Sample viewer

vx.netlux.org/Virus.DOS.Switch.855

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:06:34.056849357Z	53	PC: 12ea4 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:06:34.059138551Z	26	PC: 13136 \| Set disk transfer address
2018-12-17T23:06:34.060955316Z	71	PC: 13136 \| Get current directory
2018-12-17T23:06:34.063891887Z	78	PC: 13136 \| Find first file
2018-12-17T23:06:34.07012191Z	44	PC: 13136 \| Get time 0x13136: ret 0x13137: and byte ptr [si + 0x68], dl 0x1313a: and byte ptr gs:[bp + di + 0x57], dl 0x1313e: dec cx 0x1313f: push sp 0x13140: inc bx 0x13141: dec ax 0x13142: and byte ptr [bx + di + 0x73], ch 0x13145: and byte ptr [bx + 0x4e], cl 0x13148: and byte ptr [bx + si], ah 0x1314a: push sp 0x1314b: push 0x2065 0x1314e: inc sp 0x1314f: outsw dx, word ptr [si] 0x13150: arpl word ptr [bx + si], sp 0x13152: sub byte ptr [bp + di + 0x29], ah 0x13155: xor word ptr [bx + di], di 0x13157: cmp word ptr [si], si 0x13159: and byte ptr [bp + di + 0x68], ah 0x1315c: imul bp, word ptr [si + 0x69], 0x73
2018-12-17T23:06:34.073472439Z	79	PC: 13136 \| Find next file
2018-12-17T23:06:34.076060805Z	44	PC: 13136 \| Get time 0x13136: ret 0x13137: and byte ptr [si + 0x68], dl 0x1313a: and byte ptr gs:[bp + di + 0x57], dl 0x1313e: dec cx 0x1313f: push sp 0x13140: inc bx 0x13141: dec ax 0x13142: and byte ptr [bx + di + 0x73], ch 0x13145: and byte ptr [bx + 0x4e], cl 0x13148: and byte ptr [bx + si], ah 0x1314a: push sp 0x1314b: push 0x2065 0x1314e: inc sp 0x1314f: outsw dx, word ptr [si] 0x13150: arpl word ptr [bx + si], sp 0x13152: sub byte ptr [bp + di + 0x29], ah 0x13155: xor word ptr [bx + di], di 0x13157: cmp word ptr [si], si 0x13159: and byte ptr [bp + di + 0x68], ah 0x1315c: imul bp, word ptr [si + 0x69], 0x73
2018-12-17T23:06:34.078256603Z	59	PC: 13136 \| Change current directory
2018-12-17T23:06:34.085803081Z	79	PC: 13136 \| Find next file
2018-12-17T23:06:34.090362893Z	44	PC: 13136 \| Get time 0x13136: ret 0x13137: and byte ptr [si + 0x68], dl 0x1313a: and byte ptr gs:[bp + di + 0x57], dl 0x1313e: dec cx 0x1313f: push sp 0x13140: inc bx 0x13141: dec ax 0x13142: and byte ptr [bx + di + 0x73], ch 0x13145: and byte ptr [bx + 0x4e], cl 0x13148: and byte ptr [bx + si], ah 0x1314a: push sp 0x1314b: push 0x2065 0x1314e: inc sp 0x1314f: outsw dx, word ptr [si] 0x13150: arpl word ptr [bx + si], sp 0x13152: sub byte ptr [bp + di + 0x29], ah 0x13155: xor word ptr [bx + di], di 0x13157: cmp word ptr [si], si 0x13159: and byte ptr [bp + di + 0x68], ah 0x1315c: imul bp, word ptr [si + 0x69], 0x73
2018-12-17T23:06:34.092847544Z	59	PC: 13136 \| Change current directory
2018-12-17T23:06:34.10243518Z	79	PC: 13136 \| Find next file
2018-12-17T23:06:34.105239502Z	44	PC: 13136 \| Get time 0x13136: ret 0x13137: and byte ptr [si + 0x68], dl 0x1313a: and byte ptr gs:[bp + di + 0x57], dl 0x1313e: dec cx 0x1313f: push sp 0x13140: inc bx 0x13141: dec ax 0x13142: and byte ptr [bx + di + 0x73], ch 0x13145: and byte ptr [bx + 0x4e], cl 0x13148: and byte ptr [bx + si], ah 0x1314a: push sp 0x1314b: push 0x2065 0x1314e: inc sp 0x1314f: outsw dx, word ptr [si] 0x13150: arpl word ptr [bx + si], sp 0x13152: sub byte ptr [bp + di + 0x29], ah 0x13155: xor word ptr [bx + di], di 0x13157: cmp word ptr [si], si 0x13159: and byte ptr [bp + di + 0x68], ah 0x1315c: imul bp, word ptr [si + 0x69], 0x73
2018-12-17T23:06:34.107946441Z	59	PC: 13136 \| Change current directory
2018-12-17T23:06:34.114608326Z	79	PC: 13136 \| Find next file
2018-12-17T23:06:34.118071126Z	44	PC: 13136 \| Get time 0x13136: ret 0x13137: and byte ptr [si + 0x68], dl 0x1313a: and byte ptr gs:[bp + di + 0x57], dl 0x1313e: dec cx 0x1313f: push sp 0x13140: inc bx 0x13141: dec ax 0x13142: and byte ptr [bx + di + 0x73], ch 0x13145: and byte ptr [bx + 0x4e], cl 0x13148: and byte ptr [bx + si], ah 0x1314a: push sp 0x1314b: push 0x2065 0x1314e: inc sp 0x1314f: outsw dx, word ptr [si] 0x13150: arpl word ptr [bx + si], sp 0x13152: sub byte ptr [bp + di + 0x29], ah 0x13155: xor word ptr [bx + di], di 0x13157: cmp word ptr [si], si 0x13159: and byte ptr [bp + di + 0x68], ah 0x1315c: imul bp, word ptr [si + 0x69], 0x73
