.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:48:50.650773071Z | 48 | PC: 12a4c | Get DOS version |
| 2018-12-17T22:48:50.6530307Z | 53 | PC: 12bab | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:48:50.654355348Z | 53 | PC: 12bb8 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T22:48:50.655715327Z | 53 | PC: 12bc5 | Get interrupt vector (Interrupt = '5' AKA 'Printer output') |
| 2018-12-17T22:48:50.656983776Z | 53 | PC: 12bd2 | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O') |
| 2018-12-17T22:48:50.658868637Z | 37 | PC: 12be6 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:48:50.660137629Z | 74 | PC: 12af4 | Reallocate memory |
| 2018-12-17T22:48:50.662432238Z | 68 | PC: 14ecb | I/O control for devices (Set for = '����') |
| 2018-12-17T22:48:50.6650929Z | 68 | PC: 14ecb | I/O control for devices (Set for = '����') |
| 2018-12-17T22:48:50.66776213Z | 42 | PC: 1400c | Get date 0x1400c: mov word ptr [si], cx
0x1400e: mov word ptr [si + 2], dx
0x14011: pop si
0x14012: pop bp
0x14013: ret
0x14014: push bp
0x14015: mov bp, sp
0x14017: push si
0x14018: mov si, word ptr [bp + 4]
0x1401b: mov ah, 0x2c
0x1401d: int 0x21
0x1401f: mov word ptr [si], cx
0x14021: mov word ptr [si + 2], dx
0x14024: pop si
0x14025: pop bp
0x14026: ret
0x14027: push bp
0x14028: mov bp, sp
0x1402a: sub sp, 6
0x1402d: push si
|
| 2018-12-17T22:48:50.670367961Z | 44 | PC: 1401f | Get time 0x1401f: mov word ptr [si], cx
0x14021: mov word ptr [si + 2], dx
0x14024: pop si
0x14025: pop bp
0x14026: ret
0x14027: push bp
0x14028: mov bp, sp
0x1402a: sub sp, 6
0x1402d: push si
0x1402e: push di
0x1402f: mov di, word ptr [bp + 6]
0x14032: push di
0x14033: mov ax, word ptr [bp + 0xc]
0x14036: or ax, 2
0x14039: push ax
0x1403a: call 0x153a2
0x1403d: mov di, ax
0x1403f: or ax, ax
0x14041: jne 0x1404e
0x14043: mov word ptr [0x92], 2
|
| 2018-12-17T22:48:50.674474034Z | 61 | PC: 151be | Open file (Filename = 'A:\TEST.EXE') |
| 2018-12-17T22:48:50.681925125Z | 68 | PC: 14e6f | I/O control for devices (Set for = '��') |
| 2018-12-17T22:48:50.683480778Z | 66 | PC: 14eef | Move file pointer |
| 2018-12-17T22:48:50.686077473Z | 63 | PC: 152a7 | Read file or device (Read 420 bytes on handle 5) |
| 2018-12-17T22:48:50.693929276Z | 62 | PC: 14b34 | Close file |
| 2018-12-17T22:48:50.696346859Z | 42 | PC: 1400c | Get date 0x1400c: mov word ptr [si], cx
0x1400e: mov word ptr [si + 2], dx
0x14011: pop si
0x14012: pop bp
0x14013: ret
0x14014: push bp
0x14015: mov bp, sp
0x14017: push si
0x14018: mov si, word ptr [bp + 4]
0x1401b: mov ah, 0x2c
0x1401d: int 0x21
0x1401f: mov word ptr [si], cx
0x14021: mov word ptr [si + 2], dx
0x14024: pop si
0x14025: pop bp
0x14026: ret
0x14027: push bp
0x14028: mov bp, sp
0x1402a: sub sp, 6
0x1402d: push si
|
| 2018-12-17T22:48:50.699422722Z | 46 | PC: 14dbc | Set verify flag |
| 2018-12-17T22:48:50.700603532Z | 37 | PC: 14da7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:48:50.703423727Z | 14 | PC: 14b0c | Set default drive (Drive = 'U') |
| 2018-12-17T22:48:50.707080601Z | 47 | PC: 14c4b | Get disk transfer address |
| 2018-12-17T22:48:50.711523262Z | 26 | PC: 14c54 | Set disk transfer address |
| 2018-12-17T22:48:50.712644808Z | 78 | PC: 14c5e | Find first file |
| 2018-12-17T22:48:50.715546606Z | 26 | PC: 14c67 | Set disk transfer address |
| 2018-12-17T22:48:50.717202039Z | 61 | PC: 151be | Open file (Filename = '') |
| 2018-12-17T22:48:50.725723862Z | 68 | PC: 14e6f | I/O control for devices (Set for = '��W�J�W�U�W�W����') |
| 2018-12-17T22:48:50.727464935Z | 66 | PC: 14eef | Move file pointer |
| 2018-12-17T22:48:50.729968251Z | 64 | PC: 15df1 | Write file or device (Write 420 bytes on handle 5) |
| 2018-12-17T22:48:50.738015646Z | 87 | PC: 14d75 | Get or set file date and time |
| 2018-12-17T22:48:50.739733156Z | 87 | PC: 1554c | Get or set file date and time |
| 2018-12-17T22:48:50.742134047Z | 62 | PC: 14b34 | Close file |
| 2018-12-17T22:48:50.758626448Z | 47 | PC: 14c4b | Get disk transfer address |
| 2018-12-17T22:48:50.759747493Z | 26 | PC: 14c54 | Set disk transfer address |
| 2018-12-17T22:48:50.761492484Z | 78 | PC: 14c5e | Find first file |
| 2018-12-17T22:48:50.768382356Z | 26 | PC: 14c67 | Set disk transfer address |
| 2018-12-17T22:48:50.771024023Z | 64 | PC: 15df1 | Write file or device (Write 26 bytes on handle 1) |
| 2018-12-17T22:48:50.777325713Z | 37 | PC: 12bf2 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:48:50.779003273Z | 37 | PC: 12bfd | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output') |
| 2018-12-17T22:48:50.780481382Z | 37 | PC: 12c08 | Set interrupt vector (Interrupt = '5' AKA 'Printer output') |
| 2018-12-17T22:48:50.782168481Z | 37 | PC: 12c13 | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O') |
| 2018-12-17T22:48:50.784105135Z | 64 | PC: 12c5f | Write file or device (Write 25 bytes on handle 2) |
| 2018-12-17T22:48:50.790198195Z | 76 | PC: 12b9c | Terminate with return code (Return code = '1') |
