.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:46:20.439990757Z | 26 | PC: 12a6a | Set disk transfer address |
| 2018-12-17T22:46:20.441286169Z | 78 | PC: 12a83 | Find first file |
| 2018-12-17T22:46:20.44888425Z | 61 | PC: 12b0d | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:46:20.456276253Z | 63 | PC: 12b1c | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:46:20.463418357Z | 66 | PC: 12b2b | Move file pointer |
| 2018-12-17T22:46:20.466420225Z | 66 | PC: 12b3a | Move file pointer |
| 2018-12-17T22:46:20.468757023Z | 64 | PC: 12b46 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:46:20.472069134Z | 66 | PC: 12b52 | Move file pointer |
| 2018-12-17T22:46:20.474326404Z | 44 | PC: 12b56 | Get time 0x12b56: mov byte ptr [bp + 0x139], dl 0x12b5a: call 0x12b70 0x12b5d: mov ah, 0x40 0x12b5f: mov cx, 0x139 0x12b62: lea dx, word ptr [bp + 6] 0x12b66: int 0x21 0x12b68: call 0x12b70 0x12b6b: mov ah, 0x3e 0x12b6d: int 0x21 0x12b6f: ret 0x12b70: lea si, word ptr [bp + 0x17] 0x12b74: mov cx, 0x103 0x12b77: xor byte ptr [si], 0 0x12b7a: inc si 0x12b7b: dec cx 0x12b7c: jne 0x12b77 0x12b7e: ret 0x12b7f: add word ptr [bx], di 0x12b81: aas 0x12b82: aas |
| 2018-12-17T22:46:20.479402467Z | 64 | PC: 12b68 | Write file or device (Write 313 bytes on handle 5) |
| 2018-12-17T22:46:20.497085258Z | 62 | PC: 12b6f | Close file |
| 2018-12-17T22:46:20.505582136Z | 79 | PC: 12a83 | Find next file |
| 2018-12-17T22:46:20.514031446Z | 61 | PC: 12b0d | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:46:20.521453605Z | 63 | PC: 12b1c | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:46:20.530679362Z | 66 | PC: 12b2b | Move file pointer |
| 2018-12-17T22:46:20.533991002Z | 66 | PC: 12b3a | Move file pointer |
| 2018-12-17T22:46:20.5361566Z | 64 | PC: 12b46 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:46:20.539125055Z | 66 | PC: 12b52 | Move file pointer |
| 2018-12-17T22:46:20.541691395Z | 44 | PC: 12b56 | Get time 0x12b56: mov byte ptr [bp + 0x139], dl 0x12b5a: call 0x12b70 0x12b5d: mov ah, 0x40 0x12b5f: mov cx, 0x139 0x12b62: lea dx, word ptr [bp + 6] 0x12b66: int 0x21 0x12b68: call 0x12b70 0x12b6b: mov ah, 0x3e 0x12b6d: int 0x21 0x12b6f: ret 0x12b70: lea si, word ptr [bp + 0x17] 0x12b74: mov cx, 0x103 0x12b77: xor byte ptr [si], 0x3f 0x12b7a: inc si 0x12b7b: dec cx 0x12b7c: jne 0x12b77 0x12b7e: ret 0x12b7f: add word ptr [bx], di 0x12b81: aas 0x12b82: aas |
| 2018-12-17T22:46:20.544339528Z | 64 | PC: 12b68 | Write file or device (Write 313 bytes on handle 5) |
| 2018-12-17T22:46:20.547436294Z | 62 | PC: 12b6f | Close file |
| 2018-12-17T22:46:20.555653107Z | 79 | PC: 12a83 | Find next file |
| 2018-12-17T22:46:20.562700964Z | 61 | PC: 12b0d | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:46:20.570452131Z | 63 | PC: 12b1c | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:46:20.577940977Z | 66 | PC: 12b2b | Move file pointer |
| 2018-12-17T22:46:20.58049349Z | 66 | PC: 12b3a | Move file pointer |