2018-12-17T23:06:34.120743389Z	59	PC: 13136 \| Change current directory
2018-12-17T23:06:34.12801971Z	79	PC: 13136 \| Find next file
2018-12-17T23:06:34.131623555Z	44	PC: 13136 \| Get time 0x13136: ret 0x13137: and byte ptr [si + 0x68], dl 0x1313a: and byte ptr gs:[bp + di + 0x57], dl 0x1313e: dec cx 0x1313f: push sp 0x13140: inc bx 0x13141: dec ax 0x13142: and byte ptr [bx + di + 0x73], ch 0x13145: and byte ptr [bx + 0x4e], cl 0x13148: and byte ptr [bx + si], ah 0x1314a: push sp 0x1314b: push 0x2065 0x1314e: inc sp 0x1314f: outsw dx, word ptr [si] 0x13150: arpl word ptr [bx + si], sp 0x13152: sub byte ptr [bp + di + 0x29], ah 0x13155: xor word ptr [bx + di], di 0x13157: cmp word ptr [si], si 0x13159: and byte ptr [bp + di + 0x68], ah 0x1315c: imul bp, word ptr [si + 0x69], 0x73
2018-12-17T23:06:34.134073971Z	59	PC: 13136 \| Change current directory
2018-12-17T23:06:34.140319674Z	79	PC: 13136 \| Find next file
2018-12-17T23:06:34.144099991Z	44	PC: 13136 \| Get time 0x13136: ret 0x13137: and byte ptr [si + 0x68], dl 0x1313a: and byte ptr gs:[bp + di + 0x57], dl 0x1313e: dec cx 0x1313f: push sp 0x13140: inc bx 0x13141: dec ax 0x13142: and byte ptr [bx + di + 0x73], ch 0x13145: and byte ptr [bx + 0x4e], cl 0x13148: and byte ptr [bx + si], ah 0x1314a: push sp 0x1314b: push 0x2065 0x1314e: inc sp 0x1314f: outsw dx, word ptr [si] 0x13150: arpl word ptr [bx + si], sp 0x13152: sub byte ptr [bp + di + 0x29], ah 0x13155: xor word ptr [bx + di], di 0x13157: cmp word ptr [si], si 0x13159: and byte ptr [bp + di + 0x68], ah 0x1315c: imul bp, word ptr [si + 0x69], 0x73
2018-12-17T23:06:34.146808773Z	59	PC: 13136 \| Change current directory
2018-12-17T23:06:34.153492399Z	79	PC: 13136 \| Find next file
2018-12-17T23:06:34.157151418Z	44	PC: 13136 \| Get time 0x13136: ret 0x13137: and byte ptr [si + 0x68], dl 0x1313a: and byte ptr gs:[bp + di + 0x57], dl 0x1313e: dec cx 0x1313f: push sp 0x13140: inc bx 0x13141: dec ax 0x13142: and byte ptr [bx + di + 0x73], ch 0x13145: and byte ptr [bx + 0x4e], cl 0x13148: and byte ptr [bx + si], ah 0x1314a: push sp 0x1314b: push 0x2065 0x1314e: inc sp 0x1314f: outsw dx, word ptr [si] 0x13150: arpl word ptr [bx + si], sp 0x13152: sub byte ptr [bp + di + 0x29], ah 0x13155: xor word ptr [bx + di], di 0x13157: cmp word ptr [si], si 0x13159: and byte ptr [bp + di + 0x68], ah 0x1315c: imul bp, word ptr [si + 0x69], 0x73
2018-12-17T23:06:34.159873095Z	59	PC: 13136 \| Change current directory
2018-12-17T23:06:34.166320566Z	79	PC: 13136 \| Find next file
2018-12-17T23:06:34.170362696Z	44	PC: 13136 \| Get time 0x13136: ret 0x13137: and byte ptr [si + 0x68], dl 0x1313a: and byte ptr gs:[bp + di + 0x57], dl 0x1313e: dec cx 0x1313f: push sp 0x13140: inc bx 0x13141: dec ax 0x13142: and byte ptr [bx + di + 0x73], ch 0x13145: and byte ptr [bx + 0x4e], cl 0x13148: and byte ptr [bx + si], ah 0x1314a: push sp 0x1314b: push 0x2065 0x1314e: inc sp 0x1314f: outsw dx, word ptr [si] 0x13150: arpl word ptr [bx + si], sp 0x13152: sub byte ptr [bp + di + 0x29], ah 0x13155: xor word ptr [bx + di], di 0x13157: cmp word ptr [si], si 0x13159: and byte ptr [bp + di + 0x68], ah 0x1315c: imul bp, word ptr [si + 0x69], 0x73
2018-12-17T23:06:34.176195401Z	59	PC: 13136 \| Change current directory
2018-12-17T23:06:34.183627584Z	79	PC: 13136 \| Find next file
2018-12-17T23:06:34.187172809Z	78	PC: 13136 \| Find first file
2018-12-17T23:06:34.193682307Z	78	PC: 13136 \| Find first file
2018-12-17T23:06:34.200856806Z	59	PC: 13136 \| Change current directory
2018-12-17T23:06:34.206357106Z	59	PC: 13136 \| Change current directory