0x12c92: aas
0x12c93: aas
|
| 2018-12-17T22:45:14.281817608Z | 64 | PC: 12c79 | Write file or device (Write 586 bytes on handle 5) |
| 2018-12-17T22:45:14.293023289Z | 62 | PC: 12c80 | Close file |
| 2018-12-17T22:45:14.298569098Z | 79 | PC: 12ad1 | Find next file |
| 2018-12-17T22:45:14.301896007Z | 61 | PC: 12c1e | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:45:14.308876777Z | 63 | PC: 12c2d | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:45:14.315701404Z | 66 | PC: 12c3c | Move file pointer |
| 2018-12-17T22:45:14.318177235Z | 66 | PC: 12c4b | Move file pointer |
| 2018-12-17T22:45:14.319900437Z | 64 | PC: 12c57 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:45:14.322971927Z | 66 | PC: 12c63 | Move file pointer |
| 2018-12-17T22:45:14.325319598Z | 44 | PC: 12c67 | Get time 0x12c67: mov byte ptr [bp + 0x24a], dl
0x12c6b: call 0x12c81
0x12c6e: mov ah, 0x40
0x12c70: mov cx, 0x24a
0x12c73: lea dx, word ptr [bp + 6]
0x12c77: int 0x21
0x12c79: call 0x12c81
0x12c7c: mov ah, 0x3e
0x12c7e: int 0x21
0x12c80: ret
0x12c81: lea si, word ptr [bp + 0x20]
0x12c85: mov cx, 0x20b
0x12c88: xor byte ptr [si], 0x42
0x12c8b: inc si
0x12c8c: dec cx
0x12c8d: jne 0x12c88
0x12c8f: ret
0x12c90: add word ptr [bx], di
0x12c92: aas
0x12c93: aas
|
| 2018-12-17T22:45:14.327888727Z | 64 | PC: 12c79 | Write file or device (Write 586 bytes on handle 5) |
| 2018-12-17T22:45:14.336314346Z | 62 | PC: 12c80 | Close file |
| 2018-12-17T22:45:14.345894441Z | 79 | PC: 12ad1 | Find next file |
| 2018-12-17T22:45:14.348850883Z | 61 | PC: 12c1e | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:45:14.355592937Z | 63 | PC: 12c2d | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:45:14.363646705Z | 66 | PC: 12c3c | Move file pointer |
| 2018-12-17T22:45:14.365275521Z | 66 | PC: 12c4b | Move file pointer |
| 2018-12-17T22:45:14.366732465Z | 64 | PC: 12c57 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:45:14.377419605Z | 66 | PC: 12c63 | Move file pointer |
| 2018-12-17T22:45:14.378914289Z | 44 | PC: 12c67 | Get time 0x12c67: mov byte ptr [bp + 0x24a], dl
0x12c6b: call 0x12c81
0x12c6e: mov ah, 0x40
0x12c70: mov cx, 0x24a
0x12c73: lea dx, word ptr [bp + 6]
0x12c77: int 0x21
0x12c79: call 0x12c81
0x12c7c: mov ah, 0x3e
0x12c7e: int 0x21
0x12c80: ret
0x12c81: lea si, word ptr [bp + 0x20]
0x12c85: mov cx, 0x20b
0x12c88: xor byte ptr [si], 0x48
0x12c8b: inc si
0x12c8c: dec cx
0x12c8d: jne 0x12c88
0x12c8f: ret
0x12c90: add word ptr [bx], di
0x12c92: aas
0x12c93: aas
|
| 2018-12-17T22:45:14.38876916Z | 64 | PC: 12c79 | Write file or device (Write 586 bytes on handle 5) |
| 2018-12-17T22:45:14.410129684Z | 62 | PC: 12c80 | Close file |
| 2018-12-17T22:45:14.415809984Z | 79 | PC: 12ad1 | Find next file |
