Sample viewer

vx.netlux.org/Virus.DOS.AEP.626

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:50:22.417831266Z 53 PC: 12a9d | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:50:22.420192363Z 37 PC: 12aaf | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:50:22.421908173Z 53 PC: 12ab4 | Get interrupt vector (Interrupt = '47' AKA 'Get disk transfer address')
2018-12-17T22:50:22.423615812Z 37 PC: 12ac8 | Set interrupt vector (Interrupt = '47' AKA 'Get disk transfer address')
2018-12-17T22:50:22.425795344Z 53 PC: 12acd | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:50:22.427611005Z 37 PC: 12ae1 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:50:22.428945369Z 74 PC: 12af6 | Reallocate memory
2018-12-17T22:50:22.430571184Z 75 PC: 12b41 | Execute program
2018-12-17T22:50:22.457551577Z 9 PC: 12e27 | Display string (String= 'Loading LAMARK virus!')
2018-12-17T22:50:22.459911244Z 76 PC: 12e2c | Terminate with return code (Return code = '0')
2018-12-17T22:50:22.462687738Z 49 PC: 12b54 | Terminate and stay resident (Return code = '0' | Memory size = '56')