Sample viewer

vx.netlux.org/Virus.DOS.V.1385

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:04:08.654924696Z	53	PC: 12bd9 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:04:08.657225134Z	37	PC: 12be9 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:04:08.659072669Z	53	PC: 12bef \| Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T23:04:08.661288046Z	37	PC: 12c00 \| Set interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T23:04:08.664161401Z	74	PC: 12b9e \| Reallocate memory
2018-12-17T23:04:08.66628216Z	73	PC: 12ba8 \| Release memory
2018-12-17T23:04:08.668260261Z	75	PC: 12c56 \| Execute program
2018-12-17T23:04:08.687629284Z	53	PC: 13c54 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:08.68953069Z	37	PC: 13c66 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:08.691368928Z	47	PC: 13c6b \| Get disk transfer address
2018-12-17T23:04:08.694307295Z	26	PC: 13c82 \| Set disk transfer address
2018-12-17T23:04:08.696090619Z	78	PC: 13b27 \| Find first file
2018-12-17T23:04:08.703296082Z	79	PC: 13b32 \| Find next file
2018-12-17T23:04:08.707055073Z	79	PC: 13b32 \| Find next file
2018-12-17T23:04:08.70955173Z	79	PC: 13b32 \| Find next file
2018-12-17T23:04:08.711758851Z	79	PC: 13b32 \| Find next file
2018-12-17T23:04:08.714842641Z	79	PC: 13b32 \| Find next file
2018-12-17T23:04:08.719055265Z	79	PC: 13b32 \| Find next file
2018-12-17T23:04:08.722016806Z	79	PC: 13b32 \| Find next file
2018-12-17T23:04:08.728540958Z	67	PC: 13b8c \| Get or set file attributes
2018-12-17T23:04:08.74311394Z	67	PC: 13b9a \| Get or set file attributes
2018-12-17T23:04:08.762228434Z	61	PC: 13ba2 \| Open file (Filename = 'a:\TEST.COM')
2018-12-17T23:04:08.771920605Z	87	PC: 13bac \| Get or set file date and time
2018-12-17T23:04:08.774777178Z	63	PC: 13bcf \| Read file or device (Read 1385 bytes on handle 5)
2018-12-17T23:04:08.783482673Z	66	PC: 13bdf \| Move file pointer
2018-12-17T23:04:08.785567475Z	64	PC: 13bef \| Write file or device (Write 1385 bytes on handle 5)
2018-12-17T23:04:08.797758546Z	66	PC: 13bfd \| Move file pointer
2018-12-17T23:04:08.801032464Z	64	PC: 13c16 \| Write file or device (Write 1385 bytes on handle 5)
2018-12-17T23:04:08.812247289Z	87	PC: 13c26 \| Get or set file date and time
2018-12-17T23:04:08.816701617Z	62	PC: 13c2b \| Close file
2018-12-17T23:04:08.825975962Z	67	PC: 13c41 \| Get or set file attributes
2018-12-17T23:04:08.837688584Z	78	PC: 13b27 \| Find first file
2018-12-17T23:04:08.845130763Z	67	PC: 13b8c \| Get or set file attributes
2018-12-17T23:04:08.851123795Z	67	PC: 13b9a \| Get or set file attributes
2018-12-17T23:04:09.28178336Z	61	PC: 13ba2 \| Open file (Filename = 'c:\COMMAND.COM')
2018-12-17T23:04:09.289818755Z	87	PC: 13bac \| Get or set file date and time
2018-12-17T23:04:09.292395722Z	63	PC: 13bcf \| Read file or device (Read 1385 bytes on handle 5)
2018-12-17T23:04:09.299808014Z	66	PC: 13bdf \| Move file pointer
2018-12-17T23:04:09.30305422Z	64	PC: 13bef \| Write file or device (Write 1385 bytes on handle 5)
2018-12-17T23:04:09.314287269Z	66	PC: 13bfd \| Move file pointer
2018-12-17T23:04:09.316216068Z	64	PC: 13c16 \| Write file or device (Write 1385 bytes on handle 5)
2018-12-17T23:04:09.324556185Z	87	PC: 13c26 \| Get or set file date and time
2018-12-17T23:04:09.327711811Z	62	PC: 13c2b \| Close file
2018-12-17T23:04:09.335709414Z	67	PC: 13c41 \| Get or set file attributes
2018-12-17T23:04:09.345902628Z	37	PC: 13c95 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:09.348629337Z	26	PC: 13ca3 \| Set disk transfer address
2018-12-17T23:04:09.350935645Z	9	PC: 14b06 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')
2018-12-17T23:04:09.357521252Z	49	PC: 12c69 \| Terminate and stay resident (Return code = '0' \| Memory size = '211')