Sample viewer

vx.netlux.org/Virus.DOS.Bluesky.2063

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:52:02.773700367Z 74 PC: 1c8cc | Reallocate memory
2018-12-17T22:52:02.77560854Z 74 PC: 1c8de | Reallocate memory
2018-12-17T22:52:02.77691458Z 72 PC: 1c8e5 | Allocate memory
2018-12-17T22:52:02.778555255Z 72 PC: 1c8f0 | Allocate memory
2018-12-17T22:52:02.781417893Z 74 PC: 1c92a | Reallocate memory
2018-12-17T22:52:02.783239915Z 74 PC: 9ecae | Reallocate memory
2018-12-17T22:52:02.784664674Z 75 PC: 9ecd7 | Execute program
2018-12-17T22:52:02.803213806Z 48 PC: 2e17e | Get DOS version
2018-12-17T22:52:02.804372601Z 53 PC: 2e287 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.808676141Z 48 PC: 2e17e | Get DOS version
2018-12-17T22:52:02.811386992Z 53 PC: 2e287 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.816962575Z 48 PC: 2e17e | Get DOS version
2018-12-17T22:52:02.819030014Z 53 PC: 2e287 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.82575644Z 48 PC: 2e17e | Get DOS version
2018-12-17T22:52:02.827358866Z 53 PC: 2e287 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.834403627Z 48 PC: 2e17e | Get DOS version
2018-12-17T22:52:02.837049335Z 53 PC: 2e287 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.84105815Z 48 PC: 2e17e | Get DOS version
2018-12-17T22:52:02.842309194Z 53 PC: 2e287 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.856483871Z 48 PC: 2e17e | Get DOS version
2018-12-17T22:52:02.857826217Z 53 PC: 2e287 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.86606294Z 48 PC: 2e17e | Get DOS version
2018-12-17T22:52:02.868645238Z 53 PC: 2e287 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.876966252Z 48 PC: 2e17e | Get DOS version
2018-12-17T22:52:02.878474449Z 53 PC: 2e287 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.886089936Z 48 PC: 2e17e | Get DOS version
2018-12-17T22:52:02.887322557Z 53 PC: 2e287 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.896000309Z 48 PC: 2e17e | Get DOS version
2018-12-17T22:52:02.899232231Z 53 PC: 2e287 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.90671438Z 48 PC: 2e17e | Get DOS version
2018-12-17T22:52:02.908665443Z 53 PC: 2e287 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.915429753Z 48 PC: 2e17e | Get DOS version
2018-12-17T22:52:02.918331283Z 53 PC: 2e287 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.922970467Z 48 PC: 12bac | Get DOS version
2018-12-17T22:52:02.924776257Z 53 PC: 12d0e | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.927417037Z 53 PC: 12d1b | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:52:02.929056486Z 53 PC: 12d28 | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:52:02.930673152Z 53 PC: 12d35 | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:52:02.933019467Z 37 PC: 12d49 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:02.934271768Z 74 PC: 12c36 | Reallocate memory
2018-12-17T22:52:02.936382768Z 68 PC: 131f2 | I/O control for devices (Set for = '')
2018-12-17T22:52:02.939363634Z 74 PC: 1526d | Reallocate memory
2018-12-17T22:52:02.941566018Z 68 PC: 131f2 | I/O control for devices (Set for = 'Borland C++ - Copyright 1991 Borland Intl.')
2018-12-17T22:52:02.945487473Z 53 PC: 1300e | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:52:02.947916878Z 37 PC: 13028 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:52:02.949405857Z 37 PC: 13028 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:52:02.969098976Z 67 PC: 1550a | Get or set file attributes
2018-12-17T22:52:02.976227224Z 54 PC: 9ed82 | Get free disk space
2018-12-17T22:52:02.985510483Z 67 PC: 9edd4 | Get or set file attributes
2018-12-17T22:52:02.990667093Z 61 PC: 9edfa | Open file (Filename = '�&���')
2018-12-17T22:52:02.995016313Z 67 PC: 9ee21 | Get or set file attributes
2018-12-17T22:52:02.998644591Z 61 PC: 162fd | Open file (Filename = '�Ⱥ')
2018-12-17T22:52:03.003091801Z 64 PC: 16d56 | Write file or device (Write 48 bytes on handle 1)
2018-12-17T22:52:03.007575793Z 64 PC: 16d56 | Write file or device (Write 63 bytes on handle 1)
2018-12-17T22:52:03.01050641Z 62 PC: 15636 | Close file
2018-12-17T22:52:03.012583512Z 37 PC: 12d5b | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:03.014007345Z 37 PC: 12d66 | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:52:03.01499764Z 37 PC: 12d71 | Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:52:03.015846417Z 37 PC: 12d7b | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:52:03.017628177Z 62 PC: 15636 | Close file
2018-12-17T22:52:03.018858469Z 62 PC: 15636 | Close file
2018-12-17T22:52:03.020254009Z 62 PC: 15636 | Close file
2018-12-17T22:52:03.022184172Z 62 PC: 15636 | Close file
2018-12-17T22:52:03.023567709Z 62 PC: 15636 | Close file
2018-12-17T22:52:03.024923856Z 76 PC: 12cff | Terminate with return code (Return code = '1')
2018-12-17T22:52:03.027143878Z 73 PC: 9ece0 | Release memory
2018-12-17T22:52:03.028069097Z 77 PC: 9ece4 | Get program return code
2018-12-17T22:52:03.029597379Z 76 PC: 9ece8 | Terminate with return code (Return code = '1')