Sample viewer

vx.netlux.org/Virus.DOS.VCL.Spooky.755

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:01:51.307397622Z	53	PC: 12a5f \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:01:51.30923764Z	37	PC: 12a66 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:01:51.312461022Z	37	PC: 12a6a \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:01:51.314488797Z	25	PC: 12c7d \| Get default drive
2018-12-17T23:01:51.316082765Z	14	PC: 12c82 \| Set default drive (Drive = 'C')
2018-12-17T23:01:51.31805907Z	71	PC: 12c87 \| Get current directory
2018-12-17T23:01:51.321500394Z	26	PC: 12c4e \| Set disk transfer address
2018-12-17T23:01:51.323009709Z	78	PC: 12c44 \| Find first file
2018-12-17T23:01:51.329338774Z	67	PC: 12c5c \| Get or set file attributes
2018-12-17T23:01:51.668797903Z	67	PC: 12c5c \| Get or set file attributes
2018-12-17T23:01:51.67983622Z	79	PC: 12c49 \| Find next file
2018-12-17T23:01:51.683449716Z	59	PC: 12c78 \| Change current directory
2018-12-17T23:01:51.689470775Z	26	PC: 12c56 \| Set disk transfer address
2018-12-17T23:01:51.692331215Z	59	PC: 12c78 \| Change current directory
2018-12-17T23:01:51.696747169Z	59	PC: 12c78 \| Change current directory
2018-12-17T23:01:51.701606815Z	14	PC: 12c82 \| Set default drive (Drive = 'A')
2018-12-17T23:01:51.706531815Z	42	PC: 12c8c \| Get date 0x12c8c: ret 0x12c8d: mov ah, 9 0x12c8f: int 0x21 0x12c91: ret 0x12c92: mov ah, 0 0x12c94: int 0x21 0x12c96: ret 0x12c97: add di, word ptr [bx] 0x12c99: aas 0x12c9a: aas 0x12c9b: aas 0x12c9c: aas 0x12c9d: aas 0x12c9e: aas 0x12c9f: aas 0x12ca0: inc bx 0x12ca1: dec di 0x12ca2: dec bp 0x12ca3: pop es 0x12ca4: add al, 0
2018-12-17T23:01:51.763139195Z	53	PC: 12a5f \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:01:51.766634087Z	37	PC: 12a66 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:01:51.768367036Z	37	PC: 12a6a \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:01:51.7703036Z	25	PC: 12c7d \| Get default drive
2018-12-17T23:01:51.772450014Z	14	PC: 12c82 \| Set default drive (Drive = 'C')
2018-12-17T23:01:51.780136515Z	71	PC: 12c87 \| Get current directory
2018-12-17T23:01:51.783141538Z	26	PC: 12c4e \| Set disk transfer address
2018-12-17T23:01:51.784644809Z	78	PC: 12c44 \| Find first file
2018-12-17T23:01:51.79236561Z	67	PC: 12c5c \| Get or set file attributes
2018-12-17T23:01:51.803592531Z	61	PC: 12c39 \| Open file (Filename = 'COMMAND.COM')
2018-12-17T23:01:51.811105564Z	63	PC: 12bfb \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:01:51.815242861Z	66	PC: 12c0f \| Move file pointer
2018-12-17T23:01:51.817214832Z	64	PC: 12c2f \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:01:51.821261876Z	66	PC: 12c05 \| Move file pointer
2018-12-17T23:01:51.824231013Z	64	PC: 12c2f \| Write file or device (Write 755 bytes on handle 5)
2018-12-17T23:01:51.835800474Z	87	PC: 12c3f \| Get or set file date and time
2018-12-17T23:01:51.838286771Z	62	PC: 12c34 \| Close file
2018-12-17T23:01:51.854070663Z	67	PC: 12c5c \| Get or set file attributes
2018-12-17T23:01:51.864402623Z	79	PC: 12c49 \| Find next file
2018-12-17T23:01:51.867624834Z	59	PC: 12c78 \| Change current directory
2018-12-17T23:01:51.872498299Z	26	PC: 12c56 \| Set disk transfer address
2018-12-17T23:01:51.874197684Z	59	PC: 12c78 \| Change current directory
2018-12-17T23:01:51.878664803Z	59	PC: 12c78 \| Change current directory
2018-12-17T23:01:51.881265796Z	14	PC: 12c82 \| Set default drive (Drive = 'A')
2018-12-17T23:01:51.883273303Z	42	PC: 12c8c \| Get date 0x12c8c: ret 0x12c8d: mov ah, 9 0x12c8f: int 0x21 0x12c91: ret 0x12c92: mov ah, 0 0x12c94: int 0x21 0x12c96: ret 0x12c97: add di, word ptr [bx] 0x12c99: aas 0x12c9a: aas 0x12c9b: aas 0x12c9c: aas 0x12c9d: aas 0x12c9e: aas 0x12c9f: aas 0x12ca0: inc bx 0x12ca1: dec di 0x12ca2: dec bp 0x12ca3: pop es 0x12ca4: add al, 0