Sample viewer

vx.netlux.org/Virus.DOS.Frodo.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:05:13.254084693Z	48	PC: 12b6a \| Get DOS version
2018-12-17T23:05:13.25579534Z	82	PC: 12b77 \| Get DOS internal pointers (SYSVARS)
2018-12-17T23:05:13.25874672Z	82	PC: 12bc9 \| Get DOS internal pointers (SYSVARS)
2018-12-17T23:05:13.260833835Z	51	PC: 1394a \| Get or set Ctrl-Break
2018-12-17T23:05:13.262212006Z	51	PC: 1394a \| Get or set Ctrl-Break
2018-12-17T23:05:13.265041027Z	75	PC: 1308e \| Execute program
2018-12-17T23:05:13.268660894Z	51	PC: 1394a \| Get or set Ctrl-Break
2018-12-17T23:05:13.27050966Z	51	PC: 1394a \| Get or set Ctrl-Break
2018-12-17T23:05:13.272440461Z	51	PC: 1394a \| Get or set Ctrl-Break
2018-12-17T23:05:13.275073833Z	51	PC: 1394a \| Get or set Ctrl-Break
2018-12-17T23:05:13.276683881Z	74	PC: 12c35 \| Reallocate memory
2018-12-17T23:05:13.279635622Z	51	PC: 1394a \| Get or set Ctrl-Break
2018-12-17T23:05:13.281029263Z	51	PC: 1394a \| Get or set Ctrl-Break
2018-12-17T23:05:13.28254883Z	51	PC: 1394a \| Get or set Ctrl-Break
2018-12-17T23:05:13.284384382Z	74	PC: 12c39 \| Reallocate memory
2018-12-17T23:05:13.287599748Z	51	PC: 1394a \| Get or set Ctrl-Break
2018-12-17T23:05:13.28881336Z	51	PC: 1394a \| Get or set Ctrl-Break
2018-12-17T23:05:13.290300387Z	51	PC: 1394a \| Get or set Ctrl-Break
2018-12-17T23:05:13.292934219Z	74	PC: 12c9d \| Reallocate memory
2018-12-17T23:05:13.295480077Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.296762629Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.299537808Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.301139219Z	9	PC: 12aa2 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')
2018-12-17T23:05:13.30845681Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.311055106Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.312583339Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.316213506Z	77	PC: 11fe0 \| Get program return code
2018-12-17T23:05:13.320334716Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.321769064Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.323595748Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.328775669Z	72	PC: 12174 \| Allocate memory
2018-12-17T23:05:13.332718103Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.337064416Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.338781215Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.343449894Z	72	PC: 1218d \| Allocate memory
2018-12-17T23:05:13.34807911Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.350185331Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.353476439Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.355235377Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T23:05:13.357564326Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.364681891Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.367046077Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.369428407Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:05:13.382307696Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.384024825Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.385745511Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.390555797Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:13.393374257Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.394892632Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.3972048Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.398345735Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.399609212Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.402030986Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.403674326Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.404924667Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.406045074Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.409104207Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.411590262Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.412889134Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.414932577Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.416230428Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.417782126Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.421104644Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.422311253Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.423832333Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.427154661Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.429942012Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.432207843Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.437012889Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.438529221Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.43956071Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.441640902Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.44403797Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.445896054Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.448717299Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.452781873Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.45407798Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.456181496Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.457867105Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.459422731Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.46108691Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.463544261Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.466072415Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.467439446Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.469670702Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.471283044Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.472634466Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.475885088Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.476956533Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.478223726Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.480075758Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.482417933Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.484814961Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.487095189Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.488637369Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.490151156Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.492748089Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.495207985Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.496478103Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.499272739Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.500611106Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.502247273Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.505376006Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.506637418Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.508129905Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.509864867Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.511644634Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.514073711Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.515570977Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.517803365Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.519078233Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.520619551Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.523736443Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.5251817Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.526671231Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.529131377Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.530679238Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.533560927Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.535711311Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.537419604Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.538719178Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.540990549Z	62	PC: 122ab \| Close file
2018-12-17T23:05:13.545120565Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.54619719Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.548368813Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:13.550501494Z	54	PC: 9f49a \| Get free disk space
2018-12-17T23:05:13.59378595Z	67	PC: 9f49a \| Get or set file attributes
2018-12-17T23:05:13.602983797Z	67	PC: 9f49a \| Get or set file attributes
2018-12-17T23:05:13.940816309Z	61	PC: 9f49a \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T23:05:13.950218511Z	67	PC: 9f49a \| Get or set file attributes
2018-12-17T23:05:13.962229267Z	50	PC: 9f49a \| Get disk parameter block for specified drive
2018-12-17T23:05:13.968232336Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.970635925Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.971880846Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.974555746Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.976123194Z	66	PC: 12372 \| Move file pointer
2018-12-17T23:05:13.978633284Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.981304107Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.982841448Z	68	PC: 9f49a \| I/O control for devices (Set for = '�mfyW�Wv W�Wj W� WcW�W�W W5W')
2018-12-17T23:05:13.984630132Z	87	PC: 9f49a \| Get or set file date and time
2018-12-17T23:05:13.987631295Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:13.989231294Z	63	PC: 12383 \| Read file or device (Read 44693 bytes on handle 5)
2018-12-17T23:05:14.006080759Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.008297127Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.010285827Z	81	PC: 9f49a \| Get current PSP
2018-12-17T23:05:14.012730354Z	87	PC: 9f49a \| Get or set file date and time
2018-12-17T23:05:14.015399153Z	66	PC: 9f49a \| Move file pointer
2018-12-17T23:05:14.017115951Z	63	PC: 9f49a \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:05:14.023763922Z	66	PC: 9f49a \| Move file pointer
2018-12-17T23:05:14.026536235Z	63	PC: 9f49a \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:05:14.02970259Z	66	PC: 9f49a \| Move file pointer
2018-12-17T23:05:14.032054413Z	66	PC: 9f49a \| Move file pointer
2018-12-17T23:05:14.034789847Z	64	PC: 9f49a \| Write file or device (Write 28 bytes on handle 5)
2018-12-17T23:05:14.040023979Z	66	PC: 9f49a \| Move file pointer
2018-12-17T23:05:14.0417582Z	64	PC: 9f49a \| Write file or device (Write 4085 bytes on handle 5)
2018-12-17T23:05:14.054464876Z	87	PC: 9f49a \| Get or set file date and time
2018-12-17T23:05:14.056303323Z	62	PC: 9f49a \| Close file
2018-12-17T23:05:14.06438513Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.068292938Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.069407655Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.070874393Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.074284015Z	99	PC: 98fc7 \| Get DBCS lead byte table pointer
2018-12-17T23:05:14.076348127Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.077267886Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.078700981Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.080378125Z	56	PC: 937e9 \| Get or set country info
2018-12-17T23:05:14.083191215Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.085357248Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.086758302Z	68	PC: 9f49a \| I/O control for devices (Set for = ' %1 mm-dd-yy')
2018-12-17T23:05:14.088288309Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.089943282Z	64	PC: 99238 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T23:05:14.095788083Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.096792512Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.098235906Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.100229786Z	25	PC: 93852 \| Get default drive
2018-12-17T23:05:14.102861585Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.104202196Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.106051413Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.10741634Z	71	PC: 95acd \| Get current directory
2018-12-17T23:05:14.112892358Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.115259088Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.117267585Z	68	PC: 9f49a \| I/O control for devices (Set for = 'A:\$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$MS DOS Version 6 (C)Copyright 1981-1994 Microsoft Corp Licensed Material - Property of Microsoft All rights reserved ')
2018-12-17T23:05:14.119149163Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.121510093Z	64	PC: 99238 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T23:05:14.126014313Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.127321491Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.130015267Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.132556837Z	2	PC: 95aa2 \| Character output (Char = '3e')
2018-12-17T23:05:14.137478161Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.140048204Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.141992871Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.143461362Z	93	PC: 93910 \| File sharing functions
2018-12-17T23:05:14.146908825Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.148878329Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.150296045Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.153458211Z	93	PC: 93917 \| File sharing functions
2018-12-17T23:05:14.156332637Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.157755642Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.160028466Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T23:05:14.161713064Z	10	PC: 93929 \| Buffered keyboard input