.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:46:14.184047498Z | 44 | PC: 13c6a | Get time 0x13c6a: cmp dh, 2 0x13c6d: jle 0x13c7e 0x13c6f: jmp 0x13cac 0x13c71: nop 0x13c72: sub ch, byte ptr [0x7865] 0x13c76: add byte ptr gs:[bp + di + 0x3a], ah 0x13c7a: pop sp 0x13c7b: outsb dx, byte ptr [si] 0x13c7c: arpl word ptr [bx + si], ax 0x13c7e: cmp dl, 0x60 0x13c81: jle 0x13ca5 0x13c83: mov dx, 0x80 0x13c86: mov cx, 1 0x13c89: mov ax, 0x201 0x13c8c: mov bx, 0x220 0x13c8f: int 0x13 0x13c91: mov ax, 0xff 0x13c94: mov bx, 0x220 0x13c97: add bx, 0x1c0 0x13c9b: mov word ptr [bx], ax |
| 2018-12-17T22:46:14.187688419Z | 78 | PC: 13cb6 | Find first file |
| 2018-12-17T22:46:14.194440213Z | 47 | PC: 13cbf | Get disk transfer address |
| 2018-12-17T22:46:14.195572258Z | 61 | PC: 13ccd | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:46:14.202883004Z | 87 | PC: 13cd8 | Get or set file date and time |
| 2018-12-17T22:46:14.230144557Z | 66 | PC: 13d0f | Move file pointer |
| 2018-12-17T22:46:14.231804405Z | 66 | PC: 13d21 | Move file pointer |
| 2018-12-17T22:46:14.233502577Z | 66 | PC: 13d8d | Move file pointer |
| 2018-12-17T22:46:14.238416243Z | 64 | PC: 13d98 | Write file or device (Write 24 bytes on handle 27) |
| 2018-12-17T22:46:14.24009042Z | 66 | PC: 13da3 | Move file pointer |
| 2018-12-17T22:46:14.243332933Z | 64 | PC: 13db7 | Write file or device (Write 7 bytes on handle 27) |
| 2018-12-17T22:46:14.245902034Z | 66 | PC: 13dc2 | Move file pointer |
| 2018-12-17T22:46:14.247788602Z | 64 | PC: 13dcd | Write file or device (Write 441 bytes on handle 27) |
| 2018-12-17T22:46:14.249315984Z | 87 | PC: 13de6 | Get or set file date and time |
| 2018-12-17T22:46:14.251618263Z | 62 | PC: 13dea | Close file |
| 2018-12-17T22:46:14.253324793Z | 9 | PC: 12a5c | Display string (Could not find end pointer) |
| 2018-12-17T22:46:14.260184697Z | 76 | PC: 12a61 | Terminate with return code (Return code = '0') |