Sample viewer

vx.netlux.org/Virus.DOS.Vienna.833.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:02:12.108042694Z 48 PC: 12e59 | Get DOS version
2018-12-17T23:02:12.109849226Z 47 PC: 12e65 | Get disk transfer address
2018-12-17T23:02:12.11088399Z 26 PC: 12e74 | Set disk transfer address
2018-12-17T23:02:12.112059278Z 78 PC: 12ef0 | Find first file
2018-12-17T23:02:12.118102475Z 67 PC: 12f3b | Get or set file attributes
2018-12-17T23:02:12.124147253Z 67 PC: 12f48 | Get or set file attributes
2018-12-17T23:02:12.142407986Z 61 PC: 12f4f | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:02:12.149862709Z 87 PC: 12f5b | Get or set file date and time
2018-12-17T23:02:12.151396864Z 44 PC: 12f65 | Get time 0x12f65: and dl, 3
0x12f68: jne 0x12fd2
0x12f6a: mov ax, 0xe07
0x12f6d: int 0x10
0x12f6f: int 0x10
0x12f71: int 0x10
0x12f73: jmp 0x12f92
0x12f75: mov dx, 0xa
0x12f78: mov cx, 0xffff
0x12f7b: loop 0x12f7b
0x12f7d: dec dx
0x12f7e: or dx, dx
0x12f80: jne 0x12f78
0x12f82: jmp 0x12fcd
0x12f84: add byte ptr [bx + si], al
0x12f86: add byte ptr [bx + si], al
0x12f88: add byte ptr [bx + si], al
0x12f8a: add byte ptr [bx + si], al
0x12f8c: add byte ptr [bx + si], al
0x12f8e: add byte ptr [bx + si], al
2018-12-17T23:02:12.153880957Z 63 PC: 12ff7 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:02:12.161444012Z 66 PC: 13007 | Move file pointer
2018-12-17T23:02:12.163332862Z 64 PC: 1302a | Write file or device (Write 833 bytes on handle 5)
2018-12-17T23:02:12.171417374Z 66 PC: 1303a | Move file pointer
2018-12-17T23:02:12.172627725Z 64 PC: 13048 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:02:12.179395656Z 87 PC: 13067 | Get or set file date and time
2018-12-17T23:02:12.181186045Z 62 PC: 1306b | Close file
2018-12-17T23:02:12.18876488Z 67 PC: 13078 | Get or set file attributes
2018-12-17T23:02:12.20246538Z 26 PC: 13082 | Set disk transfer address
2018-12-17T23:02:12.203967052Z 9 PC: 12e26 | Display string (String= 'Hello - This is a 1000 COM test file, 1993 ')