.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:48:39.78018093Z | 26 | PC: 12da9 | Set disk transfer address |
| 2018-12-17T22:48:39.782234328Z | 53 | PC: 12ad8 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:48:39.783779101Z | 37 | PC: 12aee | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:48:39.786343199Z | 71 | PC: 12afe | Get current directory |
| 2018-12-17T22:48:39.789088757Z | 78 | PC: 12b98 | Find first file |
| 2018-12-17T22:48:39.79584949Z | 78 | PC: 12b98 | Find first file |
| 2018-12-17T22:48:39.803564516Z | 61 | PC: 12db4 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:48:39.810228287Z | 63 | PC: 12bbb | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:48:39.816693565Z | 62 | PC: 12bbf | Close file |
| 2018-12-17T22:48:39.819968308Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:39.837858031Z | 61 | PC: 12db4 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:48:39.846078868Z | 64 | PC: 12ccc | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:48:39.853900484Z | 66 | PC: 12da2 | Move file pointer |
| 2018-12-17T22:48:39.85601103Z | 44 | PC: 12cdd | Get time 0x12cdd: cmp dh, 0
0x12ce0: xchg ax, dx
0x12ce1: xchg ax, dx
0x12ce2: je 0x12cd7
0x12ce4: mov byte ptr cs:[bp + 0x520], dh
0x12ce9: xchg ax, dx
0x12cea: xchg ax, dx
0x12ceb: call 0x12e1c
0x12cee: xchg ax, dx
0x12cef: xchg ax, dx
0x12cf0: inc byte ptr cs:[bp + 0x521]
0x12cf5: mov ax, 0x5701
0x12cf8: xchg ax, dx
0x12cf9: xchg ax, dx
0x12cfa: mov cx, word ptr cs:[bp + 0x594]
0x12cff: mov dx, word ptr cs:[bp + 0x596]
0x12d04: xchg ax, dx
0x12d05: xchg ax, dx
0x12d06: int 0x21
0x12d08: mov ah, 0x3e
|
| 2018-12-17T22:48:39.859235609Z | 64 | PC: 12e75 | Write file or device (Write 1037 bytes on handle 5) |
| 2018-12-17T22:48:39.872228712Z | 87 | PC: 12d08 | Get or set file date and time |
| 2018-12-17T22:48:39.874094367Z | 62 | PC: 12d0e | Close file |
| 2018-12-17T22:48:39.882813931Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:39.89489464Z | 79 | PC: 12b98 | Find next file |
| 2018-12-17T22:48:39.897339544Z | 61 | PC: 12db4 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:48:39.903653537Z | 63 | PC: 12bbb | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:48:39.911192763Z | 62 | PC: 12bbf | Close file |
| 2018-12-17T22:48:39.914989998Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:39.927906447Z | 61 | PC: 12db4 | Open file (Filename = 'PRINT.COM') |
| 2018-12-17T22:48:39.933607129Z | 64 | PC: 12ccc | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:48:39.937278607Z | 66 | PC: 12da2 | Move file pointer |
| 2018-12-17T22:48:39.93862693Z | 44 | PC: 12cdd | Get time 0x12cdd: cmp dh, 0
0x12ce0: xchg ax, dx
0x12ce1: xchg ax, dx
0x12ce2: je 0x12cd7
0x12ce4: mov byte ptr cs:[bp + 0x520], dh
0x12ce9: xchg ax, dx
0x12cea: xchg ax, dx
0x12ceb: call 0x12e1c
0x12cee: xchg ax, dx
0x12cef: xchg ax, dx
0x12cf0: inc byte ptr cs:[bp + 0x521]
0x12cf5: mov ax, 0x5701
0x12cf8: xchg ax, dx
0x12cf9: xchg ax, dx
0x12cfa: mov cx, word ptr cs:[bp + 0x594]
0x12cff: mov dx, word ptr cs:[bp + 0x596]
0x12d04: xchg ax, dx
0x12d05: xchg ax, dx
0x12d06: int 0x21
0x12d08: mov ah, 0x3e
|
| 2018-12-17T22:48:39.940796336Z | 64 | PC: 12e75 | Write file or device (Write 1037 bytes on handle 5) |
| 2018-12-17T22:48:39.950041147Z | 87 | PC: 12d08 | Get or set file date and time |
| 2018-12-17T22:48:39.951588915Z | 62 | PC: 12d0e | Close file |
