.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:46:13.563807071Z | 48 | PC: 12d8b | Get DOS version |
| 2018-12-17T22:46:13.564988232Z | 53 | PC: 12d9f | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:46:13.566294021Z | 37 | PC: 12daf | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:46:13.567512346Z | 78 | PC: 12dc8 | Find first file |
| 2018-12-17T22:46:13.571553825Z | 67 | PC: 12ded | Get or set file attributes |
| 2018-12-17T22:46:13.586748163Z | 61 | PC: 12df4 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:46:13.594180948Z | 63 | PC: 12e00 | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:46:13.598526298Z | 66 | PC: 12e21 | Move file pointer |
| 2018-12-17T22:46:13.600159625Z | 44 | PC: 12e25 | Get time 0x12e25: add dl, byte ptr [0x104] 0x12e29: mov byte ptr [0xfb], dl 0x12e2d: mov ah, 0x40 0x12e2f: mov dx, 0xf8 0x12e32: mov cx, 4 0x12e35: int 0x21 0x12e37: jb 0x12e6c 0x12e39: mov si, 0xac 0x12e3c: mov cx, 4 0x12e3f: lea di, word ptr [bp + 0x173] 0x12e43: rep movsb byte ptr es:[di], byte ptr [si] 0x12e45: mov ax, 0x4202 0x12e48: xor cx, cx 0x12e4a: mov dx, 1 0x12e4d: int 0x21 0x12e4f: call 0x22d5b 0x12e52: mov ax, 0x5701 0x12e55: mov cx, word ptr [0x96] 0x12e59: mov dx, word ptr [0x98] 0x12e5d: and cx, 0xffe0 |
| 2018-12-17T22:46:13.601766931Z | 64 | PC: 12e37 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:46:13.603696444Z | 66 | PC: 12e4f | Move file pointer |
| 2018-12-17T22:46:13.605835494Z | 64 | PC: 12d6a | Write file or device (Write 403 bytes on handle 5) |
| 2018-12-17T22:46:13.615615597Z | 87 | PC: 12e65 | Get or set file date and time |
| 2018-12-17T22:46:13.61782377Z | 62 | PC: 12e69 | Close file |
| 2018-12-17T22:46:13.629379324Z | 67 | PC: 12ea9 | Get or set file attributes |
| 2018-12-17T22:46:13.640790967Z | 37 | PC: 12e7a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:46:13.642967343Z | 9 | PC: 12b00 | Display string (String= ' 654336 Bytes Total Memory ') |
| 2018-12-17T22:46:13.650174967Z | 9 | PC: 12b51 | Display string (String= ' 578240 Bytes Available Memory (88.37%) ') |
| 2018-12-17T22:46:13.656593879Z | 53 | PC: 12b76 | Get interrupt vector (Interrupt = '103' AKA 'Set handle count') |
| 2018-12-17T22:46:13.659107819Z | 76 | PC: 12c01 | Terminate with return code (Return code = '0') |