| 2018-12-17T22:46:20.582291848Z | 64 | PC: 12b46 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:46:20.586319362Z | 66 | PC: 12b52 | Move file pointer |
| 2018-12-17T22:46:20.588795944Z | 44 | PC: 12b56 | Get time 0x12b56: mov byte ptr [bp + 0x139], dl 0x12b5a: call 0x12b70 0x12b5d: mov ah, 0x40 0x12b5f: mov cx, 0x139 0x12b62: lea dx, word ptr [bp + 6] 0x12b66: int 0x21 0x12b68: call 0x12b70 0x12b6b: mov ah, 0x3e 0x12b6d: int 0x21 0x12b6f: ret 0x12b70: lea si, word ptr [bp + 0x17] 0x12b74: mov cx, 0x103 0x12b77: xor byte ptr [si], 0x44 0x12b7a: inc si 0x12b7b: dec cx 0x12b7c: jne 0x12b77 0x12b7e: ret 0x12b7f: add word ptr [bx], di 0x12b81: aas 0x12b82: aas |
| 2018-12-17T22:46:20.591790287Z | 64 | PC: 12b68 | Write file or device (Write 313 bytes on handle 5) |
| 2018-12-17T22:46:20.595072201Z | 62 | PC: 12b6f | Close file |
| 2018-12-17T22:46:20.604144851Z | 79 | PC: 12a83 | Find next file |
| 2018-12-17T22:46:20.607510282Z | 61 | PC: 12b0d | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:46:20.614654159Z | 63 | PC: 12b1c | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:46:20.622048256Z | 66 | PC: 12b2b | Move file pointer |
| 2018-12-17T22:46:20.62471806Z | 66 | PC: 12b3a | Move file pointer |
| 2018-12-17T22:46:20.626143587Z | 64 | PC: 12b46 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:46:20.628330234Z | 66 | PC: 12b52 | Move file pointer |
| 2018-12-17T22:46:20.63067058Z | 44 | PC: 12b56 | Get time 0x12b56: mov byte ptr [bp + 0x139], dl 0x12b5a: call 0x12b70 0x12b5d: mov ah, 0x40 0x12b5f: mov cx, 0x139 0x12b62: lea dx, word ptr [bp + 6] 0x12b66: int 0x21 0x12b68: call 0x12b70 0x12b6b: mov ah, 0x3e 0x12b6d: int 0x21 0x12b6f: ret 0x12b70: lea si, word ptr [bp + 0x17] 0x12b74: mov cx, 0x103 0x12b77: xor byte ptr [si], 0x4a 0x12b7a: inc si 0x12b7b: dec cx 0x12b7c: jne 0x12b77 0x12b7e: ret 0x12b7f: add word ptr [bx], di 0x12b81: aas 0x12b82: aas |
| 2018-12-17T22:46:20.632788448Z | 64 | PC: 12b68 | Write file or device (Write 313 bytes on handle 5) |
| 2018-12-17T22:46:20.635411444Z | 62 | PC: 12b6f | Close file |
| 2018-12-17T22:46:20.643261387Z | 79 | PC: 12a83 | Find next file |
| 2018-12-17T22:46:20.646102152Z | 61 | PC: 12b0d | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:46:20.653089767Z | 63 | PC: 12b1c | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:46:20.659986199Z | 66 | PC: 12b2b | Move file pointer |
| 2018-12-17T22:46:20.661672295Z | 66 | PC: 12b3a | Move file pointer |
| 2018-12-17T22:46:20.66339474Z | 64 | PC: 12b46 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:46:20.667211969Z | 66 | PC: 12b52 | Move file pointer |
| 2018-12-17T22:46:20.668794422Z | 44 | PC: 12b56 | Get time 0x12b56: mov byte ptr [bp + 0x139], dl 0x12b5a: call 0x12b70 0x12b5d: mov ah, 0x40 0x12b5f: mov cx, 0x139 0x12b62: lea dx, word ptr [bp + 6] 0x12b66: int 0x21 0x12b68: call 0x12b70 0x12b6b: mov ah, 0x3e 0x12b6d: int 0x21 0x12b6f: ret 0x12b70: lea si, word ptr [bp + 0x17] 0x12b74: mov cx, 0x103 0x12b77: xor byte ptr [si], 0x4a 0x12b7a: inc si 0x12b7b: dec cx 0x12b7c: jne 0x12b77 0x12b7e: ret 0x12b7f: add word ptr [bx], di 0x12b81: aas 0x12b82: aas |