| 2018-12-17T22:45:14.427923107Z | 61 | PC: 12c1e | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:45:14.435311735Z | 63 | PC: 12c2d | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:45:14.441967134Z | 66 | PC: 12c3c | Move file pointer |
| 2018-12-17T22:45:14.443863142Z | 66 | PC: 12c4b | Move file pointer |
| 2018-12-17T22:45:14.445833358Z | 64 | PC: 12c57 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:45:14.449673199Z | 66 | PC: 12c63 | Move file pointer |
| 2018-12-17T22:45:14.451401616Z | 44 | PC: 12c67 | Get time 0x12c67: mov byte ptr [bp + 0x24a], dl
0x12c6b: call 0x12c81
0x12c6e: mov ah, 0x40
0x12c70: mov cx, 0x24a
0x12c73: lea dx, word ptr [bp + 6]
0x12c77: int 0x21
0x12c79: call 0x12c81
0x12c7c: mov ah, 0x3e
0x12c7e: int 0x21
0x12c80: ret
0x12c81: lea si, word ptr [bp + 0x20]
0x12c85: mov cx, 0x20b
0x12c88: xor byte ptr [si], 0x4d
0x12c8b: inc si
0x12c8c: dec cx
0x12c8d: jne 0x12c88
0x12c8f: ret
0x12c90: add word ptr [bx], di
0x12c92: aas
0x12c93: aas
|
| 2018-12-17T22:45:14.454639363Z | 64 | PC: 12c79 | Write file or device (Write 586 bytes on handle 5) |
| 2018-12-17T22:45:14.468813184Z | 62 | PC: 12c80 | Close file |
| 2018-12-17T22:45:14.487347506Z | 79 | PC: 12ad1 | Find next file |
| 2018-12-17T22:45:14.489993349Z | 61 | PC: 12c1e | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:45:14.497190455Z | 63 | PC: 12c2d | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:45:14.503508751Z | 66 | PC: 12c3c | Move file pointer |
| 2018-12-17T22:45:14.512001723Z | 66 | PC: 12c4b | Move file pointer |
| 2018-12-17T22:45:14.514287697Z | 64 | PC: 12c57 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:45:14.518020809Z | 66 | PC: 12c63 | Move file pointer |
| 2018-12-17T22:45:14.519762978Z | 44 | PC: 12c67 | Get time 0x12c67: mov byte ptr [bp + 0x24a], dl
0x12c6b: call 0x12c81
0x12c6e: mov ah, 0x40
0x12c70: mov cx, 0x24a
0x12c73: lea dx, word ptr [bp + 6]
0x12c77: int 0x21
0x12c79: call 0x12c81
0x12c7c: mov ah, 0x3e
0x12c7e: int 0x21
0x12c80: ret
0x12c81: lea si, word ptr [bp + 0x20]
0x12c85: mov cx, 0x20b
0x12c88: xor byte ptr [si], 0x4d
0x12c8b: inc si
0x12c8c: dec cx
0x12c8d: jne 0x12c88
0x12c8f: ret
0x12c90: add word ptr [bx], di
0x12c92: aas
0x12c93: aas
|
| 2018-12-17T22:45:14.523614795Z | 64 | PC: 12c79 | Write file or device (Write 586 bytes on handle 5) |
| 2018-12-17T22:45:14.739432148Z | 62 | PC: 12c80 | Close file |
| 2018-12-17T22:45:15.020415341Z | 26 | PC: 12aeb | Set disk transfer address |
| 2018-12-17T22:45:15.022719758Z | 9 | PC: 12b03 | Display string (String= '��������t�Ɔ��*�!r��:��O��;�����!sٴ�����!������Wð%�p�q��<�u�� �!�������&������������!�'��????????OV?��������������������������� �������!���????????OV?�') |
| 2018-12-17T22:45:15.030125692Z | 19 | PC: 12b18 | Delete file |
| 2018-12-17T22:45:15.035904484Z | 9 | PC: 12b4b | Display string (String= '????????OV?�') |
