Sample viewer

vx.netlux.org/Virus.DOS.Jester_2.700

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:57:49.403430066Z	48	PC: 13dda \| Get DOS version
2018-12-17T22:57:49.416162588Z	53	PC: 13f75 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:49.417550398Z	37	PC: 13f8b \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:49.418570558Z	47	PC: 13ed5 \| Get disk transfer address
2018-12-17T22:57:49.420424172Z	26	PC: 13ee8 \| Set disk transfer address
2018-12-17T22:57:49.42163344Z	78	PC: 13dfc \| Find first file
2018-12-17T22:57:49.426300605Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.428327294Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.431520355Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.434337039Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.437105599Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.440628457Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.443850832Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.447102532Z	67	PC: 13f28 \| Get or set file attributes
2018-12-17T22:57:49.465288282Z	61	PC: 13e2d \| Open file (Filename = 'TEST.COM')
2018-12-17T22:57:49.475197187Z	63	PC: 13e3c \| Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:57:49.478417218Z	87	PC: 13f66 \| Get or set file date and time
2018-12-17T22:57:49.481087447Z	62	PC: 13e7a \| Close file
2018-12-17T22:57:49.488816331Z	67	PC: 13f28 \| Get or set file attributes
2018-12-17T22:57:49.498031207Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.500399492Z	71	PC: 13faa \| Get current directory
2018-12-17T22:57:49.503813085Z	59	PC: 13fb5 \| Change current directory
2018-12-17T22:57:49.507579503Z	78	PC: 13dfc \| Find first file
2018-12-17T22:57:49.512931367Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.520358187Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.522621643Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.525278518Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.528417004Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.530855798Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.533664857Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.537195564Z	67	PC: 13f28 \| Get or set file attributes
2018-12-17T22:57:49.552948522Z	61	PC: 13e2d \| Open file (Filename = 'TEST.COM')
2018-12-17T22:57:49.560458103Z	63	PC: 13e3c \| Read file or device (Read 13 bytes on handle 5)
2018-12-17T22:57:49.56909983Z	87	PC: 13f66 \| Get or set file date and time
2018-12-17T22:57:49.573249495Z	62	PC: 13e7a \| Close file
2018-12-17T22:57:49.581589427Z	67	PC: 13f28 \| Get or set file attributes
2018-12-17T22:57:49.593274594Z	79	PC: 13e8d \| Find next file
2018-12-17T22:57:49.607184721Z	59	PC: 13fbf \| Change current directory
2018-12-17T22:57:49.609450837Z	26	PC: 13ef7 \| Set disk transfer address
2018-12-17T22:57:49.612475587Z	37	PC: 13f9c \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:57:49.614456423Z	9	PC: 13cf0 \| Display string (String= 'Goat file (COM/b...). Size=00001388h/0000005000d bytes. ')
2018-12-17T22:57:49.620968116Z	48	PC: 13cf9 \| Get DOS version
2018-12-17T22:57:49.622701805Z	61	PC: 13dc6 \| Open file (Filename = '')
2018-12-17T22:57:49.631493821Z	93	PC: 13d68 \| File sharing functions
2018-12-17T22:57:49.634277169Z	9	PC: 13cf0 \| Display string (String= 'Size change=02BCh/00700d. ')
2018-12-17T22:57:49.639438675Z	76	PC: 13d4d \| Terminate with return code (Return code = '1')