Sample viewer

vx.netlux.org/Virus.DOS.MadSatan.9849

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:03:39.548053076Z	232	PC: 12a68 \| UNKNOWN!
2018-12-17T23:03:39.550420199Z	53	PC: 12b9e \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:03:39.551929227Z	74	PC: 12b2a \| Reallocate memory
2018-12-17T23:03:39.555283808Z	98	PC: 15042 \| Get current PSP
2018-12-17T23:03:39.556488926Z	26	PC: 1504d \| Set disk transfer address
2018-12-17T23:03:39.558462599Z	78	PC: 15059 \| Find first file
2018-12-17T23:03:39.564375021Z	54	PC: 1502b \| Get free disk space
2018-12-17T23:03:39.566152946Z	98	PC: 15042 \| Get current PSP
2018-12-17T23:03:39.568412076Z	26	PC: 1504d \| Set disk transfer address
2018-12-17T23:03:39.569686063Z	78	PC: 15059 \| Find first file
2018-12-17T23:03:39.575100569Z	67	PC: 14e23 \| Get or set file attributes
2018-12-17T23:03:39.994182399Z	78	PC: 12cc1 \| Find first file
2018-12-17T23:03:40.001045691Z	60	PC: 12cd7 \| Create or truncate file
2018-12-17T23:03:40.012887628Z	62	PC: 12cdd \| Close file
2018-12-17T23:03:40.016470589Z	61	PC: 14e64 \| Open file (Filename = '��:u �;Du��øB�$3�3��!��#�؋�#%')
2018-12-17T23:03:40.023283606Z	63	PC: 14e73 \| Read file or device (Read 24 bytes on handle 5)
2018-12-17T23:03:40.02648547Z	62	PC: 14ea7 \| Close file
2018-12-17T23:03:40.029557679Z	67	PC: 14e32 \| Get or set file attributes
2018-12-17T23:03:40.039643603Z	75	PC: 12b73 \| Execute program
2018-12-17T23:03:40.063470137Z	80	PC: 167a9 \| Set current PSP
2018-12-17T23:03:40.065658604Z	48	PC: 167ae \| Get DOS version
2018-12-17T23:03:40.067981374Z	101	PC: 16834 \| Get extended country info
2018-12-17T23:03:40.069730604Z	99	PC: 1683a \| Get DBCS lead byte table pointer
2018-12-17T23:03:40.071734133Z	74	PC: 1689c \| Reallocate memory
2018-12-17T23:03:40.074270034Z	25	PC: 168d3 \| Get default drive
2018-12-17T23:03:40.076896475Z	37	PC: 16393 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T23:03:40.078712101Z	37	PC: 1639a \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:03:40.081695253Z	37	PC: 163a1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:03:40.085503568Z	2	PC: 1665c \| Character output (Char = '0d')
2018-12-17T23:03:40.08821054Z	2	PC: 1665c \| Character output (Char = '0a')
2018-12-17T23:03:40.093438484Z	2	PC: 1665c \| Character output (Char = '0d')
2018-12-17T23:03:40.096186094Z	2	PC: 1665c \| Character output (Char = '0a')
2018-12-17T23:03:40.100294002Z	2	PC: 1665c \| Character output (Char = '4d')
2018-12-17T23:03:40.104262668Z	2	PC: 1665c \| Character output (Char = '69')
2018-12-17T23:03:40.106822323Z	2	PC: 1665c \| Character output (Char = '63')
2018-12-17T23:03:40.109211919Z	2	PC: 1665c \| Character output (Char = '72')
2018-12-17T23:03:40.11267349Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T23:03:40.115131254Z	2	PC: 1665c \| Character output (Char = '73')
2018-12-17T23:03:40.117580683Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T23:03:40.121168993Z	2	PC: 1665c \| Character output (Char = '66')
2018-12-17T23:03:40.123578105Z	2	PC: 1665c \| Character output (Char = '74')
2018-12-17T23:03:40.125931122Z	2	PC: 1665c \| Character output (Char = '28')
2018-12-17T23:03:40.128475458Z	2	PC: 1665c \| Character output (Char = '52')
2018-12-17T23:03:40.1323516Z	2	PC: 1665c \| Character output (Char = '29')
2018-12-17T23:03:40.134676474Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.136924773Z	2	PC: 1665c \| Character output (Char = '4d')
2018-12-17T23:03:40.14010694Z	2	PC: 1665c \| Character output (Char = '53')
2018-12-17T23:03:40.142641298Z	2	PC: 1665c \| Character output (Char = '2d')
2018-12-17T23:03:40.145478535Z	2	PC: 1665c \| Character output (Char = '44')
2018-12-17T23:03:40.149442773Z	2	PC: 1665c \| Character output (Char = '4f')
2018-12-17T23:03:40.15240728Z	2	PC: 1665c \| Character output (Char = '53')
2018-12-17T23:03:40.155365304Z	2	PC: 1665c \| Character output (Char = '28')
2018-12-17T23:03:40.159081446Z	2	PC: 1665c \| Character output (Char = '52')
2018-12-17T23:03:40.162425426Z	2	PC: 1665c \| Character output (Char = '29')
2018-12-17T23:03:40.164969543Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.168317241Z	2	PC: 1665c \| Character output (Char = '56')
2018-12-17T23:03:40.171345307Z	2	PC: 1665c \| Character output (Char = '65')
2018-12-17T23:03:40.175057751Z	2	PC: 1665c \| Character output (Char = '72')
2018-12-17T23:03:40.177784681Z	2	PC: 1665c \| Character output (Char = '73')
2018-12-17T23:03:40.1815955Z	2	PC: 1665c \| Character output (Char = '69')
2018-12-17T23:03:40.184393303Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T23:03:40.187137766Z	2	PC: 1665c \| Character output (Char = '6e')