| 2018-12-17T22:46:20.671096145Z | 64 | PC: 12b68 | Write file or device (Write 313 bytes on handle 5) |
| 2018-12-17T22:46:20.674911811Z | 62 | PC: 12b6f | Close file |
| 2018-12-17T22:46:20.682080715Z | 79 | PC: 12a83 | Find next file |
| 2018-12-17T22:46:20.684658226Z | 61 | PC: 12b0d | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:46:20.690822834Z | 63 | PC: 12b1c | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:46:20.696584536Z | 66 | PC: 12b2b | Move file pointer |
| 2018-12-17T22:46:20.697968254Z | 66 | PC: 12b3a | Move file pointer |
| 2018-12-17T22:46:20.699599317Z | 64 | PC: 12b46 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:46:20.702277477Z | 66 | PC: 12b52 | Move file pointer |
| 2018-12-17T22:46:20.703617885Z | 44 | PC: 12b56 | Get time 0x12b56: mov byte ptr [bp + 0x139], dl 0x12b5a: call 0x12b70 0x12b5d: mov ah, 0x40 0x12b5f: mov cx, 0x139 0x12b62: lea dx, word ptr [bp + 6] 0x12b66: int 0x21 0x12b68: call 0x12b70 0x12b6b: mov ah, 0x3e 0x12b6d: int 0x21 0x12b6f: ret 0x12b70: lea si, word ptr [bp + 0x17] 0x12b74: mov cx, 0x103 0x12b77: xor byte ptr [si], 0x4f 0x12b7a: inc si 0x12b7b: dec cx 0x12b7c: jne 0x12b77 0x12b7e: ret 0x12b7f: add word ptr [bx], di 0x12b81: aas 0x12b82: aas |
| 2018-12-17T22:46:20.705557689Z | 64 | PC: 12b68 | Write file or device (Write 313 bytes on handle 5) |
| 2018-12-17T22:46:20.712553086Z | 62 | PC: 12b6f | Close file |
| 2018-12-17T22:46:20.719683218Z | 79 | PC: 12a83 | Find next file |
| 2018-12-17T22:46:20.721859726Z | 61 | PC: 12b0d | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:46:20.728018923Z | 63 | PC: 12b1c | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:46:20.734516126Z | 66 | PC: 12b2b | Move file pointer |
| 2018-12-17T22:46:20.735734565Z | 66 | PC: 12b3a | Move file pointer |
| 2018-12-17T22:46:20.737389753Z | 64 | PC: 12b46 | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:46:20.740187117Z | 66 | PC: 12b52 | Move file pointer |
| 2018-12-17T22:46:20.74290969Z | 44 | PC: 12b56 | Get time 0x12b56: mov byte ptr [bp + 0x139], dl 0x12b5a: call 0x12b70 0x12b5d: mov ah, 0x40 0x12b5f: mov cx, 0x139 0x12b62: lea dx, word ptr [bp + 6] 0x12b66: int 0x21 0x12b68: call 0x12b70 0x12b6b: mov ah, 0x3e 0x12b6d: int 0x21 0x12b6f: ret 0x12b70: lea si, word ptr [bp + 0x17] 0x12b74: mov cx, 0x103 0x12b77: xor byte ptr [si], 0x4f 0x12b7a: inc si 0x12b7b: dec cx 0x12b7c: jne 0x12b77 0x12b7e: ret 0x12b7f: add word ptr [bx], di 0x12b81: aas 0x12b82: aas |
| 2018-12-17T22:46:20.745960701Z | 64 | PC: 12b68 | Write file or device (Write 313 bytes on handle 5) |
| 2018-12-17T22:46:20.748823868Z | 62 | PC: 12b6f | Close file |
| 2018-12-17T22:46:20.758801828Z | 26 | PC: 12a93 | Set disk transfer address |