Sample viewer

vx.netlux.org/Virus.DOS.IVP.Birgit.363

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:54:39.254526539Z	26	PC: 12b6f \| Set disk transfer address
2018-12-17T22:54:39.256196349Z	53	PC: 12a6a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:39.257803535Z	37	PC: 12a7c \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:39.259321222Z	71	PC: 12a88 \| Get current directory
2018-12-17T22:54:39.262871405Z	78	PC: 12ac3 \| Find first file
2018-12-17T22:54:39.270015618Z	61	PC: 12b78 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:54:39.277146002Z	63	PC: 12ade \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:54:39.283513651Z	62	PC: 12ae2 \| Close file
2018-12-17T22:54:39.286502153Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.304442385Z	61	PC: 12b78 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:54:39.31607795Z	64	PC: 12b32 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:54:39.324062879Z	66	PC: 12b6a \| Move file pointer
2018-12-17T22:54:39.326505672Z	64	PC: 12b44 \| Write file or device (Write 363 bytes on handle 5)
2018-12-17T22:54:39.334646661Z	87	PC: 12b53 \| Get or set file date and time
2018-12-17T22:54:39.337063701Z	62	PC: 12b57 \| Close file
2018-12-17T22:54:39.344568582Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.354319047Z	79	PC: 12ac3 \| Find next file
2018-12-17T22:54:39.358473813Z	61	PC: 12b78 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:54:39.364936572Z	63	PC: 12ade \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:54:39.371060831Z	62	PC: 12ae2 \| Close file
2018-12-17T22:54:39.373288516Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.383136026Z	61	PC: 12b78 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:54:39.394928497Z	64	PC: 12b32 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:54:39.401898553Z	66	PC: 12b6a \| Move file pointer
2018-12-17T22:54:39.404339313Z	64	PC: 12b44 \| Write file or device (Write 363 bytes on handle 5)
2018-12-17T22:54:39.407240884Z	87	PC: 12b53 \| Get or set file date and time
2018-12-17T22:54:39.408991935Z	62	PC: 12b57 \| Close file
2018-12-17T22:54:39.417347652Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.43117614Z	79	PC: 12ac3 \| Find next file
2018-12-17T22:54:39.4379997Z	61	PC: 12b78 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:54:39.445135265Z	63	PC: 12ade \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:54:39.451948334Z	62	PC: 12ae2 \| Close file
2018-12-17T22:54:39.45532143Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.475248803Z	61	PC: 12b78 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:54:39.482412866Z	64	PC: 12b32 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:54:39.485544675Z	66	PC: 12b6a \| Move file pointer
2018-12-17T22:54:39.487402915Z	64	PC: 12b44 \| Write file or device (Write 363 bytes on handle 5)
2018-12-17T22:54:39.490230105Z	87	PC: 12b53 \| Get or set file date and time
2018-12-17T22:54:39.491554749Z	62	PC: 12b57 \| Close file
2018-12-17T22:54:39.499252033Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.508699788Z	79	PC: 12ac3 \| Find next file
2018-12-17T22:54:39.511061379Z	61	PC: 12b78 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:54:39.519058779Z	63	PC: 12ade \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:54:39.529553223Z	62	PC: 12ae2 \| Close file
2018-12-17T22:54:39.531028517Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.537446157Z	61	PC: 12b78 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:54:39.542060719Z	64	PC: 12b32 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:54:39.544052985Z	66	PC: 12b6a \| Move file pointer
2018-12-17T22:54:39.545191716Z	64	PC: 12b44 \| Write file or device (Write 363 bytes on handle 5)
2018-12-17T22:54:39.547602385Z	87	PC: 12b53 \| Get or set file date and time
2018-12-17T22:54:39.548803817Z	62	PC: 12b57 \| Close file
2018-12-17T22:54:39.562955484Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.573634952Z	79	PC: 12ac3 \| Find next file
2018-12-17T22:54:39.576428857Z	61	PC: 12b78 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:54:39.588326893Z	63	PC: 12ade \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:54:39.5951556Z	62	PC: 12ae2 \| Close file
2018-12-17T22:54:39.596976002Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.601238365Z	61	PC: 12b78 \| Open file (Filename = 'PRINTA~1.COM�')
2018-12-17T22:54:39.606495511Z	64	PC: 12b32 \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:54:39.609170383Z	66	PC: 12b6a \| Move file pointer
2018-12-17T22:54:39.610551347Z	64	PC: 12b44 \| Write file or device (Write 363 bytes on handle 2)
2018-12-17T22:54:39.617329022Z	87	PC: 12b53 \| Get or set file date and time
2018-12-17T22:54:39.618780812Z	62	PC: 12b57 \| Close file
2018-12-17T22:54:39.620344539Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.624648733Z	79	PC: 12ac3 \| Find next file
2018-12-17T22:54:39.627922046Z	61	PC: 12b78 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:54:39.634097275Z	63	PC: 12ade \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:54:39.640334723Z	62	PC: 12ae2 \| Close file
2018-12-17T22:54:39.643184529Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.655631739Z	61	PC: 12b78 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:54:39.662052477Z	64	PC: 12b32 \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:54:39.670341888Z	66	PC: 12b6a \| Move file pointer
2018-12-17T22:54:39.672113712Z	64	PC: 12b44 \| Write file or device (Write 363 bytes on handle 2)
2018-12-17T22:54:39.680211316Z	87	PC: 12b53 \| Get or set file date and time
2018-12-17T22:54:39.683225755Z	62	PC: 12b57 \| Close file
2018-12-17T22:54:39.690766426Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.700577695Z	79	PC: 12ac3 \| Find next file
2018-12-17T22:54:39.704363297Z	61	PC: 12b78 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:54:39.710948933Z	63	PC: 12ade \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:54:39.71777405Z	62	PC: 12ae2 \| Close file
2018-12-17T22:54:39.720780096Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.727031019Z	61	PC: 12b78 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:54:39.731068448Z	64	PC: 12b32 \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:54:39.733461823Z	66	PC: 12b6a \| Move file pointer
2018-12-17T22:54:39.734506532Z	64	PC: 12b44 \| Write file or device (Write 363 bytes on handle 2)
2018-12-17T22:54:39.736270968Z	87	PC: 12b53 \| Get or set file date and time
2018-12-17T22:54:39.737903346Z	62	PC: 12b57 \| Close file
2018-12-17T22:54:39.742511085Z	67	PC: 12b83 \| Get or set file attributes
2018-12-17T22:54:39.748530598Z	79	PC: 12ac3 \| Find next file
2018-12-17T22:54:39.750774516Z	61	PC: 12b78 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:54:39.757597282Z	63	PC: 12ade \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:54:39.763142177Z	62	PC: 12ae2 \| Close file
2018-12-17T22:54:39.764989266Z	79	PC: 12ac3 \| Find next file
2018-12-17T22:54:39.766559925Z	59	PC: 12a97 \| Change current directory
2018-12-17T22:54:39.773475893Z	9	PC: 12aa1 \| Display string (String= 'Birgit ?????.com [IVP] ')
2018-12-17T22:54:39.779974261Z	37	PC: 12aab \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:39.782353817Z	59	PC: 12ab5 \| Change current directory
2018-12-17T22:54:39.783646468Z	26	PC: 12b6f \| Set disk transfer address