2018-12-17T23:03:40.190870128Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.193587349Z	2	PC: 1665c \| Character output (Char = '36')
2018-12-17T23:03:40.196307207Z	2	PC: 1665c \| Character output (Char = '2e')
2018-12-17T23:03:40.199888844Z	2	PC: 1665c \| Character output (Char = '32')
2018-12-17T23:03:40.202942589Z	2	PC: 1665c \| Character output (Char = '32')
2018-12-17T23:03:40.205685248Z	2	PC: 1665c \| Character output (Char = '0d')
2018-12-17T23:03:40.209014041Z	2	PC: 1665c \| Character output (Char = '0a')
2018-12-17T23:03:40.213521651Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.216213726Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.218923774Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.22258962Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.225286002Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.227996402Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.231692896Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.234382856Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.237130616Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.241451554Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.244415299Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.246876309Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.250213558Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.252772181Z	2	PC: 1665c \| Character output (Char = '28')
2018-12-17T23:03:40.255449608Z	2	PC: 1665c \| Character output (Char = '43')
2018-12-17T23:03:40.25792221Z	2	PC: 1665c \| Character output (Char = '29')
2018-12-17T23:03:40.263871511Z	2	PC: 1665c \| Character output (Char = '43')
2018-12-17T23:03:40.266542226Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T23:03:40.269330562Z	2	PC: 1665c \| Character output (Char = '70')
2018-12-17T23:03:40.272698167Z	2	PC: 1665c \| Character output (Char = '79')
2018-12-17T23:03:40.276141775Z	2	PC: 1665c \| Character output (Char = '72')
2018-12-17T23:03:40.27942394Z	2	PC: 1665c \| Character output (Char = '69')
2018-12-17T23:03:40.282461925Z	2	PC: 1665c \| Character output (Char = '67')
2018-12-17T23:03:40.28587198Z	2	PC: 1665c \| Character output (Char = '68')
2018-12-17T23:03:40.288516315Z	2	PC: 1665c \| Character output (Char = '74')
2018-12-17T23:03:40.291255057Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.295233241Z	2	PC: 1665c \| Character output (Char = '4d')
2018-12-17T23:03:40.298151812Z	2	PC: 1665c \| Character output (Char = '69')
2018-12-17T23:03:40.301020218Z	2	PC: 1665c \| Character output (Char = '63')
2018-12-17T23:03:40.304683389Z	2	PC: 1665c \| Character output (Char = '72')
2018-12-17T23:03:40.307908376Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T23:03:40.310852024Z	2	PC: 1665c \| Character output (Char = '73')
2018-12-17T23:03:40.314519072Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T23:03:40.317846372Z	2	PC: 1665c \| Character output (Char = '66')
2018-12-17T23:03:40.320728374Z	2	PC: 1665c \| Character output (Char = '74')
2018-12-17T23:03:40.330860294Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.333835561Z	2	PC: 1665c \| Character output (Char = '43')
2018-12-17T23:03:40.33656683Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T23:03:40.339435556Z	2	PC: 1665c \| Character output (Char = '72')
2018-12-17T23:03:40.34305226Z	2	PC: 1665c \| Character output (Char = '70')
2018-12-17T23:03:40.345782416Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T23:03:40.348476655Z	2	PC: 1665c \| Character output (Char = '31')
2018-12-17T23:03:40.351893924Z	2	PC: 1665c \| Character output (Char = '39')
2018-12-17T23:03:40.354642985Z	2	PC: 1665c \| Character output (Char = '38')
2018-12-17T23:03:40.35730888Z	2	PC: 1665c \| Character output (Char = '31')
2018-12-17T23:03:40.360839793Z	2	PC: 1665c \| Character output (Char = '2d')
2018-12-17T23:03:40.363892375Z	2	PC: 1665c \| Character output (Char = '31')
2018-12-17T23:03:40.366576495Z	2	PC: 1665c \| Character output (Char = '39')
2018-12-17T23:03:40.370117316Z	2	PC: 1665c \| Character output (Char = '39')
2018-12-17T23:03:40.373128791Z	2	PC: 1665c \| Character output (Char = '34')
2018-12-17T23:03:40.375771633Z	2	PC: 1665c \| Character output (Char = '2e')
2018-12-17T23:03:40.378429193Z	2	PC: 1665c \| Character output (Char = '0d')
2018-12-17T23:03:40.381993378Z	2	PC: 1665c \| Character output (Char = '0a')
2018-12-17T23:03:40.386441155Z	74	PC: 1553c \| Reallocate memory
2018-12-17T23:03:40.388362911Z	72	PC: 1557d \| Allocate memory
2018-12-17T23:03:40.391495163Z	72	PC: 155b5 \| Allocate memory
2018-12-17T23:03:40.393726851Z	72	PC: 155bd \| Allocate memory