.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:47:17.110757177Z | 78 | PC: 15254 | Find first file |
| 2018-12-17T22:47:17.118948751Z | 79 | PC: 15254 | Find next file |
| 2018-12-17T22:47:17.122353293Z | 79 | PC: 15254 | Find next file |
| 2018-12-17T22:47:17.125609364Z | 79 | PC: 15254 | Find next file |
| 2018-12-17T22:47:17.129130851Z | 79 | PC: 15254 | Find next file |
| 2018-12-17T22:47:17.137690779Z | 79 | PC: 15254 | Find next file |
| 2018-12-17T22:47:17.14068867Z | 79 | PC: 15254 | Find next file |
| 2018-12-17T22:47:17.143578874Z | 79 | PC: 15254 | Find next file |
| 2018-12-17T22:47:17.148441773Z | 61 | PC: 15296 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:47:17.156173899Z | 63 | PC: 152ab | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:47:17.159907199Z | 66 | PC: 152d1 | Move file pointer |
| 2018-12-17T22:47:17.180875553Z | 64 | PC: 1531d | Write file or device (Write 3147 bytes on handle 5) |
| 2018-12-17T22:47:17.19776163Z | 66 | PC: 15329 | Move file pointer |
| 2018-12-17T22:47:17.199947923Z | 64 | PC: 15337 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:17.205493431Z | 87 | PC: 15353 | Get or set file date and time |
| 2018-12-17T22:47:17.207905334Z | 62 | PC: 152c2 | Close file |
| 2018-12-17T22:47:17.217099705Z | 79 | PC: 15254 | Find next file |
| 2018-12-17T22:47:17.220780871Z | 42 | PC: 153ec | Get date 0x153ec: cmp dh, dl 0x153ee: jne 0x153f0 0x153f0: xor ax, ax 0x153f2: xor bx, bx 0x153f4: mov cx, 0xff 0x153f7: mov bp, sp 0x153f9: mov si, 0x100 0x153fc: jmp si 0x153fe: sub ch, byte ptr [0x6f63] 0x15402: insw word ptr es:[di], dx 0x15403: add byte ptr [bp + di + 0x50], bl 0x15406: jne 0x15456 0x15408: imul dx, word ptr [bp + di + 0x68], 0x7245 0x1540d: sub ax, 0x4949 0x15410: pop bp 0x15411: add byte ptr [bx + si], al 0x15413: add byte ptr [bx + si], al 0x15415: add byte ptr [bx + si], al 0x15417: add byte ptr [bx + si], al 0x15419: add byte ptr [bx + si], al |
| 2018-12-17T22:47:17.223970951Z | 9 | PC: 12a82 | Display string (String= 'Goat file (COM). Size=00002710h/0000010000d bytes. ') |
| 2018-12-17T22:47:17.22935861Z | 76 | PC: 12a86 | Terminate with return code (Return code = '36') |