Sample viewer

vx.netlux.org/Virus.DOS.MtE.Encroacher.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:59:52.974813987Z 26 PC: 12b27 | Set disk transfer address
2018-12-17T22:59:52.97629609Z 53 PC: 12b2c | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:52.978222496Z 37 PC: 12b36 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:52.979957651Z 78 PC: 12b40 | Find first file
2018-12-17T22:59:52.987026092Z 65 PC: 12b67 | Delete file (Filename = '.COM')
2018-12-17T22:59:52.99362268Z 65 PC: 12b70 | Delete file (Filename = '')
2018-12-17T22:59:52.999619739Z 44 PC: 12b76 | Get time 0x12b76: mov al, ch
0x12b78: cwde
0x12b79: cmp ax, 0x12
0x12b7c: jge 0x12b81
0x12b7e: jmp 0x12bf1
0x12b80: nop
0x12b81: mov dx, 0x349
0x12b84: mov si, 0x34f
0x12b87: push di
0x12b88: mov ah, 0x2f
0x12b8a: int 0x21
0x12b8c: mov di, bx
0x12b8e: mov ah, 0x4e
0x12b90: mov cx, 0x27
0x12b93: int 0x21
0x12b95: jb 0x12bd7
0x12b97: mov ax, 0x4301
0x12b9a: xor cx, cx
0x12b9c: lea dx, word ptr [di + 0x1e]
0x12b9f: int 0x21
2018-12-17T22:59:53.002841194Z 78 PC: 12c0a | Find first file
2018-12-17T22:59:53.010276299Z 67 PC: 12c4f | Get or set file attributes
2018-12-17T22:59:53.0280988Z 61 PC: 12c56 | Open file (Filename = '�j')
2018-12-17T22:59:53.035978796Z 63 PC: 12c63 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:53.044981335Z 66 PC: 12c7b | Move file pointer
2018-12-17T22:59:53.047482422Z 87 PC: 12c91 | Get or set file date and time
2018-12-17T22:59:53.054156403Z 64 PC: 12cc4 | Write file or device (Write 3177 bytes on handle 5)
2018-12-17T22:59:53.070399007Z 66 PC: 12ccf | Move file pointer
2018-12-17T22:59:53.072559559Z 64 PC: 12cd9 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:53.076663553Z 87 PC: 12ce0 | Get or set file date and time
2018-12-17T22:59:53.079559847Z 62 PC: 12cee | Close file
2018-12-17T22:59:53.090127155Z 37 PC: 12c38 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:53.096487571Z 26 PC: 12c41 | Set disk transfer address