.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:46:49.36173249Z | 47 | PC: 12afc | Get disk transfer address |
| 2018-12-17T22:46:49.364672471Z | 26 | PC: 12b08 | Set disk transfer address |
| 2018-12-17T22:46:49.365783346Z | 71 | PC: 12b12 | Get current directory |
| 2018-12-17T22:46:49.368525653Z | 78 | PC: 12b1d | Find first file |
| 2018-12-17T22:46:49.374657219Z | 67 | PC: 12b2a | Get or set file attributes |
| 2018-12-17T22:46:49.378267582Z | 67 | PC: 12b3a | Get or set file attributes |
| 2018-12-17T22:46:49.391300661Z | 61 | PC: 12b4a | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:46:49.402883366Z | 63 | PC: 12b64 | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:46:49.409062519Z | 66 | PC: 12bba | Move file pointer |
| 2018-12-17T22:46:49.410307578Z | 64 | PC: 12bc5 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:49.413176213Z | 66 | PC: 12bce | Move file pointer |
| 2018-12-17T22:46:49.414527284Z | 44 | PC: 12bd2 | Get time 0x12bd2: mov byte ptr [bp + 0x318], dl 0x12bd6: lea dx, word ptr [bp + 0x106] 0x12bda: mov cx, 0x220 0x12bdd: lea ax, word ptr [bp + 0x253] 0x12be1: push ax 0x12be2: push cx 0x12be3: push dx 0x12be4: push ax 0x12be5: push bp 0x12be6: mov bp, sp 0x12be8: mov word ptr [bp + 2], 0xff 0x12bed: pop bp 0x12bee: jmp 0x12ab6 0x12bf1: mov ax, 0x5701 0x12bf4: mov cx, word ptr [bp + 0x310] 0x12bf8: mov dx, word ptr [bp + 0x312] 0x12bfc: int 0x21 0x12bfe: mov ah, 0x3e 0x12c00: int 0x21 0x12c02: mov ax, 0x4301 |
| 2018-12-17T22:46:49.416726829Z | 64 | PC: 12ae0 | Write file or device (Write 544 bytes on handle 5) |
| 2018-12-17T22:46:49.425096984Z | 87 | PC: 12bfe | Get or set file date and time |
| 2018-12-17T22:46:49.42658016Z | 62 | PC: 12c02 | Close file |
| 2018-12-17T22:46:49.434552172Z | 67 | PC: 12c11 | Get or set file attributes |
| 2018-12-17T22:46:49.444740612Z | 59 | PC: 12c19 | Change current directory |
| 2018-12-17T22:46:49.448663613Z | 26 | PC: 12c2a | Set disk transfer address |