Sample viewer

vx.netlux.org/Virus.DOS.Caterpillar.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:06:07.084313033Z	53	PC: 19da6 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:06:07.086575637Z	61	PC: 199f5 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T23:06:07.092721171Z	37	PC: 19a04 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:06:07.093806323Z	66	PC: 19a13 \| Move file pointer
2018-12-17T23:06:07.095996957Z	63	PC: 19a21 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:06:07.099305546Z	62	PC: 19a25 \| Close file
2018-12-17T23:06:07.101466651Z	37	PC: 19a34 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:06:07.103649655Z	61	PC: 19a74 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T23:06:07.110106416Z	63	PC: 19a88 \| Read file or device (Read 12 bytes on handle 5)
2018-12-17T23:06:07.113037631Z	66	PC: 19a91 \| Move file pointer
2018-12-17T23:06:07.115639549Z	64	PC: 19abb \| Write file or device (Write 1586 bytes on handle 5)
2018-12-17T23:06:07.452151226Z	66	PC: 19ac4 \| Move file pointer
2018-12-17T23:06:07.454166334Z	64	PC: 19ad2 \| Write file or device (Write 12 bytes on handle 5)
2018-12-17T23:06:07.45754647Z	62	PC: 19ada \| Close file
2018-12-17T23:06:07.468938327Z	48	PC: 15a2c \| Get DOS version
2018-12-17T23:06:07.470352755Z	74	PC: 15a86 \| Reallocate memory
2018-12-17T23:06:07.471956132Z	48	PC: 15ade \| Get DOS version
2018-12-17T23:06:07.484532715Z	53	PC: 15ae6 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:06:07.486536231Z	37	PC: 15af8 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:06:07.487867751Z	68	PC: 15b7c \| I/O control for devices (Set for = '3Ҋ>U �� >U �P')
2018-12-17T23:06:07.490692796Z	68	PC: 15b7c \| I/O control for devices
2018-12-17T23:06:07.49278662Z	68	PC: 15b7c \| I/O control for devices (Set for = '')
2018-12-17T23:06:07.494763746Z	68	PC: 15b7c \| I/O control for devices (Set for = '')
2018-12-17T23:06:07.497719332Z	68	PC: 15b7c \| I/O control for devices (Set for = '')
2018-12-17T23:06:07.505461294Z	64	PC: 17ba8 \| Write file or device (Write 21 bytes on handle 1)
2018-12-17T23:06:07.511051558Z	37	PC: 15c11 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:06:07.513491582Z	76	PC: 15bfa \| Terminate with return code (Return code = '1')