Sample viewer

vx.netlux.org/Virus.DOS.Pan.667

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:00:21.632445592Z	53	PC: 12e6f \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:00:21.633675132Z	37	PC: 12e8a \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:00:21.635459784Z	26	PC: 12e91 \| Set disk transfer address
2018-12-17T23:00:21.63661596Z	78	PC: 12f23 \| Find first file
2018-12-17T23:00:21.643283777Z	61	PC: 12f79 \| Open file (Filename = '')
2018-12-17T23:00:21.650951395Z	63	PC: 12f96 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:21.655889143Z	66	PC: 12ffa \| Move file pointer
2018-12-17T23:00:21.657724963Z	64	PC: 1303d \| Write file or device (Write 31 bytes on handle 5)
2018-12-17T23:00:21.66026297Z	64	PC: 13055 \| Write file or device (Write 636 bytes on handle 5)
2018-12-17T23:00:21.874936117Z	66	PC: 1307c \| Move file pointer
2018-12-17T23:00:21.87752064Z	64	PC: 13085 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:00:21.887309153Z	87	PC: 1309b \| Get or set file date and time
2018-12-17T23:00:21.8906395Z	62	PC: 12ef9 \| Close file
2018-12-17T23:00:21.899664127Z	67	PC: 12f0d \| Get or set file attributes
2018-12-17T23:00:21.911437398Z	37	PC: 130ac \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:00:21.914441989Z	26	PC: 130b8 \| Set disk transfer address
2018-12-17T23:00:21.916187866Z	9	PC: 12b36 \| Display string (String= ' YOU HAVE JUST RELEASED A VIRUS! Entry=3h, Size=1000, Stack=0, Overlay(0)=0 not loaded, Fill=FFFF* COM file, code at start, JMP at start, SS:SP != CS:IP ')
2018-12-17T23:00:21.928909268Z	76	PC: 12b3a \| Terminate with return code (Return code = '36')