.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:46:14.26000857Z | 26 | PC: 12a65 | Set disk transfer address |
| 2018-12-17T22:46:14.261873307Z | 78 | PC: 12a7a | Find first file |
| 2018-12-17T22:46:14.26880739Z | 44 | PC: 12b08 | Get time 0x12b08: xor dl, ch 0x12b0a: mov byte ptr ds:[bp + 0x1e0], dl 0x12b0f: ret 0x12b10: push ax 0x12b11: mov ah, byte ptr ds:[bp + 0x1e0] 0x12b16: mov di, si 0x12b18: lodsb al, byte ptr [si] 0x12b19: xor al, ah 0x12b1b: stosb byte ptr es:[di], al 0x12b1c: loop 0x12b18 0x12b1e: pop ax 0x12b1f: ret 0x12b20: add al, ch |
| 2018-12-17T22:46:14.27135079Z | 61 | PC: 12a95 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:46:14.279001084Z | 63 | PC: 12aa3 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:46:14.287012008Z | 66 | PC: 12abc | Move file pointer |
| 2018-12-17T22:46:14.289181901Z | 64 | PC: 12b2f | Write file or device (Write 264 bytes on handle 5) |
| 2018-12-17T22:46:14.305774982Z | 66 | PC: 12ad7 | Move file pointer |
| 2018-12-17T22:46:14.308937505Z | 64 | PC: 12ae2 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:14.31663819Z | 87 | PC: 12af1 | Get or set file date and time |
| 2018-12-17T22:46:14.322563005Z | 62 | PC: 12af5 | Close file |
| 2018-12-17T22:46:14.332228127Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T22:46:14.336263543Z | 44 | PC: 12b08 | Get time 0x12b08: xor dl, ch 0x12b0a: mov byte ptr ds:[bp + 0x1e0], dl 0x12b0f: ret 0x12b10: push ax 0x12b11: mov ah, byte ptr ds:[bp + 0x1e0] 0x12b16: mov di, si 0x12b18: lodsb al, byte ptr [si] 0x12b19: xor al, ah 0x12b1b: stosb byte ptr es:[di], al 0x12b1c: loop 0x12b18 0x12b1e: pop ax 0x12b1f: ret 0x12b20: inc ax 0x12b21: call 0x12b33 0x12b24: mov ah, 0x40 0x12b26: mov cx, 0x108 0x12b29: lea dx, word ptr [bp + 0x103] 0x12b2d: int 0x21 0x12b2f: call 0x12b33 0x12b32: ret |
| 2018-12-17T22:46:14.339153318Z | 61 | PC: 12a95 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:46:14.348593134Z | 63 | PC: 12aa3 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:46:14.356093216Z | 66 | PC: 12abc | Move file pointer |
| 2018-12-17T22:46:14.358255613Z | 64 | PC: 12b2f | Write file or device (Write 264 bytes on handle 5) |
| 2018-12-17T22:46:14.362653448Z | 66 | PC: 12ad7 | Move file pointer |
| 2018-12-17T22:46:14.364119675Z | 64 | PC: 12ae2 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:14.367029329Z | 87 | PC: 12af1 | Get or set file date and time |
| 2018-12-17T22:46:14.368684524Z | 62 | PC: 12af5 | Close file |
| 2018-12-17T22:46:14.377690389Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T22:46:14.381076327Z | 44 | PC: 12b08 | Get time 0x12b08: xor dl, ch 0x12b0a: mov byte ptr ds:[bp + 0x1e0], dl 0x12b0f: ret 0x12b10: push ax 0x12b11: mov ah, byte ptr ds:[bp + 0x1e0] 0x12b16: mov di, si 0x12b18: lodsb al, byte ptr [si] 0x12b19: xor al, ah 0x12b1b: stosb byte ptr es:[di], al 0x12b1c: loop 0x12b18 0x12b1e: pop ax 0x12b1f: ret 0x12b20: inc si 0x12b21: call 0x12b33 0x12b24: mov ah, 0x40 0x12b26: mov cx, 0x108 0x12b29: lea dx, word ptr [bp + 0x103] 0x12b2d: int 0x21 0x12b2f: call 0x12b33 0x12b32: ret |