| 2018-12-17T22:48:39.958846191Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:39.968539244Z | 79 | PC: 12b98 | Find next file |
| 2018-12-17T22:48:39.971024644Z | 61 | PC: 12db4 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:48:39.980526738Z | 63 | PC: 12bbb | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:48:39.986758737Z | 62 | PC: 12bbf | Close file |
| 2018-12-17T22:48:39.989875734Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:40.001782385Z | 61 | PC: 12db4 | Open file (Filename = 'HELLO.COM') |
| 2018-12-17T22:48:40.009832972Z | 64 | PC: 12ccc | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:48:40.015791628Z | 66 | PC: 12da2 | Move file pointer |
| 2018-12-17T22:48:40.017723708Z | 44 | PC: 12cdd | Get time 0x12cdd: cmp dh, 0
0x12ce0: xchg ax, dx
0x12ce1: xchg ax, dx
0x12ce2: je 0x12cd7
0x12ce4: mov byte ptr cs:[bp + 0x520], dh
0x12ce9: xchg ax, dx
0x12cea: xchg ax, dx
0x12ceb: call 0x12e1c
0x12cee: xchg ax, dx
0x12cef: xchg ax, dx
0x12cf0: inc byte ptr cs:[bp + 0x521]
0x12cf5: mov ax, 0x5701
0x12cf8: xchg ax, dx
0x12cf9: xchg ax, dx
0x12cfa: mov cx, word ptr cs:[bp + 0x594]
0x12cff: mov dx, word ptr cs:[bp + 0x596]
0x12d04: xchg ax, dx
0x12d05: xchg ax, dx
0x12d06: int 0x21
0x12d08: mov ah, 0x3e
|
| 2018-12-17T22:48:40.022149404Z | 64 | PC: 12e75 | Write file or device (Write 1037 bytes on handle 5) |
| 2018-12-17T22:48:40.033251885Z | 87 | PC: 12d08 | Get or set file date and time |
| 2018-12-17T22:48:40.035392627Z | 62 | PC: 12d0e | Close file |
| 2018-12-17T22:48:40.049967322Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:40.063682201Z | 79 | PC: 12b98 | Find next file |
| 2018-12-17T22:48:40.066987402Z | 61 | PC: 12db4 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:48:40.074658635Z | 63 | PC: 12bbb | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:48:40.082593484Z | 62 | PC: 12bbf | Close file |
| 2018-12-17T22:48:40.085799238Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:40.10028213Z | 61 | PC: 12db4 | Open file (Filename = 'PHANG.COM') |
| 2018-12-17T22:48:40.109174869Z | 64 | PC: 12ccc | Write file or device (Write 5 bytes on handle 5) |
| 2018-12-17T22:48:40.112886904Z | 66 | PC: 12da2 | Move file pointer |
| 2018-12-17T22:48:40.11480089Z | 44 | PC: 12cdd | Get time 0x12cdd: cmp dh, 0
0x12ce0: xchg ax, dx
0x12ce1: xchg ax, dx
0x12ce2: je 0x12cd7
0x12ce4: mov byte ptr cs:[bp + 0x520], dh
0x12ce9: xchg ax, dx
0x12cea: xchg ax, dx
0x12ceb: call 0x12e1c
0x12cee: xchg ax, dx
0x12cef: xchg ax, dx
0x12cf0: inc byte ptr cs:[bp + 0x521]
0x12cf5: mov ax, 0x5701
0x12cf8: xchg ax, dx
0x12cf9: xchg ax, dx
0x12cfa: mov cx, word ptr cs:[bp + 0x594]
0x12cff: mov dx, word ptr cs:[bp + 0x596]
0x12d04: xchg ax, dx
0x12d05: xchg ax, dx
0x12d06: int 0x21
0x12d08: mov ah, 0x3e
|
| 2018-12-17T22:48:40.117890645Z | 64 | PC: 12e75 | Write file or device (Write 1037 bytes on handle 5) |
| 2018-12-17T22:48:40.129309811Z | 87 | PC: 12d08 | Get or set file date and time |
| 2018-12-17T22:48:40.131282558Z | 62 | PC: 12d0e | Close file |
| 2018-12-17T22:48:40.139901452Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:40.151336408Z | 79 | PC: 12b98 | Find next file |
| 2018-12-17T22:48:40.154697854Z | 61 | PC: 12db4 | Open file (Filename = 'PRINTA~1.COM') |
| 2018-12-17T22:48:40.162302162Z | 63 | PC: 12bbb | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:48:40.170774922Z | 62 | PC: 12bbf | Close file |
| 2018-12-17T22:48:40.172914492Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:40.177613991Z | 61 | PC: 12db4 | Open file (Filename = 'PRINTA~1.COM��') |
| 2018-12-17T22:48:40.183375898Z | 64 | PC: 12ccc | Write file or device (Write 5 bytes on handle 2) |
| 2018-12-17T22:48:40.186396644Z | 66 | PC: 12da2 | Move file pointer |
| 2018-12-17T22:48:40.187970882Z | 44 | PC: 12cdd | Get time 0x12cdd: cmp dh, 0
0x12ce0: xchg ax, dx
0x12ce1: xchg ax, dx
0x12ce2: je 0x12cd7
0x12ce4: mov byte ptr cs:[bp + 0x520], dh
0x12ce9: xchg ax, dx
0x12cea: xchg ax, dx
0x12ceb: call 0x12e1c
0x12cee: xchg ax, dx
0x12cef: xchg ax, dx
0x12cf0: inc byte ptr cs:[bp + 0x521]
0x12cf5: mov ax, 0x5701
0x12cf8: xchg ax, dx
0x12cf9: xchg ax, dx
0x12cfa: mov cx, word ptr cs:[bp + 0x594]
0x12cff: mov dx, word ptr cs:[bp + 0x596]
0x12d04: xchg ax, dx
0x12d05: xchg ax, dx
0x12d06: int 0x21
0x12d08: mov ah, 0x3e
|
| 2018-12-17T22:48:40.191660204Z | 64 | PC: 12e75 | Write file or device (Write 1037 bytes on handle 2) |
| 2018-12-17T22:48:40.20276574Z | 87 | PC: 12d08 | Get or set file date and time |
| 2018-12-17T22:48:40.204423465Z | 62 | PC: 12d0e | Close file |
| 2018-12-17T22:48:40.207006829Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:40.212936641Z | 79 | PC: 12b98 | Find next file |
| 2018-12-17T22:48:40.216151291Z | 61 | PC: 12db4 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:48:40.223318147Z | 63 | PC: 12bbb | Read file or device (Read 26 bytes on handle 2) |
| 2018-12-17T22:48:40.231130747Z | 62 | PC: 12bbf | Close file |
| 2018-12-17T22:48:40.23322945Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:40.245605714Z | 61 | PC: 12db4 | Open file (Filename = 'MANDEL.COM') |
| 2018-12-17T22:48:40.254295922Z | 64 | PC: 12ccc | Write file or device (Write 5 bytes on handle 2) |
| 2018-12-17T22:48:40.257742058Z | 66 | PC: 12da2 | Move file pointer |
| 2018-12-17T22:48:40.259767563Z | 44 | PC: 12cdd | Get time 0x12cdd: cmp dh, 0
0x12ce0: xchg ax, dx
0x12ce1: xchg ax, dx
0x12ce2: je 0x12cd7
0x12ce4: mov byte ptr cs:[bp + 0x520], dh
0x12ce9: xchg ax, dx
0x12cea: xchg ax, dx
0x12ceb: call 0x12e1c
0x12cee: xchg ax, dx
0x12cef: xchg ax, dx
0x12cf0: inc byte ptr cs:[bp + 0x521]
0x12cf5: mov ax, 0x5701
0x12cf8: xchg ax, dx
0x12cf9: xchg ax, dx
0x12cfa: mov cx, word ptr cs:[bp + 0x594]
0x12cff: mov dx, word ptr cs:[bp + 0x596]
0x12d04: xchg ax, dx
0x12d05: xchg ax, dx
0x12d06: int 0x21
0x12d08: mov ah, 0x3e
|
| 2018-12-17T22:48:40.263699671Z | 64 | PC: 12e75 | Write file or device (Write 1037 bytes on handle 2) |
| 2018-12-17T22:48:40.273725178Z | 87 | PC: 12d08 | Get or set file date and time |
| 2018-12-17T22:48:40.27576462Z | 62 | PC: 12d0e | Close file |
| 2018-12-17T22:48:40.285118736Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:40.296068691Z | 79 | PC: 12b98 | Find next file |
| 2018-12-17T22:48:40.299372608Z | 61 | PC: 12db4 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:48:40.3091289Z | 63 | PC: 12bbb | Read file or device (Read 26 bytes on handle 2) |
| 2018-12-17T22:48:40.316434667Z | 62 | PC: 12bbf | Close file |
| 2018-12-17T22:48:40.318911671Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:40.330504303Z | 61 | PC: 12db4 | Open file (Filename = 'PAH.COM') |
| 2018-12-17T22:48:40.336891314Z | 64 | PC: 12ccc | Write file or device (Write 5 bytes on handle 2) |
