Sample viewer

vx.netlux.org/Virus.DOS.A2Space.1268

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:06:38.802665855Z 53 PC: 133da | Get interrupt vector (Interrupt = '96' AKA 'Qualify filename')
2018-12-17T23:06:38.80453905Z 37 PC: 137c6 | Set interrupt vector (Interrupt = '96' AKA 'Qualify filename')
2018-12-17T23:06:38.806242452Z 53 PC: 137cb | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:06:38.807700467Z 37 PC: 137dd | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:06:38.809649523Z 53 PC: 137e2 | Get interrupt vector (Interrupt = '23' AKA 'Rename file')
2018-12-17T23:06:38.811173597Z 37 PC: 137f4 | Set interrupt vector (Interrupt = '23' AKA 'Rename file')
2018-12-17T23:06:38.812406757Z 74 PC: 12dd8 | Reallocate memory
2018-12-17T23:06:38.813883408Z 81 PC: 12e7c | Get current PSP
2018-12-17T23:06:38.815596309Z 67 PC: 12b1c | Get or set file attributes
2018-12-17T23:06:38.821757449Z 67 PC: 12b1c | Get or set file attributes
2018-12-17T23:06:38.827411353Z 67 PC: 12b27 | Get or set file attributes
2018-12-17T23:06:39.174663051Z 61 PC: 12b2c | Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T23:06:39.18144886Z 63 PC: 12b45 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:06:39.184174938Z 66 PC: 12b7f | Move file pointer
2018-12-17T23:06:39.186345062Z 66 PC: 12ba7 | Move file pointer
2018-12-17T23:06:39.187817643Z 63 PC: 12bb1 | Read file or device (Read 6 bytes on handle 5)
2018-12-17T23:06:39.190842651Z 66 PC: 12bfd | Move file pointer
2018-12-17T23:06:39.193143611Z 64 PC: 12c07 | Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:06:39.196319358Z 66 PC: 12c1a | Move file pointer
2018-12-17T23:06:39.198871699Z 64 PC: 12c27 | Write file or device (Write 1268 bytes on handle 5)
2018-12-17T23:06:39.209415777Z 62 PC: 12c34 | Close file
2018-12-17T23:06:39.217316467Z 67 PC: 12c3c | Get or set file attributes
2018-12-17T23:06:39.226287333Z 75 PC: 12e0f | Execute program
2018-12-17T23:06:39.233395049Z 77 PC: 12e13 | Get program return code
2018-12-17T23:06:39.234697141Z 49 PC: 12e18 | Terminate and stay resident (Return code = '0' | Memory size = '96')