Sample viewer

vx.netlux.org/Virus.DOS.Slowly.1124

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:00:51.534542675Z 37 PC: 31678 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:00:51.537841724Z 25 PC: 3167c | Get default drive
2018-12-17T23:00:51.539583056Z 71 PC: 3168c | Get current directory
2018-12-17T23:00:51.543311001Z 26 PC: 31695 | Set disk transfer address
2018-12-17T23:00:51.548923779Z 14 PC: 316dc | Set default drive (Drive = 'C')
2018-12-17T23:00:51.550725504Z 59 PC: 316e3 | Change current directory
2018-12-17T23:00:51.556910656Z 42 PC: 316ea | Get date 0x316ea: cmp byte ptr [0xfe5c], dl
0x316ee: mov byte ptr [0xfe5c], dl
0x316f2: pop dx
0x316f3: jbe 0x3170f
0x316f5: mov ah, 0x5a
0x316f7: xor cx, cx
0x316f9: int 0x21
0x316fb: jb 0x31695
0x316fd: xchg ax, bx
0x316fe: mov byte ptr [si + 0x15], 0x27
0x31702: mov ah, 0x40
0x31704: mov dx, 0xfe2a
0x31707: mov cx, 0x20
0x3170a: int 0x21
0x3170c: call 0x319a8
0x3170f: mov ah, 0x4e
0x31711: mov cx, 0x27
0x31714: mov dx, 0xfe19
0x31717: int 0x21
0x31719: jb 0x31695
2018-12-17T23:00:51.56027553Z 78 PC: 31719 | Find first file
2018-12-17T23:00:51.570007127Z 68 PC: 3173d | I/O control for devices (Set for = '3��f������G��eu�ð�')
2018-12-17T23:00:51.572393741Z 68 PC: 3173d | I/O control for devices (Set for = '��f������G��eu�ð�')
2018-12-17T23:00:51.575558699Z 68 PC: 3173d | I/O control for devices (Set for = '�f������G��eu�ð�')
2018-12-17T23:00:51.577764524Z 14 PC: 31749 | Set default drive (Drive = 'C')
2018-12-17T23:00:51.579266927Z 59 PC: 31750 | Change current directory
2018-12-17T23:00:51.583875957Z 26 PC: 31759 | Set disk transfer address
2018-12-17T23:00:51.585246673Z 78 PC: 31763 | Find first file
2018-12-17T23:00:51.591204429Z 67 PC: 317d8 | Get or set file attributes
2018-12-17T23:00:52.136374508Z 61 PC: 317df | Open file (Filename = 'IO.SYS')
2018-12-17T23:00:52.143718838Z 87 PC: 319b5 | Get or set file date and time
2018-12-17T23:00:52.146055188Z 62 PC: 319b9 | Close file
2018-12-17T23:00:52.154515126Z 67 PC: 319c6 | Get or set file attributes
2018-12-17T23:00:52.165655409Z 79 PC: 3177c | Find next file
2018-12-17T23:00:52.172060325Z 25 PC: 31733 | Get default drive
2018-12-17T23:00:52.174744549Z 68 PC: 3173d | I/O control for devices (Set for = '')
2018-12-17T23:00:52.1771022Z 14 PC: 31959 | Set default drive (Drive = 'A')
2018-12-17T23:00:52.17882663Z 59 PC: 31960 | Change current directory
2018-12-17T23:00:52.183590482Z 37 PC: 3196c | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:00:52.187018083Z 26 PC: 31997 | Set disk transfer address
2018-12-17T23:00:52.18892185Z 9 PC: 12a5c | Display string (Could not find end pointer)
2018-12-17T23:00:52.203084723Z 76 PC: 12a61 | Terminate with return code (Return code = '0')