Sample viewer

vx.netlux.org/Virus.DOS.PS-MPC.636

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:54:22.866737389Z	26	PC: 1519c \| Set disk transfer address
2018-12-17T22:54:22.869130825Z	71	PC: 151a6 \| Get current directory
2018-12-17T22:54:22.872362465Z	53	PC: 151b0 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:22.87380208Z	37	PC: 151c0 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:22.875543591Z	78	PC: 15241 \| Find first file
2018-12-17T22:54:22.883063876Z	78	PC: 15241 \| Find first file
2018-12-17T22:54:22.890244184Z	61	PC: 153bd \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:54:22.897567159Z	63	PC: 15253 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:54:22.905285006Z	62	PC: 15257 \| Close file
2018-12-17T22:54:22.907490319Z	79	PC: 15241 \| Find next file
2018-12-17T22:54:22.91057856Z	61	PC: 153bd \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:54:22.923797189Z	63	PC: 15253 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:54:22.930914719Z	62	PC: 15257 \| Close file
2018-12-17T22:54:22.933116715Z	79	PC: 15241 \| Find next file
2018-12-17T22:54:22.939094854Z	61	PC: 153bd \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:54:22.946399405Z	63	PC: 15253 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:54:22.953707883Z	62	PC: 15257 \| Close file
2018-12-17T22:54:22.956877156Z	79	PC: 15241 \| Find next file
2018-12-17T22:54:22.960375818Z	61	PC: 153bd \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:54:22.968365025Z	63	PC: 15253 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:54:22.979029146Z	62	PC: 15257 \| Close file
2018-12-17T22:54:22.98193769Z	79	PC: 15241 \| Find next file
2018-12-17T22:54:22.985380025Z	61	PC: 153bd \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:54:22.993497083Z	63	PC: 15253 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:54:23.000550381Z	62	PC: 15257 \| Close file
2018-12-17T22:54:23.002744062Z	79	PC: 15241 \| Find next file
2018-12-17T22:54:23.006147535Z	61	PC: 153bd \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:54:23.014501006Z	63	PC: 15253 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:54:23.021467912Z	62	PC: 15257 \| Close file
2018-12-17T22:54:23.023675159Z	79	PC: 15241 \| Find next file
2018-12-17T22:54:23.027822679Z	61	PC: 153bd \| Open file (Filename = 'PAH.COM')
2018-12-17T22:54:23.035015851Z	63	PC: 15253 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:54:23.042113282Z	62	PC: 15257 \| Close file
2018-12-17T22:54:23.045056571Z	79	PC: 15241 \| Find next file
2018-12-17T22:54:23.048144061Z	61	PC: 153bd \| Open file (Filename = 'TEST.COM')
2018-12-17T22:54:23.055249237Z	63	PC: 15253 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:54:23.06305539Z	62	PC: 15257 \| Close file
2018-12-17T22:54:23.065262085Z	79	PC: 15241 \| Find next file
2018-12-17T22:54:23.068071893Z	59	PC: 151d8 \| Change current directory
2018-12-17T22:54:23.073356018Z	37	PC: 151e6 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:23.074576371Z	59	PC: 151f0 \| Change current directory
2018-12-17T22:54:23.079471626Z	26	PC: 151ff \| Set disk transfer address
2018-12-17T22:54:23.083278777Z	9	PC: 12bb5 \| Display string (String= '')
2018-12-17T22:54:23.085512202Z	9	PC: 12bbc \| Display string (Could not find end pointer)
2018-12-17T22:54:23.096595291Z	76	PC: 12bd2 \| Terminate with return code (Return code = '0')