Sample viewer

vx.netlux.org/Virus.DOS.Unknown.1293

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:55:30.595289944Z 81 PC: 181c0 | Get current PSP
2018-12-17T22:55:30.59728967Z 81 PC: 181c0 | Get current PSP
2018-12-17T22:55:30.598284596Z 26 PC: 181cd | Set disk transfer address
2018-12-17T22:55:30.60024883Z 78 PC: 181dd | Find first file
2018-12-17T22:55:30.611192971Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:30.615190991Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:30.619173524Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:30.626397948Z 67 PC: 18025 | Get or set file attributes
2018-12-17T22:55:30.966593289Z 61 PC: 18214 | Open file (Filename = 'C:\DOS\SYS.COM')
2018-12-17T22:55:30.976686282Z 63 PC: 182fc | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:55:30.982501562Z 66 PC: 18302 | Move file pointer
2018-12-17T22:55:30.985987058Z 64 PC: 182ec | Write file or device (Write 1332 bytes on handle 5)
2018-12-17T22:55:30.997696102Z 66 PC: 182f5 | Move file pointer
2018-12-17T22:55:30.999351542Z 64 PC: 18063 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:55:31.003292417Z 87 PC: 18075 | Get or set file date and time
2018-12-17T22:55:31.0050447Z 62 PC: 18078 | Close file
2018-12-17T22:55:31.012862039Z 67 PC: 18085 | Get or set file attributes
2018-12-17T22:55:31.02001242Z 81 PC: 181c0 | Get current PSP
2018-12-17T22:55:31.021070134Z 26 PC: 181cd | Set disk transfer address
2018-12-17T22:55:31.022313158Z 78 PC: 181dd | Find first file
2018-12-17T22:55:31.030061042Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:31.033925779Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:31.037393038Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:31.041307602Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:31.044739474Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:31.048167331Z 67 PC: 18025 | Get or set file attributes
2018-12-17T22:55:31.060365311Z 61 PC: 18214 | Open file (Filename = 'C:\DOS\MEM.EXE')
2018-12-17T22:55:31.068175593Z 63 PC: 182fc | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:55:31.074599609Z 66 PC: 18302 | Move file pointer
2018-12-17T22:55:31.077129552Z 64 PC: 182ec | Write file or device (Write 1338 bytes on handle 5)
2018-12-17T22:55:31.086781845Z 66 PC: 182f5 | Move file pointer
2018-12-17T22:55:31.088215711Z 64 PC: 18145 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:55:31.091099121Z 87 PC: 18075 | Get or set file date and time
2018-12-17T22:55:31.093539009Z 62 PC: 18078 | Close file
2018-12-17T22:55:31.101111847Z 67 PC: 18085 | Get or set file attributes
2018-12-17T22:55:31.107379997Z 81 PC: 181c0 | Get current PSP
2018-12-17T22:55:31.109547069Z 26 PC: 181cd | Set disk transfer address
2018-12-17T22:55:31.110993408Z 78 PC: 181dd | Find first file
2018-12-17T22:55:31.117993899Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:31.122200242Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:31.125646401Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:31.129782795Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:31.133307195Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:31.136549883Z 79 PC: 181e5 | Find next file
2018-12-17T22:55:31.139919457Z 67 PC: 18025 | Get or set file attributes
2018-12-17T22:55:31.150946526Z 61 PC: 18214 | Open file (Filename = 'C:\DOS\NLSFUNC.EXE')
2018-12-17T22:55:31.159312142Z 63 PC: 182fc | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:55:31.165834445Z 66 PC: 18302 | Move file pointer
2018-12-17T22:55:31.168228717Z 64 PC: 182ec | Write file or device (Write 1333 bytes on handle 5)
2018-12-17T22:55:31.175876648Z 66 PC: 182f5 | Move file pointer
2018-12-17T22:55:31.177433628Z 64 PC: 18145 | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:55:31.180775302Z 87 PC: 18075 | Get or set file date and time
2018-12-17T22:55:31.182875991Z 62 PC: 18078 | Close file
2018-12-17T22:55:31.190830226Z 67 PC: 18085 | Get or set file attributes
2018-12-17T22:55:31.198057121Z 9 PC: 12a51 | Display string (String= 'This is a mid COM sample!')
2018-12-17T22:55:31.201524969Z 76 PC: 12a56 | Terminate with return code (Return code = '0')