Sample viewer

vx.netlux.org/Virus.DOS.Urod.773

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:56:44.973763116Z	53	PC: 14f9a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:44.976461917Z	37	PC: 14fab \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:44.978575866Z	53	PC: 14fb0 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:56:44.980321588Z	37	PC: 14fc1 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:56:44.982050338Z	26	PC: 14fec \| Set disk transfer address
2018-12-17T22:56:44.984808485Z	78	PC: 14ff7 \| Find first file
2018-12-17T22:56:44.99216886Z	61	PC: 15006 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:56:44.999980645Z	63	PC: 14f7c \| Read file or device (Read 32 bytes on handle 5)
2018-12-17T22:56:45.00410052Z	66	PC: 14f7c \| Move file pointer
2018-12-17T22:56:45.006261095Z	63	PC: 14f7c \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:56:45.009711355Z	66	PC: 14f7c \| Move file pointer
2018-12-17T22:56:45.01282337Z	64	PC: 14f7c \| Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:56:45.016423005Z	79	PC: 14ff7 \| Find next file
2018-12-17T22:56:45.019544204Z	37	PC: 1520f \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:56:45.02133437Z	37	PC: 1521c \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:45.023016896Z	9	PC: 14f46 \| Display string (String= ' � From a collection of viruses Sergey Mastykov. � Belarus, 210008, Vitebsk-8, mailbox 6. � Voice/Data V34+, HST [+375 (0212) 33-14-58] � E-mail � FidoNet (2:453/4.14) ')
2018-12-17T22:56:45.038544935Z	76	PC: 14f4a \| Terminate with return code (Return code = '36')