Sample viewer

vx.netlux.org/Virus.DOS.Demon3b.5350

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:05:22.519778879Z	51	PC: 173f4 \| Get or set Ctrl-Break
2018-12-17T23:05:22.533726539Z	82	PC: 173fc \| Get DOS internal pointers (SYSVARS)
2018-12-17T23:05:22.535662211Z	65	PC: 17291 \| Delete file (Filename = 'TBDRVXXX')
2018-12-17T23:05:22.543054782Z	47	PC: 9f361 \| Get disk transfer address
2018-12-17T23:05:22.545158981Z	26	PC: 9f44e \| Set disk transfer address
2018-12-17T23:05:22.546345969Z	78	PC: 9f3cb \| Find first file
2018-12-17T23:05:22.552664422Z	67	PC: 9f449 \| Get or set file attributes
2018-12-17T23:05:23.362303004Z	61	PC: 9f440 \| Open file (Filename = 'TEST.EXE')
2018-12-17T23:05:23.369932012Z	63	PC: 9f436 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:23.37356687Z	63	PC: 9f436 \| Read file or device (Read 32 bytes on handle 5)
2018-12-17T23:05:23.377169441Z	66	PC: 9f457 \| Move file pointer
2018-12-17T23:05:23.379770627Z	87	PC: 9f352 \| Get or set file date and time
2018-12-17T23:05:23.382272626Z	62	PC: 9f43b \| Close file
2018-12-17T23:05:23.390335023Z	67	PC: 9f449 \| Get or set file attributes
2018-12-17T23:05:23.3974369Z	26	PC: 9f44e \| Set disk transfer address
2018-12-17T23:05:23.398808006Z	48	PC: 12a4f \| Get DOS version
2018-12-17T23:05:23.400046267Z	74	PC: 12edf \| Reallocate memory
2018-12-17T23:05:23.401992091Z	72	PC: 12eef \| Allocate memory
2018-12-17T23:05:23.403533469Z	72	PC: 12f00 \| Allocate memory
2018-12-17T23:05:23.404975051Z	72	PC: 12f1d \| Allocate memory
2018-12-17T23:05:23.407196358Z	72	PC: 12f1d \| Allocate memory
2018-12-17T23:05:23.410003618Z	25	PC: 14964 \| Get default drive
2018-12-17T23:05:23.411139463Z	71	PC: 14975 \| Get current directory
2018-12-17T23:05:23.414865463Z	55	PC: 15eea \| Get or set switch character
2018-12-17T23:05:23.417239783Z	25	PC: 13f59 \| Get default drive
2018-12-17T23:05:23.419443991Z	59	PC: 13fa9 \| Change current directory
2018-12-17T23:05:23.423394587Z	71	PC: 13ffb \| Get current directory
2018-12-17T23:05:23.427645154Z	26	PC: 136c6 \| Set disk transfer address
2018-12-17T23:05:23.429320544Z	25	PC: 136ca \| Get default drive
2018-12-17T23:05:23.431464701Z	78	PC: 9ecf1 \| Find first file
2018-12-17T23:05:23.43820084Z	47	PC: 9f361 \| Get disk transfer address
2018-12-17T23:05:23.439662987Z	61	PC: 9f440 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:05:23.44712331Z	63	PC: 9f436 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:23.456622493Z	66	PC: 9f400 \| Move file pointer
2018-12-17T23:05:23.458359215Z	62	PC: 9f43b \| Close file
2018-12-17T23:05:23.461092021Z	79	PC: 9ecf1 \| Find next file
2018-12-17T23:05:23.465045109Z	47	PC: 9f361 \| Get disk transfer address
2018-12-17T23:05:23.467027315Z	79	PC: 9ecf1 \| Find next file
2018-12-17T23:05:23.470036773Z	47	PC: 9f361 \| Get disk transfer address
2018-12-17T23:05:23.473582357Z	61	PC: 9f440 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:05:23.481432591Z	63	PC: 9f436 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:23.488655942Z	66	PC: 9f400 \| Move file pointer
2018-12-17T23:05:23.493447486Z	62	PC: 9f43b \| Close file
2018-12-17T23:05:23.496518266Z	79	PC: 9ecf1 \| Find next file
2018-12-17T23:05:23.50009847Z	47	PC: 9f361 \| Get disk transfer address
2018-12-17T23:05:23.502440841Z	61	PC: 9f440 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:05:23.510053829Z	63	PC: 9f436 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:23.517477693Z	66	PC: 9f400 \| Move file pointer
2018-12-17T23:05:23.520693129Z	62	PC: 9f43b \| Close file
2018-12-17T23:05:23.52326839Z	79	PC: 9ecf1 \| Find next file
2018-12-17T23:05:23.526140546Z	47	PC: 9f361 \| Get disk transfer address
2018-12-17T23:05:23.527955465Z	61	PC: 9f440 \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:05:23.536162133Z	63	PC: 9f436 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:23.544109608Z	66	PC: 9f400 \| Move file pointer
2018-12-17T23:05:23.545952011Z	62	PC: 9f43b \| Close file
2018-12-17T23:05:23.548580847Z	79	PC: 9ecf1 \| Find next file
2018-12-17T23:05:23.551859055Z	47	PC: 9f361 \| Get disk transfer address
2018-12-17T23:05:23.553430297Z	61	PC: 9f440 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:05:23.560739995Z	63	PC: 9f436 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:23.567916893Z	66	PC: 9f400 \| Move file pointer
2018-12-17T23:05:23.569550056Z	62	PC: 9f43b \| Close file
2018-12-17T23:05:23.572386356Z	79	PC: 9ecf1 \| Find next file
2018-12-17T23:05:23.575912508Z	47	PC: 9f361 \| Get disk transfer address
2018-12-17T23:05:23.577168087Z	61	PC: 9f440 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:05:23.584893585Z	63	PC: 9f436 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:23.592039994Z	66	PC: 9f400 \| Move file pointer
2018-12-17T23:05:23.593634837Z	62	PC: 9f43b \| Close file
2018-12-17T23:05:23.597393694Z	79	PC: 9ecf1 \| Find next file
2018-12-17T23:05:23.600477699Z	47	PC: 9f361 \| Get disk transfer address
2018-12-17T23:05:23.602316071Z	61	PC: 9f440 \| Open file (Filename = 'PAH.COM')
2018-12-17T23:05:23.611278232Z	63	PC: 9f436 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:23.618593Z	66	PC: 9f400 \| Move file pointer
2018-12-17T23:05:23.6215959Z	62	PC: 9f43b \| Close file
2018-12-17T23:05:23.624587586Z	79	PC: 9ecf1 \| Find next file
2018-12-17T23:05:23.627720553Z	47	PC: 9f361 \| Get disk transfer address
2018-12-17T23:05:23.629089638Z	61	PC: 9f440 \| Open file (Filename = 'TEST.EXE')
2018-12-17T23:05:23.636839527Z	63	PC: 9f436 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:05:23.639891398Z	63	PC: 9f436 \| Read file or device (Read 32 bytes on handle 5)
2018-12-17T23:05:23.642831721Z	66	PC: 9f400 \| Move file pointer
2018-12-17T23:05:23.645671679Z	62	PC: 9f43b \| Close file
2018-12-17T23:05:23.648514478Z	79	PC: 9ecf1 \| Find next file
2018-12-17T23:05:23.652589234Z	26	PC: 161a4 \| Set disk transfer address