Sample viewer

vx.netlux.org/Virus.DOS.Pro-Alife.3423.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:01:16.006760141Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:01:16.008610749Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:01:16.009904248Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:01:16.011076332Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:01:16.013124535Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:01:16.014310735Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:01:16.01546341Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:01:16.017447785Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:01:16.018880186Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:01:16.020336086Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:01:16.021807559Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:01:16.023305485Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:01:16.024770331Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:01:16.026251869Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:01:16.028098423Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:01:16.029540259Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:01:16.031062771Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:01:16.033221351Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:01:16.035440591Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:01:16.037610763Z	37	PC: 13467 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:01:16.038893915Z	37	PC: 1346f \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:01:16.040973335Z	37	PC: 13477 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:01:16.042440451Z	37	PC: 1347f \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:01:16.044260241Z	68	PC: 137ef \| I/O control for devices (Set for = '')
2018-12-17T22:01:16.103183724Z	37	PC: 12e75 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:01:16.107738344Z	58	PC: 142fa \| Remove subdirectory
2018-12-17T22:01:16.116685112Z	25	PC: 14233 \| Get default drive
2018-12-17T22:01:16.11847785Z	71	PC: 14246 \| Get current directory
2018-12-17T22:01:16.121498728Z	59	PC: 142fa \| Change current directory
2018-12-17T22:01:16.12720715Z	14	PC: 1428c \| Set default drive (Drive = 'A')
2018-12-17T22:01:16.129123458Z	25	PC: 14290 \| Get default drive
2018-12-17T22:01:16.13013966Z	59	PC: 142fa \| Change current directory
2018-12-17T22:01:16.316744122Z	54	PC: 12d6a \| Get free disk space
2018-12-17T22:01:16.325677852Z	67	PC: 12dca \| Get or set file attributes
2018-12-17T22:01:16.329336727Z	60	PC: 1407a \| Create or truncate file
2018-12-17T22:01:16.68388794Z	62	PC: 140ca \| Close file
2018-12-17T22:01:16.686540506Z	65	PC: 141c3 \| Delete file (Filename = 'C:\mempatch.exe')
2018-12-17T22:01:16.696068317Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:01:16.697562791Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:01:16.700130417Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:01:16.701568984Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:01:16.702973549Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:01:16.705177816Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:01:16.706904654Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:01:16.708275683Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:01:16.710369341Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:01:16.711930959Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:01:16.713801283Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:01:16.716564318Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:01:16.719193696Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:01:16.720810923Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:01:16.723394362Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:01:16.727091574Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:01:16.733124516Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:01:16.734601159Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:01:16.736472101Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:01:16.737954968Z	76	PC: 135a5 \| Terminate with return code (Return code = '0')