Sample viewer

vx.netlux.org/Virus.DOS.Companion.AIH.823

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:05:43.358686348Z 74 PC: 12a49 | Reallocate memory
2018-12-17T23:05:43.36098235Z 84 PC: 12a69 | Get verify flag
2018-12-17T23:05:43.362441043Z 61 PC: 12a7c | Open file (Filename = 'A:\TEST.COM')
2018-12-17T23:05:43.369313806Z 63 PC: 12a8a | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T23:05:43.376814173Z 62 PC: 12a91 | Close file
2018-12-17T23:05:43.37883625Z 53 PC: 12a97 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:05:43.380206293Z 37 PC: 12aa7 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:05:43.382518711Z 61 PC: 12b49 | Open file (Filename = 'A:\TEST.COM')
2018-12-17T23:05:43.40341165Z 62 PC: 12b51 | Close file
2018-12-17T23:05:43.404992314Z 75 PC: 12ad7 | Execute program
2018-12-17T23:05:43.412001311Z 73 PC: 12aee | Release memory
2018-12-17T23:05:43.41341715Z 49 PC: 12af5 | Terminate and stay resident (Return code = '125' | Memory size = '92')