Sample viewer

vx.netlux.org/Virus.DOS.Bluesky.1360

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:53:17.634753593Z	200	PC: 12f8c \| UNKNOWN!
2018-12-17T22:53:17.635904334Z	73	PC: 12fb8 \| Release memory
2018-12-17T22:53:17.638676902Z	72	PC: 12fbf \| Allocate memory
2018-12-17T22:53:17.640900699Z	72	PC: 12fc7 \| Allocate memory
2018-12-17T22:53:17.642833049Z	72	PC: 12fcf \| Allocate memory
2018-12-17T22:53:17.645763003Z	72	PC: 12fda \| Allocate memory
2018-12-17T22:53:17.649021624Z	73	PC: 12fe1 \| Release memory
2018-12-17T22:53:17.650825032Z	53	PC: 9f23e \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:53:17.65320383Z	53	PC: 9f24b \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:53:17.654963526Z	37	PC: 9f268 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:53:17.656415003Z	37	PC: 9f270 \| Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:53:17.658912694Z	48	PC: 12cae \| Get DOS version
2018-12-17T22:53:17.662164863Z	9	PC: 12b0b \| Display string (String= '��~j��!� win TEMP=C:\WINDOWS\TEMP (C) Copr 1987, ')
2018-12-17T22:53:17.664801907Z	9	PC: 12b13 \| Display string (String= 'l��!� win TEMP=C:\WINDOWS\TEMP (C) Copr 1987, ')
2018-12-17T22:53:17.66741243Z	9	PC: 12b1b \| Display string (Could not find end pointer)
2018-12-17T22:53:17.670525848Z	9	PC: 12b23 \| Display string (Could not find end pointer)
2018-12-17T22:53:17.675991496Z	9	PC: 12b2b \| Display string (String= ' win TEMP=C:\WINDOWS\TEMP (C) Copr 1987, ')
2018-12-17T22:53:17.681197996Z	76	PC: 12b7b \| Terminate with return code (Return code = '0')