Sample viewer

vx.netlux.org/Virus.DOS.Lifeform.2056

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:53:56.960103198Z 58 PC: 12a83 | Remove subdirectory
2018-12-17T22:53:56.967692638Z 77 PC: 11fe0 | Get program return code
2018-12-17T22:53:56.969450136Z 72 PC: 12174 | Allocate memory
2018-12-17T22:53:56.971632695Z 72 PC: 1218d | Allocate memory
2018-12-17T22:53:56.974518315Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:53:56.977272451Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:53:56.979947528Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:56.983233267Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:56.985013617Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:56.987061129Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:56.989210956Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:56.994769201Z 62 PC: 122ab | Close file
2018-12-17T22:53:56.996961385Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:56.997951052Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.000784098Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.003276363Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.00469146Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.008321302Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.009446748Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.011269546Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.013670715Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.016492418Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.018967517Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.02024332Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.024456468Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.029927058Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.031232485Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.035777452Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.037102744Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.039253126Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.042411121Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.043882368Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.046305814Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.048079173Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.050028299Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.05221844Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.0538064Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.056236275Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.057447754Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.059441006Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.062535255Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.064261117Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.066944597Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.068925404Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.070820428Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.073043272Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.074615613Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.076687448Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.077610464Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.092343381Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.09450813Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.095934026Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.099190051Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.100757833Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.102819355Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.105905572Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.107065732Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.109419453Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.111068331Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.113017342Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.115537115Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.117070035Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.120309893Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.12236676Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.124734675Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.127827167Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.129039143Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.131198362Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.132742433Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.135283134Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.137435605Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.144757613Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.146947035Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.147931472Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.150323867Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.153708377Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.155130121Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.157521787Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.159145381Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:53:57.160932548Z 62 PC: 9f1fe | Close file
2018-12-17T22:53:57.16305464Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:53:57.16515805Z 62 PC: 122ab | Close file
2018-12-17T22:53:57.181114789Z 99 PC: 995a7 | Get DBCS lead byte table pointer
2018-12-17T22:53:57.182976499Z 56 PC: 93dc9 | Get or set country info
2018-12-17T22:53:57.186404812Z 64 PC: 99818 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:53:57.191680852Z 25 PC: 93e32 | Get default drive
2018-12-17T22:53:57.193425224Z 71 PC: 960ad | Get current directory
2018-12-17T22:53:57.198450297Z 64 PC: 99818 | Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:53:57.202186161Z 2 PC: 96082 | Character output (Char = '3e')
2018-12-17T22:53:57.206449619Z 93 PC: 93ef0 | File sharing functions
2018-12-17T22:53:57.208812349Z 93 PC: 93ef7 | File sharing functions
2018-12-17T22:53:57.210944836Z 10 PC: 93f09 | Buffered keyboard input
2018-12-17T22:54:11.95012344Z 0 PC: 0 | Program terminate
2018-12-17T22:54:13.349550522Z 0 PC: 0 | Program terminate
2018-12-17T22:54:13.459473857Z 64 PC: 99818 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:54:13.467621489Z 41 PC: 93f7e | Parse filename
2018-12-17T22:54:13.471607399Z 41 PC: 93fff | Parse filename
2018-12-17T22:54:13.473785582Z 41 PC: 9401c | Parse filename
2018-12-17T22:54:13.477505636Z 26 PC: 974c7 | Set disk transfer address
2018-12-17T22:54:13.480136939Z 71 PC: 976c3 | Get current directory
2018-12-17T22:54:13.505680524Z 78 PC: 9eda8 | Find first file
2018-12-17T22:54:13.529881323Z 98 PC: 9f0d1 | Get current PSP
2018-12-17T22:54:13.531008218Z 47 PC: 9edda | Get disk transfer address
2018-12-17T22:54:13.532890828Z 71 PC: 9753c | Get current directory
2018-12-17T22:54:13.536695188Z 73 PC: 96bd9 | Release memory
2018-12-17T22:54:13.53965337Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.540837921Z 42 PC: 9f1fe | Get date 0x9f1fe: retf 2
0x9f201: push bx
0x9f202: push cx
0x9f203: push dx
0x9f204: mov ax, 0xfa02
0x9f207: mov dx, 0x5945
0x9f20a: mov bl, 0
0x9f20c: int3
0x9f20d: mov byte ptr cs:[0x7f7], cl
0x9f212: pop dx
0x9f213: pop cx
0x9f214: pop bx
0x9f215: ret
0x9f216: push bx
0x9f217: push cx
0x9f218: push dx
