Sample viewer

vx.netlux.org/Virus.DOS.Australian.AIH.972

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:04:28.930563232Z	84	PC: 1cef4 \| Get verify flag
2018-12-17T23:04:28.955408667Z	48	PC: 18800 \| Get DOS version
2018-12-17T23:04:28.957251389Z	74	PC: 18879 \| Reallocate memory
2018-12-17T23:04:28.960702908Z	53	PC: 188f7 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:04:28.962750996Z	37	PC: 18909 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:04:28.965514395Z	68	PC: 18999 \| I/O control for devices
2018-12-17T23:04:28.96753339Z	68	PC: 18999 \| I/O control for devices (Set for = '^ï¿½')
2018-12-17T23:04:28.969606515Z	68	PC: 18999 \| I/O control for devices (Set for = 'Fï¿½@ï¿½Fï¿½ï¿½vï¿½ï¿½')
2018-12-17T23:04:28.972509047Z	68	PC: 18999 \| I/O control for devices (Set for = 'ï¿½ï¿½ï¿½ RQï¿½Nï¿½ï¿½ï¿½RQï¿½Nï¿½ï¿½RQï¿½rï¿½ï¿½vï¿½ï¿½')
2018-12-17T23:04:28.974124539Z	68	PC: 18999 \| I/O control for devices (Set for = 'ï¿½ï¿½ï¿½ RQï¿½Nï¿½ï¿½ï¿½RQï¿½Nï¿½ï¿½RQï¿½rï¿½ï¿½vï¿½ï¿½')
2018-12-17T23:04:28.979423619Z	56	PC: 18e06 \| Get or set country info
2018-12-17T23:04:28.983637387Z	68	PC: 16d11 \| I/O control for devices (Set for = 'ï¿½ï¿½ï¿½=ï¿½ZÒ¼ß±ï¿½(Ú27ï¿½ï¿½Êº9U*Cï¿½Z ï¿½ï¿½ï¿½ï¿½ï¿½Tï¿½ï¿½ï¿½:ï¿½zï¿½{$ï¿½ï¿½ï¿½@ï¿½W`yï¿½ï¿½ã¨†pï¿½ï¿½wï¿½qï¿½ï¿½. ï¿½[ÉŒ44Rï¿½ï¿½Rï¿½~ï¿½ï¿½')
2018-12-17T23:04:28.985417218Z	68	PC: 16d26 \| I/O control for devices (Set for = '*eg?\I8ï¿½`ï¿½{9Uï¿½ï¿½jlï¿½ï¿½ËsWkbï¿½ï¿½bhï¿½ï¿½+"`gï¿½>ï¿½:ï¿½eï¿½ï¿½=ï¿½ï¿½R2hï¿½ï¿½hï¿½!ï¿½Ü…ï¿½ï¿½ï¿½Nï¿½ï¿½S"Þ¿DYï¿½ï¿½ugï¿½yï¿½ï¿½ï¿½yï¿½ï¿½rï¿½ï¿½ï¿½ï¿½0eqUÅ¢m8u1ï¿½ï¿½Pï¿½ï¿½ï¿½Nï¿½~l'ï¿½ï¿½dï¿½Nï¿½ï¿½sï¿½aï¿½+ï¿½jï¿½ï¿½ï¿½ï¿½')
2018-12-17T23:04:28.987024932Z	84	PC: 174f7 \| Get verify flag
2018-12-17T23:04:28.988832647Z	51	PC: 174ff \| Get or set Ctrl-Break
2018-12-17T23:04:28.990123176Z	51	PC: 1750a \| Get or set Ctrl-Break
2018-12-17T23:04:28.991445058Z	37	PC: 17514 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:04:28.994482826Z	53	PC: 17046 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:29.000277177Z	37	PC: 17056 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:29.002974045Z	55	PC: 16d4c \| Get or set switch character
2018-12-17T23:04:29.006078752Z	43	PC: 174db \| Set date
2018-12-17T23:04:29.009667346Z	61	PC: 18f65 \| Open file (Filename = 'ï¿½:*Oï¿½k')
2018-12-17T23:04:29.01850518Z	61	PC: 18f65 \| Open file (Filename = 'A:/PKZIP.CFG')
2018-12-17T23:04:29.026649565Z	68	PC: 169f5 \| I/O control for devices (Set for = '!')
2018-12-17T23:04:29.041666722Z	61	PC: 17292 \| Open file (Filename = 'ï¿½LNfï¿½ï¿½Æšï¿½juFï¿½Dï¿½ï¿½ ï¿½iUï¿½Uï¿½ï¿½ï¿½tï¿½ï¿½eï¿½ï¿½ï¿½Nï¿½Pï¿½ï¿½/ï¿½ï¿½ï¿½g/!ï¿½ï¿½"wï¿½ï¿½9>ï¿½ï¿½Nï¿½gfWï¿½cï¿½LEgï¿½qOvï¿½ï¿½ï¿½ï¿½ï¿½Ó· ï¿½Øµï¿½ï¿½ï¿½ï¿½Aï¿½ï¿½1Mï¿½ï¿½ï¿½Yï¿½ï¿½A3ï¿½tï¿½ï¿½ï¿½Q]*ï¿½?ï¿½ï¿½Ë‡9ï¿½ï¿½CBï¿½'ï¿½ï¿½,ï¿½aï¿½7ï¿½5ï¿½CÃ„#ï¿½9tï¿½4ï¿½ï¿½ ÖŒ_cï¿½ï¿½pï¿½cï¿½ï¿½ï¿½2ï¿½ï¿½ï¿½ï¿½Qï¿½ia/ï¿½ï¿½
2018-12-17T23:04:29.049750114Z	227	PC: 16df6 \| UNKNOWN!
2018-12-17T23:04:29.051641264Z	96	PC: 16dac \| Qualify filename
2018-12-17T23:04:29.058641013Z	64	PC: 17184 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T23:04:29.065085755Z	64	PC: 17184 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T23:04:29.105174422Z	12	PC: 18e06 \| Flush input buffer and input