Sample viewer

vx.netlux.org/Virus.DOS.Tongji.1535

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:02:23.246577647Z	239	PC: 1966c \| UNKNOWN!
2018-12-17T23:02:23.248927373Z	81	PC: 1968a \| Get current PSP
2018-12-17T23:02:23.250452015Z	81	PC: 196d8 \| Get current PSP
2018-12-17T23:02:23.255358848Z	75	PC: 18b31 \| Execute program
2018-12-17T23:02:23.258629923Z	82	PC: 18b3a \| Get DOS internal pointers (SYSVARS)
2018-12-17T23:02:23.260459542Z	53	PC: 18b4c \| Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:02:23.262700792Z	53	PC: 18b53 \| Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T23:02:23.264758495Z	37	PC: 18b64 \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:02:23.268907626Z	37	PC: 18b8c \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:02:23.930867962Z	81	PC: 18308 \| Get current PSP
2018-12-17T23:02:23.933794063Z	75	PC: 1775a \| Execute program
2018-12-17T23:02:23.936099895Z	82	PC: 17763 \| Get DOS internal pointers (SYSVARS)
2018-12-17T23:02:23.937370499Z	53	PC: 17775 \| Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:02:23.939203775Z	53	PC: 1777c \| Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T23:02:23.941688262Z	37	PC: 1778d \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:02:23.94571971Z	37	PC: 177b5 \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:02:23.947846691Z	61	PC: 178c2 \| Open file (Filename = '')
2018-12-17T23:02:23.956788518Z	66	PC: 17679 \| Move file pointer
2018-12-17T23:02:23.958395184Z	63	PC: 17679 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:02:23.961306732Z	62	PC: 17679 \| Close file
2018-12-17T23:02:23.965112609Z	81	PC: 16f28 \| Get current PSP
2018-12-17T23:02:23.966428706Z	48	PC: 13dd0 \| Get DOS version
2018-12-17T23:02:23.967928271Z	74	PC: 13e45 \| Reallocate memory
2018-12-17T23:02:23.970827724Z	48	PC: 14da8 \| Get DOS version
2018-12-17T23:02:23.974118154Z	53	PC: 13ebb \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:23.97605614Z	37	PC: 13ecd \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:23.978026846Z	68	PC: 13f62 \| I/O control for devices (Set for = '')
2018-12-17T23:02:23.981113466Z	68	PC: 13f62 \| I/O control for devices
2018-12-17T23:02:23.982849227Z	68	PC: 13f62 \| I/O control for devices
2018-12-17T23:02:23.984584563Z	68	PC: 13f62 \| I/O control for devices
2018-12-17T23:02:23.98766453Z	68	PC: 13f62 \| I/O control for devices
2018-12-17T23:02:23.990507618Z	64	PC: 144f4 \| Write file or device (Write 28 bytes on handle 1)
2018-12-17T23:02:23.993914275Z	37	PC: 1401c \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:02:23.995334719Z	76	PC: 14001 \| Terminate with return code (Return code = '1')