0x9f219: mov ax, 0xfa02
0x9f21c: mov dx, 0x5945
0x9f21f: mov bl, byte ptr cs:[0x7f7]
0x9f224: and bl, 0xfb
2018-12-17T22:54:13.543607119Z 67 PC: 9f1fe | Get or set file attributes
2018-12-17T22:54:13.551528712Z 65 PC: 9f1fe | Delete file
2018-12-17T22:54:13.558374109Z 67 PC: 9f1fe | Get or set file attributes
2018-12-17T22:54:13.565180659Z 65 PC: 9f1fe | Delete file
2018-12-17T22:54:13.572784958Z 67 PC: 9f1fe | Get or set file attributes
2018-12-17T22:54:13.580544402Z 65 PC: 9f1fe | Delete file (Filename = ' drive %1 Invalid COMMAND.COM !Insert disk with %1 in drive %2 !Press any key to continue . . .  Terminate batch job (Y/N)?Cannot execute %1 Error in EXE file "Program too big to fit in memory  No free file handlesBad Command or file name ')
2018-12-17T22:54:13.587033991Z 67 PC: 9f1fe | Get or set file attributes
2018-12-17T22:54:13.594168772Z 65 PC: 9f1fe | Delete file
2018-12-17T22:54:13.601034384Z 67 PC: 9f1fe | Get or set file attributes
2018-12-17T22:54:13.607871666Z 65 PC: 9f1fe | Delete file
2018-12-17T22:54:13.616546694Z 67 PC: 9f1fe | Get or set file attributes
2018-12-17T22:54:13.622949004Z 65 PC: 9f1fe | Delete file
2018-12-17T22:54:13.629719032Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.631296175Z 75 PC: 11821 | Execute program
2018-12-17T22:54:13.64677819Z 9 PC: 12a47 | Display string (String= 'Hello, World! ')
2018-12-17T22:54:13.651360106Z 76 PC: 12a4b | Terminate with return code (Return code = '36')
2018-12-17T22:54:13.655947921Z 77 PC: 11fe0 | Get program return code
2018-12-17T22:54:13.658046903Z 72 PC: 12174 | Allocate memory
2018-12-17T22:54:13.660925843Z 72 PC: 1218d | Allocate memory
2018-12-17T22:54:13.663787338Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:54:13.665567622Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:54:13.667464149Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:13.669771717Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.671210243Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.673386946Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.67610327Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.677735551Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.68025575Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.681785727Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.6848278Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.687427776Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.689139098Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.691833085Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.693123389Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.695525358Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.698320665Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.699944541Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.702802589Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.704236998Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.706420057Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.709093829Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.710686326Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.712845082Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.714291221Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.717063472Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.719533597Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.721018683Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.724102518Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.72539941Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.727808289Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.731524538Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.73271058Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.735573758Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.737697771Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.740881473Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.743394848Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.745561888Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.748229068Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.749442315Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.752285079Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.755745332Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.757258505Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.760436422Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.761805642Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.763983996Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.767617393Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.768860064Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.771167763Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.773140124Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.776169694Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.778662484Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.780907231Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.783473021Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.784764145Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.787689747Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.790030294Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.791440106Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.794636103Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.79591206Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.798100459Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.801527438Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.80324638Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.805725818Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.807821046Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.810199622Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.81269918Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.814836479Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.816989154Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.817777607Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.819675869Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.822364093Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.823679106Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.825755614Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.827660187Z 69 PC: 9f1fe | Duplicate handle
2018-12-17T22:54:13.829271567Z 62 PC: 9f1fe | Close file
2018-12-17T22:54:13.831374102Z 250 PC: 9f1fe | UNKNOWN!
2018-12-17T22:54:13.833025599Z 62 PC: 122ab | Close file
2018-12-17T22:54:13.836271178Z 99 PC: 995a7 | Get DBCS lead byte table pointer
2018-12-17T22:54:13.837626492Z 56 PC: 93dc9 | Get or set country info
2018-12-17T22:54:13.840316957Z 64 PC: 99818 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:54:13.845558586Z 25 PC: 93e32 | Get default drive
2018-12-17T22:54:13.847528375Z 71 PC: 960ad | Get current directory
2018-12-17T22:54:13.852514668Z 64 PC: 99818 | Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:54:13.856273223Z 2 PC: 96082 | Character output (Char = '3e')
2018-12-17T22:54:13.860014844Z 93 PC: 93ef0 | File sharing functions
2018-12-17T22:54:13.863021554Z 93 PC: 93ef7 | File sharing functions
2018-12-17T22:54:13.86554064Z 10 PC: 93f09 | Buffered keyboard input