Sample viewer

vx.netlux.org/Virus.DOS.Anti-AV.1050

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:51:04.621125791Z 53 PC: 1515e | Get interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-17T22:51:04.626117495Z 65 PC: 1521f | Delete file (Filename = 'chklist.tav')
2018-12-17T22:51:04.632009965Z 65 PC: 1522a | Delete file (Filename = 'chklist.cps')
2018-12-17T22:51:04.637860702Z 65 PC: 15235 | Delete file (Filename = 'chklist.ms')
2018-12-17T22:51:04.656573417Z 53 PC: 15312 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:04.658042636Z 37 PC: 15321 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:04.659451348Z 47 PC: 15505 | Get disk transfer address
2018-12-17T22:51:04.661131346Z 26 PC: 15514 | Set disk transfer address
2018-12-17T22:51:04.674315673Z 78 PC: 153be | Find first file
2018-12-17T22:51:04.678207634Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.680396857Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.682933125Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.685873365Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.688772423Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.692257609Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.695130901Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.697613641Z 67 PC: 153f7 | Get or set file attributes
2018-12-17T22:51:04.703844726Z 67 PC: 15407 | Get or set file attributes
2018-12-17T22:51:04.716549857Z 61 PC: 15416 | Open file (Filename = 'TEST.COM')
2018-12-17T22:51:04.721095182Z 87 PC: 15424 | Get or set file date and time
2018-12-17T22:51:04.722761672Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:51:04.726925243Z 87 PC: 154c7 | Get or set file date and time
2018-12-17T22:51:04.728181031Z 62 PC: 154cb | Close file
2018-12-17T22:51:04.735261726Z 67 PC: 154d8 | Get or set file attributes
2018-12-17T22:51:04.742023723Z 78 PC: 153be | Find first file
2018-12-17T22:51:04.747782833Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.751324774Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.754601584Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.757596415Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.76072516Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.76314587Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.765397082Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.781368225Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.783565618Z 78 PC: 153be | Find first file
2018-12-17T22:51:04.791995992Z 79 PC: 153c4 | Find next file
2018-12-17T22:51:04.795415588Z 67 PC: 153f7 | Get or set file attributes
2018-12-17T22:51:04.801160427Z 67 PC: 15407 | Get or set file attributes
2018-12-17T22:51:05.146223947Z 61 PC: 15416 | Open file (Filename = 'C:\DOS\FORMAT.COM')
2018-12-17T22:51:05.154535515Z 87 PC: 15424 | Get or set file date and time
2018-12-17T22:51:05.157390875Z 63 PC: 15436 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:51:05.163167095Z 66 PC: 15470 | Move file pointer
2018-12-17T22:51:05.166015994Z 64 PC: 15493 | Write file or device (Write 1050 bytes on handle 5)
2018-12-17T22:51:05.173861256Z 66 PC: 154a0 | Move file pointer
2018-12-17T22:51:05.175522773Z 64 PC: 154b6 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:05.178593296Z 87 PC: 154c7 | Get or set file date and time
2018-12-17T22:51:05.180753983Z 62 PC: 154cb | Close file
2018-12-17T22:51:05.187239131Z 67 PC: 154d8 | Get or set file attributes
2018-12-17T22:51:05.19676866Z 26 PC: 15202 | Set disk transfer address
2018-12-17T22:51:05.198665815Z 37 PC: 1533d | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:05.199704385Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=00002710h/0000010000d bytes. ')
2018-12-17T22:51:05.203535893Z 76 PC: 12a86 | Terminate with return code (Return code = '36')