| 2018-12-17T22:46:14.38397642Z | 61 | PC: 12a95 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:46:14.392213226Z | 63 | PC: 12aa3 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:46:14.399484492Z | 66 | PC: 12abc | Move file pointer |
| 2018-12-17T22:46:14.401470788Z | 64 | PC: 12b2f | Write file or device (Write 264 bytes on handle 5) |
| 2018-12-17T22:46:14.406722376Z | 66 | PC: 12ad7 | Move file pointer |
| 2018-12-17T22:46:14.40865603Z | 64 | PC: 12ae2 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:14.411970202Z | 87 | PC: 12af1 | Get or set file date and time |
| 2018-12-17T22:46:14.41466656Z | 62 | PC: 12af5 | Close file |
| 2018-12-17T22:46:14.422973747Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T22:46:14.425837297Z | 44 | PC: 12b08 | Get time 0x12b08: xor dl, ch 0x12b0a: mov byte ptr ds:[bp + 0x1e0], dl 0x12b0f: ret 0x12b10: push ax 0x12b11: mov ah, byte ptr ds:[bp + 0x1e0] 0x12b16: mov di, si 0x12b18: lodsb al, byte ptr [si] 0x12b19: xor al, ah 0x12b1b: stosb byte ptr es:[di], al 0x12b1c: loop 0x12b18 0x12b1e: pop ax 0x12b1f: ret 0x12b20: inc si 0x12b21: call 0x12b33 0x12b24: mov ah, 0x40 0x12b26: mov cx, 0x108 0x12b29: lea dx, word ptr [bp + 0x103] 0x12b2d: int 0x21 0x12b2f: call 0x12b33 0x12b32: ret |
| 2018-12-17T22:46:14.429148469Z | 61 | PC: 12a95 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:46:14.436574793Z | 63 | PC: 12aa3 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:46:14.442348314Z | 66 | PC: 12abc | Move file pointer |
| 2018-12-17T22:46:14.44367556Z | 64 | PC: 12b2f | Write file or device (Write 264 bytes on handle 5) |
| 2018-12-17T22:46:14.44588411Z | 66 | PC: 12ad7 | Move file pointer |
| 2018-12-17T22:46:14.447005649Z | 64 | PC: 12ae2 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:14.448924105Z | 87 | PC: 12af1 | Get or set file date and time |
| 2018-12-17T22:46:14.450500506Z | 62 | PC: 12af5 | Close file |
| 2018-12-17T22:46:14.45554206Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T22:46:14.457391578Z | 44 | PC: 12b08 | Get time 0x12b08: xor dl, ch 0x12b0a: mov byte ptr ds:[bp + 0x1e0], dl 0x12b0f: ret 0x12b10: push ax 0x12b11: mov ah, byte ptr ds:[bp + 0x1e0] 0x12b16: mov di, si 0x12b18: lodsb al, byte ptr [si] 0x12b19: xor al, ah 0x12b1b: stosb byte ptr es:[di], al 0x12b1c: loop 0x12b18 0x12b1e: pop ax 0x12b1f: ret 0x12b20: dec bx 0x12b21: call 0x12b33 0x12b24: mov ah, 0x40 0x12b26: mov cx, 0x108 0x12b29: lea dx, word ptr [bp + 0x103] 0x12b2d: int 0x21 0x12b2f: call 0x12b33 0x12b32: ret |
| 2018-12-17T22:46:14.459710037Z | 61 | PC: 12a95 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:46:14.46401136Z | 63 | PC: 12aa3 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:46:14.468226124Z | 66 | PC: 12abc | Move file pointer |
| 2018-12-17T22:46:14.470034307Z | 64 | PC: 12b2f | Write file or device (Write 264 bytes on handle 5) |
