Sample viewer

vx.netlux.org/Virus.DOS.Slowly.1114

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:58:45.252189761Z 37 PC: 23678 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:58:45.25393015Z 25 PC: 2367c | Get default drive
2018-12-17T22:58:45.255471477Z 71 PC: 2368c | Get current directory
2018-12-17T22:58:45.258702093Z 26 PC: 23695 | Set disk transfer address
2018-12-17T22:58:45.260534096Z 14 PC: 236dc | Set default drive (Drive = 'C')
2018-12-17T22:58:45.26267831Z 59 PC: 236e3 | Change current directory
2018-12-17T22:58:45.267443673Z 42 PC: 236ea | Get date 0x236ea: cmp byte ptr [0xfe52], dl
0x236ee: mov byte ptr [0xfe52], dl
0x236f2: pop dx
0x236f3: jbe 0x2370f
0x236f5: mov ah, 0x5a
0x236f7: xor cx, cx
0x236f9: int 0x21
0x236fb: jb 0x23695
0x236fd: xchg ax, bx
0x236fe: mov byte ptr [si + 0x15], 0x27
0x23702: mov ah, 0x40
0x23704: mov dx, 0xfe20
0x23707: mov cx, 0x20
0x2370a: int 0x21
0x2370c: call 0x2399f
0x2370f: mov ah, 0x4e
0x23711: mov cx, 0x27
0x23714: mov dx, 0xfe0f
0x23717: int 0x21
0x23719: jb 0x23695
2018-12-17T22:58:45.269285644Z 90 PC: 236fb | Create unique file
2018-12-17T22:58:45.631185501Z 64 PC: 2370c | Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:58:45.64103551Z 87 PC: 239ac | Get or set file date and time
2018-12-17T22:58:45.643327006Z 62 PC: 239b0 | Close file
2018-12-17T22:58:45.654992198Z 67 PC: 239bd | Get or set file attributes
2018-12-17T22:58:45.666790989Z 78 PC: 23719 | Find first file
2018-12-17T22:58:45.673844205Z 68 PC: 2373f | I/O control for devices (Set for = '�G��[u�ð�v08mode.*')
2018-12-17T22:58:45.678413264Z 68 PC: 2373f | I/O control for devices (Set for = 'G��[u�ð�v08mode.*')
2018-12-17T22:58:45.681275355Z 68 PC: 2373f | I/O control for devices (Set for = '��[u�ð�v08mode.*')
2018-12-17T22:58:45.683982316Z 14 PC: 2374b | Set default drive (Drive = 'C')
2018-12-17T22:58:45.686620412Z 59 PC: 23752 | Change current directory
2018-12-17T22:58:45.690620696Z 26 PC: 2375b | Set disk transfer address
2018-12-17T22:58:45.69196759Z 78 PC: 23765 | Find first file
2018-12-17T22:58:45.699253711Z 67 PC: 237da | Get or set file attributes
2018-12-17T22:58:45.70938183Z 61 PC: 237e1 | Open file (Filename = 'IO.SYS')
2018-12-17T22:58:45.71684149Z 87 PC: 239ac | Get or set file date and time
2018-12-17T22:58:45.719223397Z 62 PC: 239b0 | Close file
2018-12-17T22:58:45.726419323Z 67 PC: 239bd | Get or set file attributes
2018-12-17T22:58:45.737169365Z 79 PC: 2377e | Find next file
2018-12-17T22:58:45.745089564Z 25 PC: 23735 | Get default drive
2018-12-17T22:58:45.747915679Z 68 PC: 2373f | I/O control for devices (Set for = '5�;�=�Ìَ��.��tD���')
2018-12-17T22:58:45.750538994Z 14 PC: 23950 | Set default drive (Drive = 'A')
2018-12-17T22:58:45.752755253Z 59 PC: 23957 | Change current directory
2018-12-17T22:58:45.757221433Z 37 PC: 23963 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:58:45.758656719Z 26 PC: 2398e | Set disk transfer address
2018-12-17T22:58:45.760049258Z 9 PC: 12a5c | Display string (Could not find end pointer)
2018-12-17T22:58:45.765445194Z 76 PC: 12a61 | Terminate with return code (Return code = '0')