.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:48:44.632490832Z | 26 | PC: 12a7f | Set disk transfer address |
| 2018-12-17T22:48:44.638369242Z | 78 | PC: 12a8a | Find first file |
| 2018-12-17T22:48:44.644536078Z | 67 | PC: 12ab5 | Get or set file attributes |
| 2018-12-17T22:48:45.126667285Z | 61 | PC: 12ad4 | Open file (Filename = 'SLEEP.COM') |
| 2018-12-17T22:48:45.142010716Z | 66 | PC: 12ae2 | Move file pointer |
| 2018-12-17T22:48:45.143975877Z | 63 | PC: 12aee | Read file or device (Read 4 bytes on handle 5) |
| 2018-12-17T22:48:45.154579235Z | 66 | PC: 12b0f | Move file pointer |
| 2018-12-17T22:48:45.156948417Z | 64 | PC: 12b1a | Write file or device (Write 4 bytes on handle 5) |
| 2018-12-17T22:48:45.160153144Z | 66 | PC: 12b24 | Move file pointer |
| 2018-12-17T22:48:45.161725781Z | 44 | PC: 12b28 | Get time 0x12b28: test dl, dl 0x12b2a: je 0x12b24 0x12b2c: test dh, dh 0x12b2e: jne 0x12b32 0x12b30: mov dh, 0x42 0x12b32: mov word ptr [bp + 0x264], dx 0x12b36: call 0x12ba6 0x12b39: mov ax, 0x4301 0x12b3c: mov cx, word ptr [bp + 0x253] 0x12b40: int 0x21 0x12b42: mov ax, 0x5701 0x12b45: mov cx, word ptr [bp + 0x254] 0x12b49: mov dx, word ptr [bp + 0x256] 0x12b4d: int 0x21 0x12b4f: mov ah, 0x3e 0x12b51: int 0x21 0x12b53: mov ah, 0x1a 0x12b55: mov dx, 0x80 0x12b58: int 0x21 0x12b5a: mov ax, 0x100 |
| 2018-12-17T22:48:45.165288918Z | 64 | PC: 12bb4 | Write file or device (Write 2383 bytes on handle 5) |
| 2018-12-17T22:48:45.175157138Z | 67 | PC: 12b42 | Get or set file attributes |
| 2018-12-17T22:48:45.179466604Z | 87 | PC: 12b4f | Get or set file date and time |
| 2018-12-17T22:48:45.181015371Z | 62 | PC: 12b53 | Close file |
| 2018-12-17T22:48:45.190644366Z | 26 | PC: 12b5a | Set disk transfer address |