.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T21:58:15.933545909Z | 26 | PC: 12e54 | Set disk transfer address |
| 2018-12-17T21:58:15.935067075Z | 37 | PC: 12e62 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |
| 2018-12-17T21:58:15.936670765Z | 37 | PC: 12e66 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input') |
| 2018-12-17T21:58:15.937739739Z | 78 | PC: 12eb4 | Find first file |
| 2018-12-17T21:58:15.942145013Z | 61 | PC: 12fff | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T21:58:15.948521873Z | 63 | PC: 1300e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:58:15.955966798Z | 66 | PC: 1301e | Move file pointer |
| 2018-12-17T21:58:15.957465901Z | 66 | PC: 1302e | Move file pointer |
| 2018-12-17T21:58:15.962027979Z | 64 | PC: 1303a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:58:15.964472345Z | 66 | PC: 13047 | Move file pointer |
| 2018-12-17T21:58:15.96586771Z | 44 | PC: 1304b | Get time 0x1304b: mov byte ptr ds:[bp + 0x34d], dl 0x13050: call 0x13066 0x13053: mov ah, 0x40 0x13055: mov cx, 0x24d 0x13058: lea dx, word ptr [bp + 0x106] 0x1305c: int 0x21 0x1305e: call 0x13066 0x13061: mov ah, 0x3e 0x13063: int 0x21 0x13065: ret 0x13066: lea si, word ptr [bp + 0x11f] 0x1306a: mov cx, 0x20f 0x1306d: xor byte ptr [si], 0x17 0x13070: inc si 0x13071: dec cx 0x13072: jne 0x1306d 0x13074: ret 0x13075: add word ptr [bx], di 0x13077: aas 0x13078: aas |
| 2018-12-17T21:58:15.969021178Z | 64 | PC: 1305e | Write file or device (Write 589 bytes on handle 5) |
| 2018-12-17T21:58:15.982933718Z | 62 | PC: 13065 | Close file |
| 2018-12-17T21:58:15.990422847Z | 79 | PC: 12eb4 | Find next file |
| 2018-12-17T21:58:15.993687195Z | 61 | PC: 12fff | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T21:58:15.999932165Z | 63 | PC: 1300e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:58:16.005894575Z | 66 | PC: 1301e | Move file pointer |
| 2018-12-17T21:58:16.009724623Z | 66 | PC: 1302e | Move file pointer |
| 2018-12-17T21:58:16.010984569Z | 64 | PC: 1303a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:58:16.013365276Z | 66 | PC: 13047 | Move file pointer |
| 2018-12-17T21:58:16.015746115Z | 44 | PC: 1304b | Get time 0x1304b: mov byte ptr ds:[bp + 0x34d], dl 0x13050: call 0x13066 0x13053: mov ah, 0x40 0x13055: mov cx, 0x24d 0x13058: lea dx, word ptr [bp + 0x106] 0x1305c: int 0x21 0x1305e: call 0x13066 0x13061: mov ah, 0x3e 0x13063: int 0x21 0x13065: ret 0x13066: lea si, word ptr [bp + 0x11f] 0x1306a: mov cx, 0x20f 0x1306d: xor byte ptr [si], 0x3d 0x13070: inc si 0x13071: dec cx 0x13072: jne 0x1306d 0x13074: ret 0x13075: add word ptr [bx], di 0x13077: aas 0x13078: aas |
| 2018-12-17T21:58:16.018569843Z | 64 | PC: 1305e | Write file or device (Write 589 bytes on handle 5) |
| 2018-12-17T21:58:16.02656969Z | 62 | PC: 13065 | Close file |
| 2018-12-17T21:58:16.037552771Z | 79 | PC: 12eb4 | Find next file |
| 2018-12-17T21:58:16.041812075Z | 61 | PC: 12fff | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T21:58:16.048065797Z | 63 | PC: 1300e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:58:16.055680592Z | 66 | PC: 1301e | Move file pointer |
| 2018-12-17T21:58:16.057313579Z | 66 | PC: 1302e | Move file pointer |
| 2018-12-17T21:58:16.059082144Z | 64 | PC: 1303a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:58:16.062046731Z | 66 | PC: 13047 | Move file pointer |