| 2018-12-17T22:46:14.472425185Z | 66 | PC: 12ad7 | Move file pointer |
| 2018-12-17T22:46:14.473708137Z | 64 | PC: 12ae2 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:14.476549422Z | 87 | PC: 12af1 | Get or set file date and time |
| 2018-12-17T22:46:14.477984869Z | 62 | PC: 12af5 | Close file |
| 2018-12-17T22:46:14.485954625Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T22:46:14.488989835Z | 44 | PC: 12b08 | Get time 0x12b08: xor dl, ch 0x12b0a: mov byte ptr ds:[bp + 0x1e0], dl 0x12b0f: ret 0x12b10: push ax 0x12b11: mov ah, byte ptr ds:[bp + 0x1e0] 0x12b16: mov di, si 0x12b18: lodsb al, byte ptr [si] 0x12b19: xor al, ah 0x12b1b: stosb byte ptr es:[di], al 0x12b1c: loop 0x12b18 0x12b1e: pop ax 0x12b1f: ret 0x12b20: dec bx 0x12b21: call 0x12b33 0x12b24: mov ah, 0x40 0x12b26: mov cx, 0x108 0x12b29: lea dx, word ptr [bp + 0x103] 0x12b2d: int 0x21 0x12b2f: call 0x12b33 0x12b32: ret |
| 2018-12-17T22:46:14.491647687Z | 61 | PC: 12a95 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:46:14.495844474Z | 63 | PC: 12aa3 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:46:14.499988398Z | 66 | PC: 12abc | Move file pointer |
| 2018-12-17T22:46:14.501576102Z | 64 | PC: 12b2f | Write file or device (Write 264 bytes on handle 5) |
| 2018-12-17T22:46:14.507210676Z | 66 | PC: 12ad7 | Move file pointer |
| 2018-12-17T22:46:14.508358881Z | 64 | PC: 12ae2 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:14.515976024Z | 87 | PC: 12af1 | Get or set file date and time |
| 2018-12-17T22:46:14.517581138Z | 62 | PC: 12af5 | Close file |
| 2018-12-17T22:46:14.526694476Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T22:46:14.530539694Z | 44 | PC: 12b08 | Get time 0x12b08: xor dl, ch 0x12b0a: mov byte ptr ds:[bp + 0x1e0], dl 0x12b0f: ret 0x12b10: push ax 0x12b11: mov ah, byte ptr ds:[bp + 0x1e0] 0x12b16: mov di, si 0x12b18: lodsb al, byte ptr [si] 0x12b19: xor al, ah 0x12b1b: stosb byte ptr es:[di], al 0x12b1c: loop 0x12b18 0x12b1e: pop ax 0x12b1f: ret 0x12b20: push cx 0x12b21: call 0x12b33 0x12b24: mov ah, 0x40 0x12b26: mov cx, 0x108 0x12b29: lea dx, word ptr [bp + 0x103] 0x12b2d: int 0x21 0x12b2f: call 0x12b33 0x12b32: ret |
| 2018-12-17T22:46:14.533414742Z | 61 | PC: 12a95 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:46:14.541900113Z | 63 | PC: 12aa3 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:46:14.549783106Z | 66 | PC: 12abc | Move file pointer |
| 2018-12-17T22:46:14.551870227Z | 64 | PC: 12b2f | Write file or device (Write 264 bytes on handle 5) |
| 2018-12-17T22:46:14.555316451Z | 66 | PC: 12ad7 | Move file pointer |
| 2018-12-17T22:46:14.557992776Z | 64 | PC: 12ae2 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:14.561142952Z | 87 | PC: 12af1 | Get or set file date and time |
| 2018-12-17T22:46:14.563068086Z | 62 | PC: 12af5 | Close file |
| 2018-12-17T22:46:14.572560794Z | 79 | PC: 12a7a | Find next file |
| 2018-12-17T22:46:14.575388761Z | 26 | PC: 12b01 | Set disk transfer address |