Sample viewer

vx.netlux.org/Virus.DOS.Dalian.1366

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:59:12.218079479Z	53	PC: 1e165 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:59:12.220233828Z	53	PC: 1e174 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:12.221795864Z	53	PC: 1e183 \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:59:12.223708037Z	48	PC: 1978c \| Get DOS version
2018-12-17T22:59:12.226019842Z	74	PC: 197dc \| Reallocate memory
2018-12-17T22:59:12.22803521Z	48	PC: 19840 \| Get DOS version
2018-12-17T22:59:12.229286131Z	53	PC: 19848 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:59:12.231380237Z	37	PC: 1985a \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:59:12.233384133Z	53	PC: 1c4a2 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:59:12.235071023Z	37	PC: 1c4b2 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:59:12.238078415Z	53	PC: 1c4b7 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:59:12.239759525Z	37	PC: 1c4c7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:59:12.241392073Z	53	PC: 1a1f6 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:59:12.243627665Z	53	PC: 1a1f6 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:59:12.245097358Z	53	PC: 1a1f6 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:59:12.246496297Z	53	PC: 1a1f6 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:59:12.248994211Z	53	PC: 1a1f6 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:59:12.250704956Z	53	PC: 1a1f6 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:59:12.252321134Z	53	PC: 1a1f6 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:59:12.254914718Z	53	PC: 1a1f6 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:59:12.256319348Z	53	PC: 1a1f6 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:59:12.257636554Z	53	PC: 1a1f6 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:59:12.25916692Z	53	PC: 1a1f6 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:59:12.260857437Z	37	PC: 1a225 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:59:12.262404856Z	37	PC: 1a225 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:59:12.264588018Z	37	PC: 1a225 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:59:12.265915543Z	37	PC: 1a225 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:59:12.267031881Z	37	PC: 1a225 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:59:12.268435259Z	37	PC: 1a225 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:59:12.270092454Z	37	PC: 1a225 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:59:12.271533282Z	37	PC: 1a225 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:59:12.273461055Z	37	PC: 1a22c \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:59:12.275933932Z	37	PC: 1a231 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:59:12.278337519Z	68	PC: 198eb \| I/O control for devices (Set for = '��< �[ �r �� & + $D .c 8� B� L� V� `� j?t^~u�� )�.�G�f��')
2018-12-17T22:59:12.281116192Z	68	PC: 198eb \| I/O control for devices (Set for = '')
2018-12-17T22:59:12.284352374Z	68	PC: 198eb \| I/O control for devices (Set for = ' �"�"�!�! �Q# �� `��V� � � � � � � � � C� � � � 6�� C� � � � � � � � � � � � � C� � � � @B')
2018-12-17T22:59:12.286925941Z	68	PC: 198eb \| I/O control for devices (Set for = 'Q# �� `��V� � � � � � � � � C� � � � 6�� C� � � � � � � � � � � � � C� � � � @B')
2018-12-17T22:59:12.288342694Z	68	PC: 198eb \| I/O control for devices (Set for = 'Q# �� `��V� � � � � � � � � C� � � � 6�� C� � � � � � � � � � � � � C� � � � @B')
2018-12-17T22:59:12.290881515Z	53	PC: 16a84 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:59:12.292719549Z	53	PC: 16a91 \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:59:12.294679313Z	53	PC: 16a9e \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:12.297159935Z	37	PC: 16ab3 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:59:12.298491838Z	37	PC: 16abb \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:59:12.299777254Z	37	PC: 16ac3 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:12.302010982Z	53	PC: 17542 \| Get interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:59:12.303369014Z	53	PC: 1754f \| Get interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:59:12.304598535Z	53	PC: 1755e \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:59:12.306721174Z	37	PC: 1756b \| Set interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:59:12.30797976Z	53	PC: 17572 \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:59:12.309221213Z	37	PC: 1757f \| Set interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:59:12.310851627Z	53	PC: 1758b \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:59:12.316356734Z	48	PC: 1764d \| Get DOS version
2018-12-17T22:59:12.317831015Z	74	PC: 1574f \| Reallocate memory
2018-12-17T22:59:12.320324591Z	74	PC: 1574f \| Reallocate memory
2018-12-17T22:59:12.326644539Z	68	PC: 169fa \| I/O control for devices (Set for = 'w�hlen Sie eine der oben stehenden Sprachen:')
2018-12-17T22:59:12.328428412Z	68	PC: 169fa \| I/O control for devices (Set for = '')
2018-12-17T22:59:12.330459249Z	51	PC: 16a18 \| Get or set Ctrl-Break
2018-12-17T22:59:12.332239435Z	51	PC: 16a24 \| Get or set Ctrl-Break