Sample viewer

vx.netlux.org/Virus.DOS.PCBB.J4J.833

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:06:43.895296503Z	62	PC: 12a4c \| Close file
2018-12-17T23:06:43.897752169Z	53	PC: 9eff3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:06:43.90007158Z	37	PC: 9f003 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:06:43.903988433Z	77	PC: 11fe0 \| Get program return code
2018-12-17T23:06:43.905777687Z	72	PC: 12174 \| Allocate memory
2018-12-17T23:06:43.90916222Z	72	PC: 1218d \| Allocate memory
2018-12-17T23:06:43.911913983Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T23:06:43.913628246Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:06:43.91712014Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:06:43.922459037Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.926346666Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.928467222Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.931479586Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.934298526Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.936974667Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.939534069Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.941668712Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.943680243Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.946405877Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.948342428Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.950930003Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.953705741Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.955574254Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.957415144Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.960281964Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.962084783Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.963849501Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.967243892Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.969617665Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.971458496Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.973336998Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.975858669Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.978123697Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.980320567Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.9835779Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.986531663Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.988622755Z	62	PC: 122ab \| Close file
2018-12-17T23:06:43.991155486Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:06:43.99350347Z	62	PC: 122ab \| Close file
2018-12-17T23:06:44.00124291Z	99	PC: 995d7 \| Get DBCS lead byte table pointer
2018-12-17T23:06:44.00409423Z	56	PC: 93df9 \| Get or set country info
2018-12-17T23:06:44.006715118Z	64	PC: 99848 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T23:06:44.01194002Z	25	PC: 93e62 \| Get default drive
2018-12-17T23:06:44.014454748Z	71	PC: 960dd \| Get current directory
2018-12-17T23:06:44.01946081Z	64	PC: 99848 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T23:06:44.024111684Z	2	PC: 960b2 \| Character output (Char = '3e')
2018-12-17T23:06:44.028580124Z	93	PC: 93f20 \| File sharing functions
2018-12-17T23:06:44.031514641Z	93	PC: 93f27 \| File sharing functions
2018-12-17T23:06:44.033793084Z	10	PC: 93f39 \| Buffered keyboard input
2018-12-17T23:06:58.856616466Z	0	PC: 0 \| Program terminate
2018-12-17T23:07:00.211134426Z	0	PC: 0 \| Program terminate
2018-12-17T23:07:00.313968064Z	64	PC: 99848 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T23:07:00.320952063Z	41	PC: 93fae \| Parse filename
2018-12-17T23:07:00.322992048Z	41	PC: 9402f \| Parse filename
2018-12-17T23:07:00.325976459Z	41	PC: 9404c \| Parse filename
2018-12-17T23:07:00.329667809Z	26	PC: 974f7 \| Set disk transfer address
2018-12-17T23:07:00.332131109Z	71	PC: 976f3 \| Get current directory
2018-12-17T23:07:00.341060275Z	78	PC: 976fe \| Find first file
2018-12-17T23:07:00.352076525Z	71	PC: 9756c \| Get current directory
2018-12-17T23:07:00.355698534Z	73	PC: 96c09 \| Release memory
2018-12-17T23:07:00.357998497Z	61	PC: 9ef5a \| Open file (Filename = 'A:\PRINT.COM')
2018-12-17T23:07:00.366806035Z	62	PC: 9ef5a \| Close file
2018-12-17T23:07:00.368986243Z	75	PC: 11821 \| Execute program
2018-12-17T23:07:00.384032028Z	9	PC: 12a47 \| Display string (String= 'Hello, World! ')
2018-12-17T23:07:00.390833404Z	76	PC: 12a4b \| Terminate with return code (Return code = '36')
2018-12-17T23:07:00.394953099Z	77	PC: 11fe0 \| Get program return code
2018-12-17T23:07:00.39669332Z	72	PC: 12174 \| Allocate memory
2018-12-17T23:07:00.400078825Z	72	PC: 1218d \| Allocate memory
2018-12-17T23:07:00.403098261Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T23:07:00.404830527Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:07:00.407456654Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:07:00.408947998Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.411068875Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.413366504Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.415996749Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.422018309Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.428343901Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.431380008Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.433291151Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.435482501Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.43849807Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.44054627Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.442868255Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.446034577Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.455112293Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.457166675Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.459936141Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.461654642Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.463373914Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.464946791Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.467389493Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.469117512Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.470896606Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.473311646Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.475176061Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.476947481Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.479402787Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.481144271Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.482990241Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.485789203Z	69	PC: 9ef5a \| Duplicate handle
2018-12-17T23:07:00.487499588Z	62	PC: 122ab \| Close file
2018-12-17T23:07:00.490538461Z	99	PC: 995d7 \| Get DBCS lead byte table pointer
2018-12-17T23:07:00.492542859Z	56	PC: 93df9 \| Get or set country info
2018-12-17T23:07:00.494853883Z	64	PC: 99848 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T23:07:00.499569889Z	25	PC: 93e62 \| Get default drive
2018-12-17T23:07:00.501850447Z	71	PC: 960dd \| Get current directory
2018-12-17T23:07:00.507245459Z	64	PC: 99848 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T23:07:00.511179003Z	2	PC: 960b2 \| Character output (Char = '3e')
2018-12-17T23:07:00.513990579Z	93	PC: 93f20 \| File sharing functions
2018-12-17T23:07:00.517203338Z	93	PC: 93f27 \| File sharing functions
2018-12-17T23:07:00.519235699Z	10	PC: 93f39 \| Buffered keyboard input