Sample viewer

vx.netlux.org/Virus.DOS.Vienna.462

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:51:17.568741002Z	47	PC: 12abf \| Get disk transfer address
2018-12-17T22:51:17.570135211Z	26	PC: 12acf \| Set disk transfer address
2018-12-17T22:51:17.574878582Z	37	PC: 12ad8 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:17.576673344Z	78	PC: 12b45 \| Find first file
2018-12-17T22:51:17.58380453Z	67	PC: 12b7a \| Get or set file attributes
2018-12-17T22:51:17.604997132Z	61	PC: 12b83 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:51:17.612361868Z	63	PC: 12b92 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:51:17.620108641Z	66	PC: 12ba2 \| Move file pointer
2018-12-17T22:51:17.622697043Z	64	PC: 12bb6 \| Write file or device (Write 462 bytes on handle 5)
2018-12-17T22:51:17.631463302Z	66	PC: 12bc6 \| Move file pointer
2018-12-17T22:51:17.633292308Z	64	PC: 12bd3 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:51:17.641877896Z	87	PC: 12be6 \| Get or set file date and time
2018-12-17T22:51:17.643464757Z	62	PC: 12bea \| Close file
2018-12-17T22:51:17.650225839Z	67	PC: 12bf9 \| Get or set file attributes
2018-12-17T22:51:17.658809584Z	26	PC: 12c02 \| Set disk transfer address
2018-12-17T22:51:17.660816494Z	37	PC: 12c0c \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:17.66217192Z	13	PC: 12c11 \| Disk reset
2018-12-17T22:51:17.664427668Z	44	PC: 12c1f \| Get time 0x12c1f: or dh, dh 0x12c21: jne 0x12c33 0x12c23: push es 0x12c24: mov ah, 0x52 0x12c26: int 0x21 0x12c28: mov es, word ptr es:[bx - 2] 0x12c2c: mov byte ptr es:[0], 0 0x12c32: pop es 0x12c33: pop ax 0x12c34: xor bx, bx 0x12c36: xor cx, cx 0x12c38: xor dx, dx 0x12c3a: xor si, si 0x12c3c: xor di, di 0x12c3e: mov bp, 0x100 0x12c41: push bp 0x12c42: xor bp, bp 0x12c44: ret 0x12c45: add sp, 6 0x12c48: pop ax
2018-12-17T22:51:17.668014657Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')