Sample viewer

vx.netlux.org/Virus.DOS.Matthew.3037

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:58:05.910473445Z 73 PC: 13460 | Release memory
2018-12-17T22:58:05.913159163Z 53 PC: 133ac | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:58:05.915263859Z 37 PC: 133bf | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:58:05.917223844Z 53 PC: 133ec | Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:58:05.919059654Z 53 PC: 133c5 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:58:05.921730054Z 77 PC: 12dd9 | Get program return code
2018-12-17T22:58:05.923277453Z 49 PC: 12dd9 | Terminate and stay resident (Return code = '0' | Memory size = '253')
2018-12-17T22:58:05.925703834Z 48 PC: 13547 | Get DOS version
2018-12-17T22:58:05.927850268Z 75 PC: 12dd9 | Execute program
2018-12-17T22:58:05.943379278Z 9 PC: 13ab3 | Display string (String= ' Mabuhay! This program came from Bahay Kawayan at http://come.to/hexfiles Putoksa Kawayan [email protected] ')
2018-12-17T22:58:05.956902888Z 76 PC: 13ab7 | Terminate with return code (Return code = '36')
2018-12-17T22:58:05.961357842Z 77 PC: 13598 | Get program return code