Sample viewer

vx.netlux.org/Virus.DOS.VFSI

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:58:38.13176948Z	26	PC: 12ac5 \| Set disk transfer address
2018-12-17T22:58:38.133325413Z	78	PC: 12ad1 \| Find first file
2018-12-17T22:58:38.13921529Z	61	PC: 12adf \| Open file (Filename = 'ЙЭ!ыДИ')
2018-12-17T22:58:38.145928592Z	66	PC: 12aea \| Move file pointer
2018-12-17T22:58:38.148063471Z	66	PC: 12af7 \| Move file pointer
2018-12-17T22:58:38.149403461Z	63	PC: 12b03 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:58:38.155532274Z	87	PC: 12b22 \| Get or set file date and time
2018-12-17T22:58:38.157581672Z	66	PC: 12b2d \| Move file pointer
2018-12-17T22:58:38.159199879Z	63	PC: 12b39 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:58:38.161814729Z	66	PC: 12b42 \| Move file pointer
2018-12-17T22:58:38.1721764Z	64	PC: 12b66 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:58:38.175585685Z	66	PC: 12b70 \| Move file pointer
2018-12-17T22:58:38.176996004Z	64	PC: 12b89 \| Write file or device (Write 446 bytes on handle 5)
2018-12-17T22:58:38.193756353Z	87	PC: 12b90 \| Get or set file date and time
2018-12-17T22:58:38.195262192Z	62	PC: 12b95 \| Close file
2018-12-17T22:58:38.202640694Z	44	PC: 12b9a \| Get time 0x12b9a: cmp dl, 0x14 0x12b9d: jg 0x12bf4 0x12b9f: mov ax, 0xe07 0x12ba2: int 0x10 0x12ba4: mov ax, 0xf00 0x12ba7: int 0x10 0x12ba9: push ax 0x12baa: xor ax, ax 0x12bac: int 0x10 0x12bae: mov cx, 0x1e 0x12bb1: mov dx, 0xa06 0x12bb4: mov bl, 0xe 0x12bb6: lea bp, word ptr [0x20] 0x12bba: mov ah, 2 0x12bbc: int 0x10 0x12bbe: mov si, 0x1e 0x12bc1: sub si, cx 0x12bc3: mov al, byte ptr ds:[bp + si] 0x12bc6: add al, 0x1e 0x12bc8: sub al, 0x1e
2018-12-17T22:58:38.204615484Z	26	PC: 12bfe \| Set disk transfer address
2018-12-17T22:58:38.20595283Z	76	PC: 12a49 \| Terminate with return code (Return code = '0')