Sample viewer

vx.netlux.org/Virus.DOS.Mix.1618.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:53:34.62305937Z	82	PC: 14e18 \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:53:34.625498191Z	48	PC: 134e6 \| Get DOS version
2018-12-17T22:53:34.626904792Z	74	PC: 13548 \| Reallocate memory
2018-12-17T22:53:34.628531622Z	48	PC: 13590 \| Get DOS version
2018-12-17T22:53:34.630067715Z	68	PC: 1359b \| I/O control for devices (Set for = '=��t>=')
2018-12-17T22:53:34.631950181Z	68	PC: 1359b \| I/O control for devices (Set for = '')
2018-12-17T22:53:34.633406309Z	68	PC: 1359b \| I/O control for devices (Set for = 'ng2 command IF [NOT] EXIST filename command } NOT Specifies that MS-DOS should carry out the command only if the condition is false. � ERRORLEVEL number Specifies a true condition if the last program run returned ')
2018-12-17T22:53:34.634833898Z	68	PC: 1359b \| I/O control for devices
2018-12-17T22:53:34.636945409Z	68	PC: 1359b \| I/O control for devices
2018-12-17T22:53:34.638412085Z	53	PC: 135af \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:34.639626471Z	37	PC: 135c1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:34.642215336Z	48	PC: 136dc \| Get DOS version
2018-12-17T22:53:34.649068501Z	64	PC: 146b9 \| Write file or device (Write 21 bytes on handle 1)
2018-12-17T22:53:34.652180128Z	64	PC: 146d2 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:53:34.658124434Z	62	PC: 13671 \| Close file
2018-12-17T22:53:34.660459658Z	62	PC: 13671 \| Close file
2018-12-17T22:53:34.662591464Z	62	PC: 13671 \| Close file
2018-12-17T22:53:34.665954517Z	62	PC: 13671 \| Close file
2018-12-17T22:53:34.667959861Z	62	PC: 13671 \| Close file
2018-12-17T22:53:34.670438787Z	37	PC: 13695 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:34.672192835Z	76	PC: 1367e \| Terminate with return code (Return code = '1')