Sample viewer

vx.netlux.org/Virus.DOS.DSCE.MD.2941

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:02:57.070745875Z	98	PC: 12cfc \| Get current PSP
2018-12-17T22:02:57.072033311Z	57	PC: 12d1b \| Create subdirectory
2018-12-17T22:02:57.418612713Z	75	PC: 12d1e \| Execute program
2018-12-17T22:02:57.421414321Z	53	PC: 12b4e \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:02:57.423031038Z	37	PC: 12b5e \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:02:57.425906471Z	74	PC: 12b06 \| Reallocate memory
2018-12-17T22:02:57.427121511Z	61	PC: 12c11 \| Open file (Filename = '-�O�S�W�}��G�3��')
2018-12-17T22:02:57.431798936Z	87	PC: 12c1b \| Get or set file date and time
2018-12-17T22:02:57.433823064Z	63	PC: 12c33 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:02:57.435941057Z	66	PC: 12c55 \| Move file pointer
2018-12-17T22:02:57.437117721Z	63	PC: 12c5f \| Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:02:57.439415679Z	62	PC: 12c7f \| Close file
2018-12-17T22:02:57.440695854Z	67	PC: 12c8e \| Get or set file attributes
2018-12-17T22:02:57.444401107Z	67	PC: 12c9c \| Get or set file attributes
2018-12-17T22:02:57.458926771Z	61	PC: 12ca1 \| Open file (Filename = '-�O�S�W�}��G�3��')
2018-12-17T22:02:57.463840848Z	53	PC: 12cac \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:02:57.465059212Z	37	PC: 12cbc \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:02:57.466991097Z	66	PC: 12d90 \| Move file pointer
2018-12-17T22:02:57.468152226Z	66	PC: 12dc8 \| Move file pointer
2018-12-17T22:02:57.499286996Z	64	PC: 12de9 \| Write file or device (Write 3511 bytes on handle 5)
2018-12-17T22:02:57.509946037Z	66	PC: 12e13 \| Move file pointer
2018-12-17T22:02:57.512049589Z	64	PC: 12e1c \| Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:02:57.515132017Z	87	PC: 12d6c \| Get or set file date and time
2018-12-17T22:02:57.517647947Z	62	PC: 12cc4 \| Close file
2018-12-17T22:02:57.525969554Z	37	PC: 12cd3 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:02:57.527633487Z	67	PC: 12ce9 \| Get or set file attributes
2018-12-17T22:02:57.53797794Z	75	PC: 12b33 \| Execute program