.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:46:26.478165613Z | 37 | PC: 12bcc | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:46:26.479588766Z | 71 | PC: 12bd7 | Get current directory |
| 2018-12-17T22:46:26.484437152Z | 26 | PC: 12c2c | Set disk transfer address |
| 2018-12-17T22:46:26.490464903Z | 78 | PC: 12c38 | Find first file |
| 2018-12-17T22:46:26.497610062Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:46:26.505525689Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:46:26.522719131Z | 61 | PC: 12c55 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:46:26.535165457Z | 66 | PC: 12c62 | Move file pointer |
| 2018-12-17T22:46:26.537693855Z | 63 | PC: 12d66 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:46:26.54653466Z | 87 | PC: 12c92 | Get or set file date and time |
| 2018-12-17T22:46:26.54844639Z | 66 | PC: 12c9d | Move file pointer |
| 2018-12-17T22:46:26.550258944Z | 63 | PC: 12d66 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:46:26.553486686Z | 44 | PC: 12d31 | Get time 0x12d31: xor ch, dh 0x12d33: mov word ptr [si + 0x24e], cx 0x12d37: xor byte ptr [si + 0x247], cl 0x12d3b: xor word ptr [si + 0x248], cx 0x12d3f: ret 0x12d40: mov cx, word ptr [si + 0x24e] 0x12d44: jmp 0x12d37 0x12d46: mov ah, 0x3e 0x12d48: int 0x21 0x12d4a: mov al, 1 0x12d4c: mov ah, 0x43 0x12d4e: mov dx, 0x335 0x12d51: jmp 0x12d62 0x12d53: mov ah, 0x3f 0x12d55: mov cx, 3 0x12d58: mov dx, 0x247 0x12d5b: jmp 0x12d62 0x12d5d: mov ah, 0x3b 0x12d5f: mov dx, 0x23b 0x12d62: add dx, si |
| 2018-12-17T22:46:26.556886141Z | 66 | PC: 12cac | Move file pointer |
| 2018-12-17T22:46:26.558822077Z | 64 | PC: 12cb8 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:26.562572361Z | 66 | PC: 12cc1 | Move file pointer |
| 2018-12-17T22:46:26.564642138Z | 64 | PC: 12ce7 | Write file or device (Write 12 bytes on handle 5) |
| 2018-12-17T22:46:26.567897211Z | 64 | PC: 12cf3 | Write file or device (Write 599 bytes on handle 5) |
| 2018-12-17T22:46:26.577958548Z | 87 | PC: 12cfa | Get or set file date and time |
| 2018-12-17T22:46:26.580958272Z | 62 | PC: 12d4a | Close file |
| 2018-12-17T22:46:26.591026752Z | 67 | PC: 12d66 | Get or set file attributes |
| 2018-12-17T22:46:26.609845346Z | 59 | PC: 12d66 | Change current directory |
| 2018-12-17T22:46:26.616760814Z | 59 | PC: 12d0a | Change current directory |
| 2018-12-17T22:46:26.619153428Z | 26 | PC: 12d11 | Set disk transfer address |
| 2018-12-17T22:46:26.621227343Z | 37 | PC: 12d1a | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:46:26.623300356Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ') |
| 2018-12-17T22:46:26.628979232Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |