.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:48:42.606349499Z | 65 | PC: 12a7b | Delete file (Filename = '\NCDTREE') |
| 2018-12-17T22:48:42.621855181Z | 47 | PC: 12d8a | Get disk transfer address |
| 2018-12-17T22:48:42.622935614Z | 26 | PC: 12da8 | Set disk transfer address |
| 2018-12-17T22:48:42.62386249Z | 53 | PC: 12dae | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:48:42.625343148Z | 37 | PC: 12dc9 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:48:42.626360233Z | 78 | PC: 12e18 | Find first file |
| 2018-12-17T22:48:42.632001293Z | 61 | PC: 12ec6 | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:48:42.64378361Z | 63 | PC: 12ed5 | Read file or device (Read 26 bytes on handle 5) |
| 2018-12-17T22:48:42.649851521Z | 62 | PC: 12edb | Close file |
| 2018-12-17T22:48:42.651431257Z | 67 | PC: 12f0e | Get or set file attributes |
| 2018-12-17T22:48:42.694413668Z | 61 | PC: 12f1d | Open file (Filename = 'TEST.EXE') |
| 2018-12-17T22:48:42.701593605Z | 66 | PC: 12f2c | Move file pointer |
| 2018-12-17T22:48:42.703437347Z | 64 | PC: 12f3e | Write file or device (Write 5185 bytes on handle 5) |
| 2018-12-17T22:48:42.713891758Z | 66 | PC: 12fd4 | Move file pointer |
| 2018-12-17T22:48:42.715767416Z | 64 | PC: 12fe6 | Write file or device (Write 59650 bytes on handle 5) |
| 2018-12-17T22:48:42.728407131Z | 66 | PC: 12ff2 | Move file pointer |
| 2018-12-17T22:48:42.733230135Z | 64 | PC: 13001 | Write file or device (Write 26 bytes on handle 5) |
| 2018-12-17T22:48:42.735933479Z | 87 | PC: 13010 | Get or set file date and time |
| 2018-12-17T22:48:42.737302038Z | 62 | PC: 13016 | Close file |
| 2018-12-17T22:48:42.745508383Z | 67 | PC: 1302b | Get or set file attributes |
| 2018-12-17T22:48:42.747939723Z | 79 | PC: 12e18 | Find next file |
| 2018-12-17T22:48:42.750388616Z | 37 | PC: 12e48 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:48:42.751633171Z | 26 | PC: 12e63 | Set disk transfer address |
| 2018-12-17T22:48:42.754224357Z | 53 | PC: 1304c | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:48:42.755504346Z | 37 | PC: 13067 | Set interrupt vector (Interrupt = '1' AKA 'Character input') |