Sample viewer

vx.netlux.org/Virus.DOS.C3.2642

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:59:48.27693866Z	48	PC: 159f7 \| Get DOS version
2018-12-17T22:59:48.278378654Z	222	PC: 15a02 \| UNKNOWN!
2018-12-17T22:59:48.279167237Z	48	PC: 15a99 \| Get DOS version
2018-12-17T22:59:48.280182274Z	48	PC: 15af2 \| Get DOS version
2018-12-17T22:59:48.281921292Z	54	PC: 9f63b \| Get free disk space
2018-12-17T22:59:48.300789076Z	51	PC: 9f695 \| Get or set Ctrl-Break
2018-12-17T22:59:48.301592277Z	51	PC: 9f6a2 \| Get or set Ctrl-Break
2018-12-17T22:59:48.302747296Z	26	PC: 9f603 \| Set disk transfer address
2018-12-17T22:59:48.303983119Z	78	PC: 9f6b3 \| Find first file
2018-12-17T22:59:48.308952443Z	54	PC: 9f711 \| Get free disk space
2018-12-17T22:59:48.312664203Z	61	PC: 9f722 \| Open file (Filename = 'S�')
2018-12-17T22:59:48.31666349Z	63	PC: 9f730 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:59:48.320117239Z	66	PC: 9f73c \| Move file pointer
2018-12-17T22:59:48.321584241Z	66	PC: 9f757 \| Move file pointer
2018-12-17T22:59:48.322990185Z	62	PC: 9f75b \| Close file
2018-12-17T22:59:48.324270849Z	53	PC: 9f79b \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:48.325407021Z	37	PC: 9f7af \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:48.326911344Z	67	PC: 9f7ba \| Get or set file attributes
2018-12-17T22:59:48.330284948Z	67	PC: 9f7cb \| Get or set file attributes
2018-12-17T22:59:48.668478418Z	61	PC: 9f7d4 \| Open file (Filename = '�Wj W�WcW�W�W W5W')
2018-12-17T22:59:48.678669937Z	87	PC: 9f7dc \| Get or set file date and time
2018-12-17T22:59:48.68108053Z	66	PC: 9f7f2 \| Move file pointer
2018-12-17T22:59:48.683374915Z	66	PC: 9f807 \| Move file pointer
2018-12-17T22:59:48.686057713Z	66	PC: 9f813 \| Move file pointer
2018-12-17T22:59:48.688899817Z	63	PC: 9f81d \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:48.692049815Z	62	PC: 9f821 \| Close file
2018-12-17T22:59:48.695062333Z	61	PC: 9f86a \| Open file (Filename = '�Wj W�WcW�W�W W5W')
2018-12-17T22:59:48.701145462Z	63	PC: 9f878 \| Read file or device (Read 30 bytes on handle 5)
2018-12-17T22:59:48.703758029Z	62	PC: 9f87e \| Close file
2018-12-17T22:59:48.706942131Z	61	PC: 9f887 \| Open file (Filename = '�Wj W�WcW�W�W W5W')
2018-12-17T22:59:48.713209208Z	66	PC: 9f895 \| Move file pointer
2018-12-17T22:59:48.715018543Z	64	PC: 9f8a5 \| Write file or device (Write 30 bytes on handle 5)
2018-12-17T22:59:48.722721077Z	62	PC: 9f8ab \| Close file
2018-12-17T22:59:48.729889432Z	61	PC: 9f8d0 \| Open file (Filename = '�Wj W�WcW�W�W W5W')
2018-12-17T22:59:48.736609551Z	66	PC: 9f8de \| Move file pointer
2018-12-17T22:59:48.738809766Z	64	PC: 9f8e8 \| Write file or device (Write 2612 bytes on handle 5)
2018-12-17T22:59:48.748582222Z	62	PC: 9f8ec \| Close file
2018-12-17T22:59:48.75676321Z	61	PC: 9f902 \| Open file (Filename = '�Wj W�WcW�W�W W5W')
2018-12-17T22:59:48.763808171Z	66	PC: 9f910 \| Move file pointer
2018-12-17T22:59:48.76554953Z	64	PC: 9f91a \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:48.76857659Z	66	PC: 9f926 \| Move file pointer
2018-12-17T22:59:48.771012415Z	66	PC: 9f932 \| Move file pointer
2018-12-17T22:59:48.772758885Z	64	PC: 9f93c \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:48.776030534Z	87	PC: 9f94c \| Get or set file date and time
2018-12-17T22:59:48.778797054Z	62	PC: 9f950 \| Close file
2018-12-17T22:59:48.785270744Z	67	PC: 9f95e \| Get or set file attributes
2018-12-17T22:59:48.794282798Z	37	PC: 9f96f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:48.796133831Z	51	PC: 9f982 \| Get or set Ctrl-Break
2018-12-17T22:59:48.797574172Z	54	PC: 9f611 \| Get free disk space
2018-12-17T22:59:48.800567154Z	76	PC: 1514d \| Terminate with return code (Return code = '0')