.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:45:22.725962389Z | 48 | PC: 12cae | Get DOS version |
| 2018-12-17T22:45:22.728337981Z | 74 | PC: 12d0d | Reallocate memory |
| 2018-12-17T22:45:22.730773996Z | 48 | PC: 12d72 | Get DOS version |
| 2018-12-17T22:45:22.73251202Z | 53 | PC: 12d7a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:45:22.735544427Z | 68 | PC: 12e1a | I/O control for devices (Set for = '') |
| 2018-12-17T22:45:22.737452357Z | 68 | PC: 12e1a | I/O control for devices |
| 2018-12-17T22:45:22.739203071Z | 68 | PC: 12e1a | I/O control for devices |
| 2018-12-17T22:45:22.741215816Z | 68 | PC: 12e1a | I/O control for devices |
| 2018-12-17T22:45:22.744394511Z | 68 | PC: 12e1a | I/O control for devices |
| 2018-12-17T22:45:22.747545038Z | 53 | PC: 17a2e | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:45:22.750005529Z | 37 | PC: 17a44 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:45:22.752413477Z | 53 | PC: 157ea | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:45:22.754727102Z | 53 | PC: 157f7 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T22:45:22.757286474Z | 53 | PC: 15804 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:45:22.759076717Z | 37 | PC: 15816 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:45:22.760884217Z | 37 | PC: 1581e | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T22:45:22.774396683Z | 37 | PC: 15a92 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:45:22.779418611Z | 74 | PC: 16b73 | Reallocate memory |
| 2018-12-17T22:45:22.781379064Z | 74 | PC: 16b73 | Reallocate memory |
| 2018-12-17T22:45:22.788663552Z | 68 | PC: 14dc2 | I/O control for devices |
| 2018-12-17T22:45:22.790512468Z | 68 | PC: 14dc2 | I/O control for devices |
| 2018-12-17T22:45:22.792456864Z | 51 | PC: 14ddf | Get or set Ctrl-Break |
| 2018-12-17T22:45:22.794019905Z | 51 | PC: 14deb | Get or set Ctrl-Break |
| 2018-12-17T22:45:22.80275181Z | 54 | PC: 15662 | Get free disk space |
| 2018-12-17T22:45:22.869761722Z | 61 | PC: 1523a | Open file (Filename = 'C:\WINDOWS\HRO.BAT') |
| 2018-12-17T22:45:22.89848877Z | 60 | PC: 150d7 | Create or truncate file |
| 2018-12-17T22:45:23.251142544Z | 62 | PC: 1503e | Close file |
| 2018-12-17T22:45:23.253644239Z | 61 | PC: 1523a | Open file (Filename = 'C:\WINDOWS\HRO.BAT') |
| 2018-12-17T22:45:23.264149611Z | 68 | PC: 15188 | I/O control for devices (Set for = '') |
| 2018-12-17T22:45:23.282334422Z | 64 | PC: 1558b | Write file or device (Write 0 bytes on handle 5) |
| 2018-12-17T22:45:23.294599777Z | 64 | PC: 1558b | Write file or device (Write 512 bytes on handle 5) |
| 2018-12-17T22:45:23.347439779Z | 64 | PC: 1558b | Write file or device (Write 6 bytes on handle 5) |
| 2018-12-17T22:45:23.356541257Z | 66 | PC: 14f71 | Move file pointer |
| 2018-12-17T22:45:23.358664628Z | 62 | PC: 1503e | Close file |
| 2018-12-17T22:45:23.368992046Z | 54 | PC: 15662 | Get free disk space |
| 2018-12-17T22:45:23.374001284Z | 61 | PC: 1523a | Open file (Filename = 'C:\WINDOWS\GUI.REG') |
| 2018-12-17T22:45:23.382074025Z | 60 | PC: 150d7 | Create or truncate file |
| 2018-12-17T22:45:23.394814699Z | 62 | PC: 1503e | Close file |
| 2018-12-17T22:45:23.397798756Z | 61 | PC: 1523a | Open file (Filename = 'C:\WINDOWS\GUI.REG') |
