Sample viewer

vx.netlux.org/Virus.DOS.IVP.Birgit.343

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:59:54.976134442Z	26	PC: 12b64 \| Set disk transfer address
2018-12-17T22:59:54.978494661Z	53	PC: 12a69 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:54.982726198Z	37	PC: 12a7b \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:54.984103505Z	71	PC: 12a87 \| Get current directory
2018-12-17T22:59:54.987984148Z	78	PC: 12ac2 \| Find first file
2018-12-17T22:59:54.995095423Z	61	PC: 12b6d \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:59:55.002342428Z	63	PC: 12add \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:59:55.009462865Z	62	PC: 12ae1 \| Close file
2018-12-17T22:59:55.012008937Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.29084265Z	61	PC: 12b6d \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:59:55.297452302Z	64	PC: 12b27 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:55.302419489Z	66	PC: 12b5f \| Move file pointer
2018-12-17T22:59:55.304261655Z	64	PC: 12b39 \| Write file or device (Write 343 bytes on handle 5)
2018-12-17T22:59:55.313659784Z	87	PC: 12b48 \| Get or set file date and time
2018-12-17T22:59:55.31655953Z	62	PC: 12b4c \| Close file
2018-12-17T22:59:55.326776765Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.340438614Z	79	PC: 12ac2 \| Find next file
2018-12-17T22:59:55.345227144Z	61	PC: 12b6d \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:59:55.352985766Z	63	PC: 12add \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:59:55.36096412Z	62	PC: 12ae1 \| Close file
2018-12-17T22:59:55.363096928Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.375550923Z	61	PC: 12b6d \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:59:55.383733968Z	64	PC: 12b27 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:55.38755031Z	66	PC: 12b5f \| Move file pointer
2018-12-17T22:59:55.390861531Z	64	PC: 12b39 \| Write file or device (Write 343 bytes on handle 5)
2018-12-17T22:59:55.394358458Z	87	PC: 12b48 \| Get or set file date and time
2018-12-17T22:59:55.39642096Z	62	PC: 12b4c \| Close file
2018-12-17T22:59:55.406247924Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.417631222Z	79	PC: 12ac2 \| Find next file
2018-12-17T22:59:55.421051435Z	61	PC: 12b6d \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:59:55.430418595Z	63	PC: 12add \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:59:55.449777432Z	62	PC: 12ae1 \| Close file
2018-12-17T22:59:55.451881046Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.463901147Z	61	PC: 12b6d \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:59:55.473123267Z	64	PC: 12b27 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:55.476707933Z	66	PC: 12b5f \| Move file pointer
2018-12-17T22:59:55.478793791Z	64	PC: 12b39 \| Write file or device (Write 343 bytes on handle 5)
2018-12-17T22:59:55.483385885Z	87	PC: 12b48 \| Get or set file date and time
2018-12-17T22:59:55.485835072Z	62	PC: 12b4c \| Close file
2018-12-17T22:59:55.495216236Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.508422916Z	79	PC: 12ac2 \| Find next file
2018-12-17T22:59:55.512578328Z	61	PC: 12b6d \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:59:55.520865131Z	63	PC: 12add \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:59:55.528757872Z	62	PC: 12ae1 \| Close file
2018-12-17T22:59:55.530442699Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.537317609Z	61	PC: 12b6d \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:59:55.543369721Z	64	PC: 12b27 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:55.545513861Z	66	PC: 12b5f \| Move file pointer
2018-12-17T22:59:55.546795686Z	64	PC: 12b39 \| Write file or device (Write 343 bytes on handle 5)
2018-12-17T22:59:55.54915133Z	87	PC: 12b48 \| Get or set file date and time
2018-12-17T22:59:55.55074677Z	62	PC: 12b4c \| Close file
2018-12-17T22:59:55.556153228Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.568035937Z	79	PC: 12ac2 \| Find next file
2018-12-17T22:59:55.572003863Z	61	PC: 12b6d \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:59:55.579769983Z	63	PC: 12add \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:59:55.587357079Z	62	PC: 12ae1 \| Close file
2018-12-17T22:59:55.591016949Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.596338346Z	61	PC: 12b6d \| Open file (Filename = 'PRINTA~1.COM�')
2018-12-17T22:59:55.601972929Z	64	PC: 12b27 \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:59:55.606438902Z	66	PC: 12b5f \| Move file pointer
2018-12-17T22:59:55.608452258Z	64	PC: 12b39 \| Write file or device (Write 343 bytes on handle 2)
2018-12-17T22:59:55.615982414Z	87	PC: 12b48 \| Get or set file date and time
2018-12-17T22:59:55.6189689Z	62	PC: 12b4c \| Close file
2018-12-17T22:59:55.622610823Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.629007592Z	79	PC: 12ac2 \| Find next file
2018-12-17T22:59:55.632760608Z	61	PC: 12b6d \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:59:55.641733335Z	63	PC: 12add \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:59:55.649152348Z	62	PC: 12ae1 \| Close file
2018-12-17T22:59:55.651633161Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.664102574Z	61	PC: 12b6d \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:59:55.67190279Z	64	PC: 12b27 \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:59:55.675434869Z	66	PC: 12b5f \| Move file pointer
2018-12-17T22:59:55.67845141Z	64	PC: 12b39 \| Write file or device (Write 343 bytes on handle 2)
2018-12-17T22:59:55.687566502Z	87	PC: 12b48 \| Get or set file date and time
2018-12-17T22:59:55.689665109Z	62	PC: 12b4c \| Close file
2018-12-17T22:59:55.699754134Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.710817618Z	79	PC: 12ac2 \| Find next file
2018-12-17T22:59:55.714668398Z	61	PC: 12b6d \| Open file (Filename = 'PAH.COM')
2018-12-17T22:59:55.722902861Z	63	PC: 12add \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:59:55.730851641Z	62	PC: 12ae1 \| Close file
2018-12-17T22:59:55.733977661Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.745749086Z	61	PC: 12b6d \| Open file (Filename = 'PAH.COM')
2018-12-17T22:59:55.754397819Z	64	PC: 12b27 \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:59:55.75865212Z	66	PC: 12b5f \| Move file pointer
2018-12-17T22:59:55.760537493Z	64	PC: 12b39 \| Write file or device (Write 343 bytes on handle 2)
2018-12-17T22:59:55.764208932Z	87	PC: 12b48 \| Get or set file date and time
2018-12-17T22:59:55.7662021Z	62	PC: 12b4c \| Close file
2018-12-17T22:59:55.77460431Z	67	PC: 12b78 \| Get or set file attributes
2018-12-17T22:59:55.786251312Z	79	PC: 12ac2 \| Find next file
2018-12-17T22:59:55.789476632Z	61	PC: 12b6d \| Open file (Filename = 'TEST.COM')
2018-12-17T22:59:55.797197555Z	63	PC: 12add \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:59:55.801151678Z	62	PC: 12ae1 \| Close file
2018-12-17T22:59:55.803568102Z	79	PC: 12ac2 \| Find next file
2018-12-17T22:59:55.807123477Z	59	PC: 12a96 \| Change current directory
2018-12-17T22:59:55.812430107Z	9	PC: 12aa0 \| Display string (String= 'Birgit [IVP] ')
2018-12-17T22:59:55.819589199Z	37	PC: 12aaa \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:59:55.820795872Z	59	PC: 12ab4 \| Change current directory
2018-12-17T22:59:55.823450322Z	26	PC: 12b64 \| Set disk transfer address