Sample viewer

vx.netlux.org/Virus.DOS.VCL.Spooky.778

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:52:33.04639682Z	53	PC: 12a5f \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:52:33.048606394Z	37	PC: 12a66 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:52:33.050187395Z	37	PC: 12a6a \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:52:33.052041749Z	25	PC: 12c7d \| Get default drive
2018-12-17T22:52:33.05407246Z	14	PC: 12c82 \| Set default drive (Drive = 'C')
2018-12-17T22:52:33.055740431Z	71	PC: 12c87 \| Get current directory
2018-12-17T22:52:33.061446077Z	26	PC: 12c4e \| Set disk transfer address
2018-12-17T22:52:33.063421997Z	78	PC: 12c44 \| Find first file
2018-12-17T22:52:33.072703386Z	67	PC: 12c5c \| Get or set file attributes
2018-12-17T22:52:33.416366449Z	67	PC: 12c5c \| Get or set file attributes
2018-12-17T22:52:33.423513212Z	79	PC: 12c49 \| Find next file
2018-12-17T22:52:33.42664644Z	59	PC: 12c78 \| Change current directory
2018-12-17T22:52:33.430302371Z	26	PC: 12c56 \| Set disk transfer address
2018-12-17T22:52:33.431464279Z	59	PC: 12c78 \| Change current directory
2018-12-17T22:52:33.435469095Z	59	PC: 12c78 \| Change current directory
2018-12-17T22:52:33.43740411Z	14	PC: 12c82 \| Set default drive (Drive = 'A')
2018-12-17T22:52:33.438881134Z	42	PC: 12c8c \| Get date 0x12c8c: ret 0x12c8d: mov ah, 9 0x12c8f: int 0x21 0x12c91: ret 0x12c92: mov ah, 0 0x12c94: int 0x21 0x12c96: ret 0x12c97: add di, word ptr [bx] 0x12c99: aas 0x12c9a: aas 0x12c9b: aas 0x12c9c: aas 0x12c9d: aas 0x12c9e: aas 0x12c9f: aas 0x12ca0: inc bx 0x12ca1: dec di 0x12ca2: dec bp 0x12ca3: pop es 0x12ca4: add al, 0
2018-12-17T22:52:33.450484346Z	53	PC: 12a5f \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:52:33.451992323Z	37	PC: 12a66 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:52:33.45381855Z	37	PC: 12a6a \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:52:33.459037225Z	25	PC: 12c7d \| Get default drive
2018-12-17T22:52:33.460439065Z	14	PC: 12c82 \| Set default drive (Drive = 'C')
2018-12-17T22:52:33.462072045Z	71	PC: 12c87 \| Get current directory
2018-12-17T22:52:33.465785479Z	26	PC: 12c4e \| Set disk transfer address
2018-12-17T22:52:33.467349555Z	78	PC: 12c44 \| Find first file
2018-12-17T22:52:33.473183441Z	67	PC: 12c5c \| Get or set file attributes
2018-12-17T22:52:33.490531301Z	61	PC: 12c39 \| Open file (Filename = 'COMMAND.COM')
2018-12-17T22:52:33.496608059Z	63	PC: 12bfb \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:52:33.49910712Z	66	PC: 12c0f \| Move file pointer
2018-12-17T22:52:33.501376152Z	64	PC: 12c2f \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:52:33.504005486Z	66	PC: 12c05 \| Move file pointer
2018-12-17T22:52:33.505446853Z	64	PC: 12c2f \| Write file or device (Write 778 bytes on handle 5)
2018-12-17T22:52:33.515084901Z	87	PC: 12c3f \| Get or set file date and time
2018-12-17T22:52:33.517392091Z	62	PC: 12c34 \| Close file
2018-12-17T22:52:33.525380231Z	67	PC: 12c5c \| Get or set file attributes
2018-12-17T22:52:33.537774467Z	79	PC: 12c49 \| Find next file
2018-12-17T22:52:33.540514067Z	59	PC: 12c78 \| Change current directory
2018-12-17T22:52:33.544423236Z	26	PC: 12c56 \| Set disk transfer address
2018-12-17T22:52:33.545979795Z	59	PC: 12c78 \| Change current directory
2018-12-17T22:52:33.550998624Z	59	PC: 12c78 \| Change current directory
2018-12-17T22:52:33.553262633Z	14	PC: 12c82 \| Set default drive (Drive = 'A')
2018-12-17T22:52:33.555019936Z	42	PC: 12c8c \| Get date 0x12c8c: ret 0x12c8d: mov ah, 9 0x12c8f: int 0x21 0x12c91: ret 0x12c92: mov ah, 0 0x12c94: int 0x21 0x12c96: ret 0x12c97: add di, word ptr [bx] 0x12c99: aas 0x12c9a: aas 0x12c9b: aas 0x12c9c: aas 0x12c9d: aas 0x12c9e: aas 0x12c9f: aas 0x12ca0: inc bx 0x12ca1: dec di 0x12ca2: dec bp 0x12ca3: pop es 0x12ca4: add al, 0