Sample viewer

vx.netlux.org/Virus.DOS.VCL.Spooky.758

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:02:14.651538295Z	53	PC: 12a5f \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:02:14.653487908Z	37	PC: 12a66 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:02:14.655499628Z	37	PC: 12a6a \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:02:14.657157763Z	25	PC: 12c7d \| Get default drive
2018-12-17T23:02:14.658684201Z	14	PC: 12c82 \| Set default drive (Drive = 'C')
2018-12-17T23:02:14.661093589Z	71	PC: 12c87 \| Get current directory
2018-12-17T23:02:14.664194585Z	26	PC: 12c4e \| Set disk transfer address
2018-12-17T23:02:14.665895571Z	78	PC: 12c44 \| Find first file
2018-12-17T23:02:14.673182934Z	67	PC: 12c5c \| Get or set file attributes
2018-12-17T23:02:15.085040468Z	67	PC: 12c5c \| Get or set file attributes
2018-12-17T23:02:15.095624345Z	79	PC: 12c49 \| Find next file
2018-12-17T23:02:15.099695113Z	59	PC: 12c78 \| Change current directory
2018-12-17T23:02:15.104263077Z	26	PC: 12c56 \| Set disk transfer address
2018-12-17T23:02:15.106231806Z	59	PC: 12c78 \| Change current directory
2018-12-17T23:02:15.111368267Z	59	PC: 12c78 \| Change current directory
2018-12-17T23:02:15.113785358Z	14	PC: 12c82 \| Set default drive (Drive = 'A')
2018-12-17T23:02:15.115664539Z	42	PC: 12c8c \| Get date 0x12c8c: ret 0x12c8d: mov ah, 9 0x12c8f: int 0x21 0x12c91: ret 0x12c92: mov ah, 0 0x12c94: int 0x21 0x12c96: ret 0x12c97: add di, word ptr [bx] 0x12c99: aas 0x12c9a: aas 0x12c9b: aas 0x12c9c: aas 0x12c9d: aas 0x12c9e: aas 0x12c9f: aas 0x12ca0: inc bx 0x12ca1: dec di 0x12ca2: dec bp 0x12ca3: pop es 0x12ca4: add al, 0
2018-12-17T23:02:15.128587761Z	53	PC: 12a5f \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:02:15.130214698Z	37	PC: 12a66 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:02:15.131864848Z	37	PC: 12a6a \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:02:15.134221526Z	25	PC: 12c7d \| Get default drive
2018-12-17T23:02:15.136204252Z	14	PC: 12c82 \| Set default drive (Drive = 'C')
2018-12-17T23:02:15.137655359Z	71	PC: 12c87 \| Get current directory
2018-12-17T23:02:15.140351174Z	26	PC: 12c4e \| Set disk transfer address
2018-12-17T23:02:15.142907076Z	78	PC: 12c44 \| Find first file
2018-12-17T23:02:15.149326207Z	67	PC: 12c5c \| Get or set file attributes
2018-12-17T23:02:15.159395016Z	61	PC: 12c39 \| Open file (Filename = 'COMMAND.COM')
2018-12-17T23:02:15.167533758Z	63	PC: 12bfb \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:02:15.171020279Z	66	PC: 12c0f \| Move file pointer
2018-12-17T23:02:15.173292028Z	64	PC: 12c2f \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:02:15.177899325Z	66	PC: 12c05 \| Move file pointer
2018-12-17T23:02:15.180113775Z	64	PC: 12c2f \| Write file or device (Write 758 bytes on handle 5)
2018-12-17T23:02:15.191184056Z	87	PC: 12c3f \| Get or set file date and time
2018-12-17T23:02:15.194281355Z	62	PC: 12c34 \| Close file
2018-12-17T23:02:15.203479718Z	67	PC: 12c5c \| Get or set file attributes
2018-12-17T23:02:15.221015327Z	79	PC: 12c49 \| Find next file
2018-12-17T23:02:15.224978684Z	59	PC: 12c78 \| Change current directory
2018-12-17T23:02:15.229391234Z	26	PC: 12c56 \| Set disk transfer address
2018-12-17T23:02:15.230741652Z	59	PC: 12c78 \| Change current directory
2018-12-17T23:02:15.235119498Z	59	PC: 12c78 \| Change current directory
2018-12-17T23:02:15.237965225Z	14	PC: 12c82 \| Set default drive (Drive = 'A')
2018-12-17T23:02:15.239458019Z	42	PC: 12c8c \| Get date 0x12c8c: ret 0x12c8d: mov ah, 9 0x12c8f: int 0x21 0x12c91: ret 0x12c92: mov ah, 0 0x12c94: int 0x21 0x12c96: ret 0x12c97: add di, word ptr [bx] 0x12c99: aas 0x12c9a: aas 0x12c9b: aas 0x12c9c: aas 0x12c9d: aas 0x12c9e: aas 0x12c9f: aas 0x12ca0: inc bx 0x12ca1: dec di 0x12ca2: dec bp 0x12ca3: pop es 0x12ca4: add al, 0