Sample viewer

vx.netlux.org/Virus.DOS.KOV.941

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:02:52.490041182Z	47	PC: 12e50 \| Get disk transfer address
2018-12-17T23:02:52.491815102Z	71	PC: 9f730 \| Get current directory
2018-12-17T23:02:52.494609015Z	26	PC: 9f737 \| Set disk transfer address
2018-12-17T23:02:52.495648557Z	59	PC: 9f754 \| Change current directory
2018-12-17T23:02:52.499998846Z	53	PC: 9f759 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:02:52.501176678Z	37	PC: 9f762 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:02:52.50290398Z	78	PC: 9f76c \| Find first file
2018-12-17T23:02:52.509008353Z	79	PC: 9f76c \| Find next file
2018-12-17T23:02:52.520888779Z	79	PC: 9f76c \| Find next file
2018-12-17T23:02:52.523695166Z	79	PC: 9f76c \| Find next file
2018-12-17T23:02:52.526496225Z	79	PC: 9f76c \| Find next file
2018-12-17T23:02:52.531177584Z	79	PC: 9f76c \| Find next file
2018-12-17T23:02:52.534487215Z	79	PC: 9f76c \| Find next file
2018-12-17T23:02:52.544777322Z	79	PC: 9f76c \| Find next file
2018-12-17T23:02:52.55596555Z	79	PC: 9f76c \| Find next file
2018-12-17T23:02:52.558805198Z	67	PC: 9fa27 \| Get or set file attributes
2018-12-17T23:02:52.565556572Z	67	PC: 9fa27 \| Get or set file attributes
2018-12-17T23:02:52.584175429Z	61	PC: 9fa27 \| Open file (Filename = '�N�O��I�!��')
2018-12-17T23:02:52.590900655Z	87	PC: 9fa27 \| Get or set file date and time
2018-12-17T23:02:52.59249197Z	63	PC: 9f8dd \| Read file or device (Read 102 bytes on handle 5)
2018-12-17T23:02:52.596328089Z	66	PC: 9fa1e \| Move file pointer
2018-12-17T23:02:52.598033915Z	64	PC: 9fa27 \| Write file or device (Write 941 bytes on handle 5)
2018-12-17T23:02:52.606660136Z	66	PC: 9fa1e \| Move file pointer
2018-12-17T23:02:52.608804195Z	64	PC: 9fa27 \| Write file or device (Write 28 bytes on handle 5)
2018-12-17T23:02:52.626011941Z	87	PC: 9fa27 \| Get or set file date and time
2018-12-17T23:02:52.627516442Z	62	PC: 9fa27 \| Close file
2018-12-17T23:02:52.633666748Z	67	PC: 9fa27 \| Get or set file attributes
2018-12-17T23:02:52.647899607Z	79	PC: 9f76c \| Find next file
2018-12-17T23:02:52.650317901Z	78	PC: 9f799 \| Find first file
2018-12-17T23:02:52.656811707Z	79	PC: 9f7a2 \| Find next file
2018-12-17T23:02:52.660086699Z	79	PC: 9f7a2 \| Find next file
2018-12-17T23:02:52.664640122Z	79	PC: 9f7a2 \| Find next file
2018-12-17T23:02:52.667475201Z	79	PC: 9f7a2 \| Find next file
2018-12-17T23:02:52.671409036Z	79	PC: 9f7a2 \| Find next file
2018-12-17T23:02:52.674178366Z	79	PC: 9f7a2 \| Find next file
2018-12-17T23:02:52.676929037Z	79	PC: 9f7a2 \| Find next file
2018-12-17T23:02:52.680634258Z	79	PC: 9f7a2 \| Find next file
2018-12-17T23:02:52.683382851Z	79	PC: 9f7a2 \| Find next file
2018-12-17T23:02:52.685914284Z	37	PC: 9f7eb \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:02:52.690509965Z	59	PC: 9f7f4 \| Change current directory
2018-12-17T23:02:52.693457203Z	26	PC: 12e68 \| Set disk transfer address
2018-12-17T23:02:52.69448339Z	76	PC: 12b81 \| Terminate with return code (Return code = '0')