| 2018-12-17T21:58:16.063685386Z | 44 | PC: 1304b | Get time 0x1304b: mov byte ptr ds:[bp + 0x34d], dl 0x13050: call 0x13066 0x13053: mov ah, 0x40 0x13055: mov cx, 0x24d 0x13058: lea dx, word ptr [bp + 0x106] 0x1305c: int 0x21 0x1305e: call 0x13066 0x13061: mov ah, 0x3e 0x13063: int 0x21 0x13065: ret 0x13066: lea si, word ptr [bp + 0x11f] 0x1306a: mov cx, 0x20f 0x1306d: xor byte ptr [si], 0x43 0x13070: inc si 0x13071: dec cx 0x13072: jne 0x1306d 0x13074: ret 0x13075: add word ptr [bx], di 0x13077: aas 0x13078: aas |
| 2018-12-17T21:58:16.066206804Z | 64 | PC: 1305e | Write file or device (Write 589 bytes on handle 5) |
| 2018-12-17T21:58:16.074392027Z | 62 | PC: 13065 | Close file |
| 2018-12-17T21:58:16.084616671Z | 79 | PC: 12eb4 | Find next file |
| 2018-12-17T21:58:16.09192173Z | 61 | PC: 12fff | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T21:58:16.102348927Z | 63 | PC: 1300e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:58:16.115372343Z | 66 | PC: 1301e | Move file pointer |
| 2018-12-17T21:58:16.117289222Z | 66 | PC: 1302e | Move file pointer |
| 2018-12-17T21:58:16.119466312Z | 64 | PC: 1303a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:58:16.123137068Z | 66 | PC: 13047 | Move file pointer |
| 2018-12-17T21:58:16.124519998Z | 44 | PC: 1304b | Get time 0x1304b: mov byte ptr ds:[bp + 0x34d], dl 0x13050: call 0x13066 0x13053: mov ah, 0x40 0x13055: mov cx, 0x24d 0x13058: lea dx, word ptr [bp + 0x106] 0x1305c: int 0x21 0x1305e: call 0x13066 0x13061: mov ah, 0x3e 0x13063: int 0x21 0x13065: ret 0x13066: lea si, word ptr [bp + 0x11f] 0x1306a: mov cx, 0x20f 0x1306d: xor byte ptr [si], 0x43 0x13070: inc si 0x13071: dec cx 0x13072: jne 0x1306d 0x13074: ret 0x13075: add word ptr [bx], di 0x13077: aas 0x13078: aas |
| 2018-12-17T21:58:16.126757626Z | 64 | PC: 1305e | Write file or device (Write 589 bytes on handle 5) |
| 2018-12-17T21:58:16.13524452Z | 62 | PC: 13065 | Close file |
| 2018-12-17T21:58:16.143470614Z | 79 | PC: 12eb4 | Find next file |
| 2018-12-17T21:58:16.146247125Z | 61 | PC: 12fff | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T21:58:16.153481146Z | 63 | PC: 1300e | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T21:58:16.159929299Z | 66 | PC: 1301e | Move file pointer |
| 2018-12-17T21:58:16.161783232Z | 66 | PC: 1302e | Move file pointer |
| 2018-12-17T21:58:16.164138134Z | 64 | PC: 1303a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T21:58:16.167352931Z | 66 | PC: 13047 | Move file pointer |
| 2018-12-17T21:58:16.169016542Z | 44 | PC: 1304b | Get time 0x1304b: mov byte ptr ds:[bp + 0x34d], dl 0x13050: call 0x13066 0x13053: mov ah, 0x40 0x13055: mov cx, 0x24d 0x13058: lea dx, word ptr [bp + 0x106] 0x1305c: int 0x21 0x1305e: call 0x13066 0x13061: mov ah, 0x3e 0x13063: int 0x21 0x13065: ret 0x13066: lea si, word ptr [bp + 0x11f] 0x1306a: mov cx, 0x20f 0x1306d: xor byte ptr [si], 0x48 0x13070: inc si 0x13071: dec cx 0x13072: jne 0x1306d 0x13074: ret 0x13075: add word ptr [bx], di 0x13077: aas 0x13078: aas |
| 2018-12-17T21:58:16.17148595Z | 64 | PC: 1305e | Write file or device (Write 589 bytes on handle 5) |
| 2018-12-17T21:58:16.180788999Z | 62 | PC: 13065 | Close file |
| 2018-12-17T21:58:16.189040173Z | 26 | PC: 12ece | Set disk transfer address |
| 2018-12-17T21:58:16.1904168Z | 9 | PC: 12ee6 | Display string (Could not find end pointer) |
| 2018-12-17T21:58:16.223807286Z | 19 | PC: 12efb | Delete file |
| 2018-12-17T21:58:16.230523126Z | 9 | PC: 12f2d | Display string (String= '????????OV?�') |