Sample viewer

vx.netlux.org/Virus.DOS.Caterpillar.1588

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:55:09.846349814Z	53	PC: 13079 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:55:09.847593754Z	61	PC: 12cc6 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:55:09.85458259Z	37	PC: 12cd5 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:55:09.856012138Z	66	PC: 12ce4 \| Move file pointer
2018-12-17T22:55:09.860101831Z	63	PC: 12cf2 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:55:09.865006035Z	62	PC: 12cf6 \| Close file
2018-12-17T22:55:09.867712086Z	37	PC: 12d05 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:55:09.869231023Z	61	PC: 12d45 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:55:09.87865039Z	63	PC: 12d59 \| Read file or device (Read 12 bytes on handle 5)
2018-12-17T22:55:09.881669208Z	66	PC: 12d62 \| Move file pointer
2018-12-17T22:55:09.883572418Z	64	PC: 12d8c \| Write file or device (Write 1591 bytes on handle 5)
2018-12-17T22:55:10.242696949Z	66	PC: 12d95 \| Move file pointer
2018-12-17T22:55:10.246257716Z	64	PC: 12da3 \| Write file or device (Write 12 bytes on handle 5)
2018-12-17T22:55:10.250416769Z	62	PC: 12dab \| Close file
2018-12-17T22:55:10.260630731Z	41	PC: 1401f \| Parse filename
2018-12-17T22:55:10.266950588Z	41	PC: 1403c \| Parse filename
2018-12-17T22:55:10.269520722Z	26	PC: 174e7 \| Set disk transfer address
2018-12-17T22:55:10.272634929Z	64	PC: 19838 \| Write file or device (Write 111 bytes on handle 2)
2018-12-17T22:55:10.286968299Z	64	PC: 19838 \| Write file or device (Write 2 bytes on handle 2)
2018-12-17T22:55:10.290244612Z	100	PC: 19d8b \| Set wait for external event flag
2018-12-17T22:55:10.291835664Z	46	PC: 13d69 \| Set verify flag
2018-12-17T22:55:10.294088782Z	46	PC: 9f64 \| Set verify flag