Sample viewer

vx.netlux.org/Virus.DOS.PS-MPC.734

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:57:40.199044092Z	26	PC: 14074 \| Set disk transfer address
2018-12-17T22:57:40.20092602Z	53	PC: 13e83 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:40.204406022Z	37	PC: 13e95 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:40.207267782Z	71	PC: 13ea1 \| Get current directory
2018-12-17T22:57:40.216222024Z	78	PC: 13f17 \| Find first file
2018-12-17T22:57:40.226197376Z	78	PC: 13f17 \| Find first file
2018-12-17T22:57:40.235020803Z	61	PC: 1407d \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:57:40.242398972Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.253628262Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.255867712Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.258852513Z	61	PC: 1407d \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:57:40.267087143Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.2744001Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.276856628Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.280870002Z	61	PC: 1407d \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:57:40.288345004Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.295732231Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.298571718Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.302153922Z	61	PC: 1407d \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:57:40.309645876Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.317337455Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.320291979Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.323457089Z	61	PC: 1407d \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:57:40.33072434Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.338829958Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.341339204Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.344531655Z	61	PC: 1407d \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:57:40.35300303Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.360229134Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.362643523Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.366773166Z	61	PC: 1407d \| Open file (Filename = 'PAH.COM')
2018-12-17T22:57:40.374076115Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.381366099Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.384614826Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.387871588Z	61	PC: 1407d \| Open file (Filename = 'TEST.COM')
2018-12-17T22:57:40.395847732Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.399172933Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.402276026Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.405376754Z	59	PC: 13eb7 \| Change current directory
2018-12-17T22:57:40.410111706Z	9	PC: 1405c \| Display string (String= 'Legalize Today-Get High Tonight [IVP] ')
2018-12-17T22:57:40.428620749Z	26	PC: 14074 \| Set disk transfer address
2018-12-17T22:57:40.43001493Z	53	PC: 13e83 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:40.431414111Z	37	PC: 13e95 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:40.433747407Z	71	PC: 13ea1 \| Get current directory
2018-12-17T22:57:40.437418488Z	78	PC: 13f17 \| Find first file
2018-12-17T22:57:40.444491574Z	78	PC: 13f17 \| Find first file
2018-12-17T22:57:40.45201639Z	61	PC: 1407d \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:57:40.460069959Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.463745829Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.466968487Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.47133214Z	61	PC: 1407d \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:57:40.478792384Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.48216298Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.484425494Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.487690231Z	61	PC: 1407d \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:57:40.494836004Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.498782012Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.50081316Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.503892619Z	61	PC: 1407d \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:57:40.512022662Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.515501962Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.517983146Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.522222456Z	61	PC: 1407d \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:57:40.530589965Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.533947817Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.536689772Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.539581869Z	61	PC: 1407d \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:57:40.546590604Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.549911507Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.552505543Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.555821116Z	61	PC: 1407d \| Open file (Filename = 'PAH.COM')
2018-12-17T22:57:40.563348586Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.56751019Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.569810544Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.573038592Z	61	PC: 1407d \| Open file (Filename = 'TEST.COM')
2018-12-17T22:57:40.581560321Z	63	PC: 13f32 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:57:40.584883809Z	62	PC: 13f36 \| Close file
2018-12-17T22:57:40.58740067Z	79	PC: 13f17 \| Find next file
2018-12-17T22:57:40.591158394Z	59	PC: 13eb7 \| Change current directory
2018-12-17T22:57:40.595992732Z	9	PC: 1405c \| Display string (String= 'Legalize Today-Get High Tonight [IVP] ')
2018-12-17T22:57:40.614976318Z	26	PC: 14074 \| Set disk transfer address
2018-12-17T22:57:40.617278716Z	53	PC: 13e83 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:40.619279067Z	37	PC: 13e95 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:40.620810596Z	71	PC: 13ea1 \| Get current directory
2018-12-17T22:57:40.624207431Z	78	PC: 13f17 \| Find first file
2018-12-17T22:57:40.627413017Z	78	PC: 13f17 \| Find first file
2018-12-17T22:57:40.629575533Z	59	PC: 13eb7 \| Change current directory
2018-12-17T22:57:40.63177115Z	9	PC: 1405c \| Display string (Could not find end pointer)