Sample viewer

vx.netlux.org/Virus.DOS.Devil.941.e

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:01:12.636729068Z	53	PC: 12e24 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:01:12.638354585Z	78	PC: 13182 \| Find first file
2018-12-17T23:01:12.644090546Z	67	PC: 13118 \| Get or set file attributes
2018-12-17T23:01:12.660045586Z	61	PC: 13120 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:01:12.666421609Z	63	PC: 13132 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:01:12.672957138Z	66	PC: 13142 \| Move file pointer
2018-12-17T23:01:12.674303945Z	64	PC: 1315a \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:01:12.676884816Z	66	PC: 13167 \| Move file pointer
2018-12-17T23:01:12.678848025Z	64	PC: 13170 \| Write file or device (Write 941 bytes on handle 5)
2018-12-17T23:01:12.687749511Z	62	PC: 13174 \| Close file
2018-12-17T23:01:12.6959789Z	79	PC: 1318e \| Find next file
2018-12-17T23:01:12.699457302Z	67	PC: 13118 \| Get or set file attributes
2018-12-17T23:01:12.710214645Z	61	PC: 13120 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:01:12.717199313Z	63	PC: 13132 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:01:12.724550675Z	66	PC: 13142 \| Move file pointer
2018-12-17T23:01:12.725990415Z	64	PC: 1315a \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:01:12.728452975Z	66	PC: 13167 \| Move file pointer
2018-12-17T23:01:12.731485155Z	64	PC: 13170 \| Write file or device (Write 941 bytes on handle 5)
2018-12-17T23:01:12.739482518Z	62	PC: 13174 \| Close file
2018-12-17T23:01:12.747583275Z	79	PC: 1318e \| Find next file
2018-12-17T23:01:12.750615727Z	67	PC: 13118 \| Get or set file attributes
2018-12-17T23:01:12.760811797Z	61	PC: 13120 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:01:12.767223245Z	63	PC: 13132 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:01:12.773926993Z	66	PC: 13142 \| Move file pointer
2018-12-17T23:01:12.783371564Z	64	PC: 1315a \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:01:12.785923057Z	66	PC: 13167 \| Move file pointer
2018-12-17T23:01:12.787185181Z	64	PC: 13170 \| Write file or device (Write 941 bytes on handle 5)
2018-12-17T23:01:12.796224179Z	62	PC: 13174 \| Close file
2018-12-17T23:01:12.804029771Z	79	PC: 1318e \| Find next file
2018-12-17T23:01:12.806760564Z	67	PC: 13118 \| Get or set file attributes
2018-12-17T23:01:12.816241564Z	61	PC: 13120 \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:01:12.822638717Z	63	PC: 13132 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:01:12.828957348Z	66	PC: 13142 \| Move file pointer
2018-12-17T23:01:12.830973616Z	64	PC: 1315a \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:01:12.83352428Z	66	PC: 13167 \| Move file pointer
2018-12-17T23:01:12.834779353Z	64	PC: 13170 \| Write file or device (Write 941 bytes on handle 5)
2018-12-17T23:01:12.843026283Z	62	PC: 13174 \| Close file
2018-12-17T23:01:12.851317156Z	79	PC: 1318e \| Find next file
2018-12-17T23:01:12.853896007Z	67	PC: 13118 \| Get or set file attributes
2018-12-17T23:01:12.86360872Z	61	PC: 13120 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:01:12.87001923Z	63	PC: 13132 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:01:12.876110313Z	66	PC: 13142 \| Move file pointer
2018-12-17T23:01:12.878114268Z	64	PC: 1315a \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:01:12.88057647Z	66	PC: 13167 \| Move file pointer
2018-12-17T23:01:12.881822546Z	64	PC: 13170 \| Write file or device (Write 941 bytes on handle 5)
2018-12-17T23:01:12.889981428Z	62	PC: 13174 \| Close file
2018-12-17T23:01:12.897769202Z	79	PC: 1318e \| Find next file
2018-12-17T23:01:12.900190366Z	67	PC: 13118 \| Get or set file attributes
2018-12-17T23:01:12.910461637Z	61	PC: 13120 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:01:12.916790101Z	63	PC: 13132 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:01:12.922840323Z	66	PC: 13142 \| Move file pointer
2018-12-17T23:01:12.924452373Z	64	PC: 1315a \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:01:12.926885411Z	66	PC: 13167 \| Move file pointer
2018-12-17T23:01:12.928102561Z	64	PC: 13170 \| Write file or device (Write 941 bytes on handle 5)
2018-12-17T23:01:12.936759958Z	62	PC: 13174 \| Close file
2018-12-17T23:01:12.944922703Z	79	PC: 1318e \| Find next file
2018-12-17T23:01:12.947933649Z	67	PC: 13118 \| Get or set file attributes
2018-12-17T23:01:12.957913082Z	61	PC: 13120 \| Open file (Filename = 'PAH.COM')
2018-12-17T23:01:12.964250593Z	63	PC: 13132 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:01:12.970386307Z	66	PC: 13142 \| Move file pointer
2018-12-17T23:01:12.972996556Z	64	PC: 1315a \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:01:12.975504604Z	66	PC: 13167 \| Move file pointer
2018-12-17T23:01:12.976794508Z	64	PC: 13170 \| Write file or device (Write 941 bytes on handle 5)
2018-12-17T23:01:12.989709729Z	62	PC: 13174 \| Close file
2018-12-17T23:01:12.997350873Z	79	PC: 1318e \| Find next file
2018-12-17T23:01:12.999638808Z	74	PC: 12e47 \| Reallocate memory
2018-12-17T23:01:13.001562788Z	72	PC: 12e4f \| Allocate memory
2018-12-17T23:01:13.003474348Z	53	PC: 12e7d \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:01:13.004523856Z	37	PC: 12e8d \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:01:13.006281939Z	53	PC: 12e92 \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T23:01:13.007349377Z	37	PC: 12ead \| Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T23:01:13.00852884Z	53	PC: 12a77 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')