Sample viewer

vx.netlux.org/Virus.DOS.Renamer.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:59:14.523783821Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:59:14.52560082Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:59:14.529546074Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:59:14.530806357Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:59:14.532477324Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:59:14.533881246Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:14.535122905Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:59:14.536572299Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:59:14.537868429Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:59:14.538996603Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:59:14.540074822Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:59:14.541519668Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:59:14.542801939Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:59:14.54421607Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:59:14.545818306Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:59:14.54700377Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:59:14.548294675Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:59:14.55154525Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:59:14.552706037Z	53	PC: 1320a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:59:14.553961885Z	37	PC: 1321f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:59:14.55810094Z	37	PC: 13227 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:59:14.559355739Z	37	PC: 1322f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:14.561341428Z	37	PC: 13237 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:59:14.564041964Z	68	PC: 13ac8 \| I/O control for devices (Set for = '� ��')
2018-12-17T22:59:14.694374406Z	37	PC: 12c31 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:59:14.696452779Z	86	PC: 13a5d \| Rename file
2018-12-17T22:59:14.703517224Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:59:14.705054526Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:59:14.706540117Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:59:14.708650206Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:59:14.709722673Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:59:14.710896201Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:14.712460238Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:59:14.714125527Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:59:14.715302007Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:59:14.717970553Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:59:14.719835859Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:59:14.72113911Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:59:14.722871259Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:59:14.724557548Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:59:14.725575325Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:59:14.726691782Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:59:14.727956011Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:59:14.728879556Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:59:14.729908961Z	37	PC: 13361 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:59:14.731412486Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.733033503Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.735509691Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.73928321Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.741735662Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.744133434Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.747829791Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.750129123Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.752439543Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.755595418Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.757702593Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.759733266Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.762671337Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.76478574Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.766731931Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.769811917Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.772017844Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.774279508Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.777123135Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.779251906Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.782042345Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.786029143Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.787986121Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.790041922Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.792775023Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.794891565Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.797090296Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.799626205Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.801523986Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.803377667Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.806358723Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.809259969Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.811041424Z	6	PC: 133e8 \| Direct console I/O
2018-12-17T22:59:14.815577311Z	76	PC: 133a0 \| Terminate with return code (Return code = '2')