| 2018-12-17T22:48:40.339190384Z | 66 | PC: 12da2 | Move file pointer |
| 2018-12-17T22:48:40.340450091Z | 44 | PC: 12cdd | Get time 0x12cdd: cmp dh, 0
0x12ce0: xchg ax, dx
0x12ce1: xchg ax, dx
0x12ce2: je 0x12cd7
0x12ce4: mov byte ptr cs:[bp + 0x520], dh
0x12ce9: xchg ax, dx
0x12cea: xchg ax, dx
0x12ceb: call 0x12e1c
0x12cee: xchg ax, dx
0x12cef: xchg ax, dx
0x12cf0: inc byte ptr cs:[bp + 0x521]
0x12cf5: mov ax, 0x5701
0x12cf8: xchg ax, dx
0x12cf9: xchg ax, dx
0x12cfa: mov cx, word ptr cs:[bp + 0x594]
0x12cff: mov dx, word ptr cs:[bp + 0x596]
0x12d04: xchg ax, dx
0x12d05: xchg ax, dx
0x12d06: int 0x21
0x12d08: mov ah, 0x3e
|
| 2018-12-17T22:48:40.343049214Z | 64 | PC: 12e75 | Write file or device (Write 1037 bytes on handle 2) |
| 2018-12-17T22:48:40.350070236Z | 87 | PC: 12d08 | Get or set file date and time |
| 2018-12-17T22:48:40.35191348Z | 62 | PC: 12d0e | Close file |
| 2018-12-17T22:48:40.359027606Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:40.369183889Z | 79 | PC: 12b98 | Find next file |
| 2018-12-17T22:48:40.373304792Z | 61 | PC: 12db4 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:48:40.381896946Z | 63 | PC: 12bbb | Read file or device (Read 26 bytes on handle 2) |
| 2018-12-17T22:48:40.389203024Z | 62 | PC: 12bbf | Close file |
| 2018-12-17T22:48:40.391571234Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:40.403237835Z | 61 | PC: 12db4 | Open file (Filename = 'TEST.COM') |
| 2018-12-17T22:48:40.410979681Z | 64 | PC: 12ccc | Write file or device (Write 5 bytes on handle 2) |
| 2018-12-17T22:48:40.414240628Z | 66 | PC: 12da2 | Move file pointer |
| 2018-12-17T22:48:40.416361603Z | 44 | PC: 12cdd | Get time 0x12cdd: cmp dh, 0
0x12ce0: xchg ax, dx
0x12ce1: xchg ax, dx
0x12ce2: je 0x12cd7
0x12ce4: mov byte ptr cs:[bp + 0x520], dh
0x12ce9: xchg ax, dx
0x12cea: xchg ax, dx
0x12ceb: call 0x12e1c
0x12cee: xchg ax, dx
0x12cef: xchg ax, dx
0x12cf0: inc byte ptr cs:[bp + 0x521]
0x12cf5: mov ax, 0x5701
0x12cf8: xchg ax, dx
0x12cf9: xchg ax, dx
0x12cfa: mov cx, word ptr cs:[bp + 0x594]
0x12cff: mov dx, word ptr cs:[bp + 0x596]
0x12d04: xchg ax, dx
0x12d05: xchg ax, dx
0x12d06: int 0x21
0x12d08: mov ah, 0x3e
|
| 2018-12-17T22:48:40.419156445Z | 64 | PC: 12e75 | Write file or device (Write 1037 bytes on handle 2) |
| 2018-12-17T22:48:40.42926093Z | 87 | PC: 12d08 | Get or set file date and time |
| 2018-12-17T22:48:40.431090748Z | 62 | PC: 12d0e | Close file |
| 2018-12-17T22:48:40.453683599Z | 67 | PC: 12dc5 | Get or set file attributes |
| 2018-12-17T22:48:40.4688257Z | 79 | PC: 12b98 | Find next file |
| 2018-12-17T22:48:40.471774581Z | 59 | PC: 12b1e | Change current directory |
| 2018-12-17T22:48:40.477631125Z | 42 | PC: 12d21 | Get date 0x12d21: xchg ax, dx
0x12d22: xchg ax, dx
0x12d23: cmp cx, 0x7cb
0x12d27: jb 0x12d95
0x12d29: cmp dh, 6
0x12d2c: jb 0x12d95
0x12d2e: cmp dl, 5
0x12d31: jb 0x12d95
0x12d33: cmp al, 2
0x12d35: jb 0x12d95
0x12d37: xchg ax, dx
0x12d38: xchg ax, dx
0x12d39: mov ah, 0x2c
0x12d3b: int 0x21
0x12d3d: xchg ax, dx
0x12d3e: xchg ax, dx
0x12d3f: cmp ch, 9
0x12d42: jb 0x12d95
0x12d44: cmp cl, 1
0x12d47: jb 0x12d95
|
| 2018-12-17T22:48:40.480315459Z | 37 | PC: 12b31 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:48:40.481898994Z | 59 | PC: 12b3f | Change current directory |
| 2018-12-17T22:48:40.485781519Z | 26 | PC: 12da9 | Set disk transfer address |