| 2018-12-17T22:45:23.408246404Z | 68 | PC: 15188 | I/O control for devices (Set for = '') |
| 2018-12-17T22:45:23.41236992Z | 64 | PC: 1558b | Write file or device (Write 0 bytes on handle 5) |
| 2018-12-17T22:45:23.41583587Z | 64 | PC: 1558b | Write file or device (Write 114 bytes on handle 5) |
| 2018-12-17T22:45:23.420640507Z | 66 | PC: 14f71 | Move file pointer |
| 2018-12-17T22:45:23.422514653Z | 62 | PC: 1503e | Close file |
| 2018-12-17T22:45:23.433333312Z | 54 | PC: 15662 | Get free disk space |
| 2018-12-17T22:45:23.437978704Z | 61 | PC: 1523a | Open file (Filename = 'C:\WINDOWS\ACT_GUI.BAT') |
| 2018-12-17T22:45:23.445969839Z | 60 | PC: 150d7 | Create or truncate file |
| 2018-12-17T22:45:23.458695166Z | 62 | PC: 1503e | Close file |
| 2018-12-17T22:45:23.46200386Z | 61 | PC: 1523a | Open file (Filename = 'C:\WINDOWS\ACT_GUI.BAT') |
| 2018-12-17T22:45:23.472062998Z | 68 | PC: 15188 | I/O control for devices (Set for = '') |
| 2018-12-17T22:45:23.475403911Z | 64 | PC: 1558b | Write file or device (Write 0 bytes on handle 5) |
| 2018-12-17T22:45:23.479003249Z | 64 | PC: 1558b | Write file or device (Write 41 bytes on handle 5) |
| 2018-12-17T22:45:23.486998738Z | 66 | PC: 14f71 | Move file pointer |
| 2018-12-17T22:45:23.48890798Z | 62 | PC: 1503e | Close file |
| 2018-12-17T22:45:23.50040943Z | 74 | PC: 16b73 | Reallocate memory |
| 2018-12-17T22:45:23.502690556Z | 51 | PC: 14df6 | Get or set Ctrl-Break |
| 2018-12-17T22:45:23.504020329Z | 37 | PC: 1585c | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:45:23.50612715Z | 37 | PC: 15866 | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T22:45:23.508157278Z | 37 | PC: 15870 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:45:23.509870239Z | 37 | PC: 12ee0 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:45:23.515400548Z | 41 | PC: 17a79 | Parse filename |
| 2018-12-17T22:45:23.518120188Z | 41 | PC: 17a7b | Parse filename |
| 2018-12-17T22:45:23.519733973Z | 41 | PC: 17a80 | Parse filename |
| 2018-12-17T22:45:23.521298648Z | 75 | PC: 17a96 | Execute program |
| 2018-12-17T22:45:23.546610977Z | 80 | PC: 1b059 | Set current PSP |
| 2018-12-17T22:45:23.547806686Z | 48 | PC: 1b05e | Get DOS version |
| 2018-12-17T22:45:23.549770962Z | 99 | PC: 21840 | Get DBCS lead byte table pointer |
| 2018-12-17T22:45:23.553287979Z | 101 | PC: 1b0e4 | Get extended country info |
| 2018-12-17T22:45:23.555029845Z | 99 | PC: 1b0ea | Get DBCS lead byte table pointer |
| 2018-12-17T22:45:23.556708786Z | 74 | PC: 1b14c | Reallocate memory |
| 2018-12-17T22:45:23.559281142Z | 25 | PC: 1b183 | Get default drive |
| 2018-12-17T22:45:23.560684003Z | 37 | PC: 1ac43 | Set interrupt vector (Interrupt = '34' AKA 'Random write') |
| 2018-12-17T22:45:23.562571707Z | 37 | PC: 1ac4a | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:45:23.564650475Z | 37 | PC: 1ac51 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:45:23.570591098Z | 74 | PC: 19dec | Reallocate memory |
| 2018-12-17T22:45:23.572508556Z | 72 | PC: 19e2d | Allocate memory |
| 2018-12-17T22:45:23.575074257Z | 72 | PC: 19e65 | Allocate memory |
| 2018-12-17T22:45:23.577672167Z | 72 | PC: 19e6d | Allocate memory |