Sample viewer

vx.netlux.org/Virus.DOS.Crawler.687

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:59:08.027043139Z	53	PC: 12e53 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:08.029077221Z	37	PC: 12e64 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:08.031296575Z	53	PC: 12e69 \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:59:08.033330693Z	37	PC: 12e7a \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:59:08.035666623Z	47	PC: 12e7e \| Get disk transfer address
2018-12-17T22:59:08.037050862Z	26	PC: 12e8e \| Set disk transfer address
2018-12-17T22:59:08.038069087Z	71	PC: 12e98 \| Get current directory
2018-12-17T22:59:08.041173155Z	37	PC: 12ebc \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:59:08.043262107Z	78	PC: 12ed5 \| Find first file
2018-12-17T22:59:08.049213779Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.064914821Z	62	PC: 12edd \| Close file
2018-12-17T22:59:08.066615815Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.07594515Z	26	PC: 12ee8 \| Set disk transfer address
2018-12-17T22:59:08.077004492Z	79	PC: 12ef0 \| Find next file
2018-12-17T22:59:08.08039649Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.089919591Z	62	PC: 12edd \| Close file
2018-12-17T22:59:08.091347717Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.101282227Z	26	PC: 12ee8 \| Set disk transfer address
2018-12-17T22:59:08.102334486Z	79	PC: 12ef0 \| Find next file
2018-12-17T22:59:08.10652495Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.11913749Z	62	PC: 12edd \| Close file
2018-12-17T22:59:08.120875Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.130862872Z	26	PC: 12ee8 \| Set disk transfer address
2018-12-17T22:59:08.132927156Z	79	PC: 12ef0 \| Find next file
2018-12-17T22:59:08.1357109Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.145386225Z	62	PC: 12edd \| Close file
2018-12-17T22:59:08.155182986Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.162108091Z	26	PC: 12ee8 \| Set disk transfer address
2018-12-17T22:59:08.16325948Z	79	PC: 12ef0 \| Find next file
2018-12-17T22:59:08.165540861Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.172192048Z	62	PC: 12edd \| Close file
2018-12-17T22:59:08.174183453Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.18730286Z	26	PC: 12ee8 \| Set disk transfer address
2018-12-17T22:59:08.18922157Z	79	PC: 12ef0 \| Find next file
2018-12-17T22:59:08.192116505Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.202269033Z	62	PC: 12edd \| Close file
2018-12-17T22:59:08.204814126Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.214251819Z	26	PC: 12ee8 \| Set disk transfer address
2018-12-17T22:59:08.215190987Z	79	PC: 12ef0 \| Find next file
2018-12-17T22:59:08.217577027Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.223732514Z	62	PC: 12edd \| Close file
2018-12-17T22:59:08.224881345Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.231686084Z	26	PC: 12ee8 \| Set disk transfer address
2018-12-17T22:59:08.232559036Z	79	PC: 12ef0 \| Find next file
2018-12-17T22:59:08.234395888Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.242770058Z	61	PC: 12f2e \| Open file (Filename = 'TEST.COM')
2018-12-17T22:59:08.250014218Z	66	PC: 13019 \| Move file pointer
2018-12-17T22:59:08.251181382Z	63	PC: 12f43 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:59:08.255821066Z	62	PC: 12edd \| Close file
2018-12-17T22:59:08.257219769Z	67	PC: 1300e \| Get or set file attributes
2018-12-17T22:59:08.26352045Z	26	PC: 12ee8 \| Set disk transfer address
2018-12-17T22:59:08.265193601Z	79	PC: 12ef0 \| Find next file
2018-12-17T22:59:08.266993442Z	59	PC: 12efa \| Change current directory
2018-12-17T22:59:08.269793138Z	59	PC: 12fdb \| Change current directory
2018-12-17T22:59:08.271498307Z	26	PC: 12fe7 \| Set disk transfer address
2018-12-17T22:59:08.27303666Z	37	PC: 12ff4 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:08.27396706Z	9	PC: 12e26 \| Display string (String= ' Phalcon/Skism COM host file - 1000 bytes (c) 1995, Night Crawler ')