Sample viewer

vx.netlux.org/Virus.DOS.VFSI.426

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:06:46.882019252Z	26	PC: 12ac2 \| Set disk transfer address
2018-12-17T23:06:46.883707065Z	78	PC: 12acd \| Find first file
2018-12-17T23:06:46.890432308Z	62	PC: 12b8b \| Close file
2018-12-17T23:06:46.892859722Z	44	PC: 12b90 \| Get time 0x12b90: cmp dl, 0x14 0x12b93: jg 0x12be8 0x12b95: mov ax, 0xe07 0x12b98: int 0x10 0x12b9a: mov ax, 0xf00 0x12b9d: int 0x10 0x12b9f: push ax 0x12ba0: xor ax, ax 0x12ba2: int 0x10 0x12ba4: mov cx, 0x1e 0x12ba7: mov dx, 0xa06 0x12baa: mov bl, 0xe 0x12bac: mov bp, 0x1f 0x12baf: mov ah, 2 0x12bb1: int 0x10 0x12bb3: mov si, 0x1e 0x12bb6: sub si, cx 0x12bb8: mov al, byte ptr ds:[bp + si] 0x12bbb: add al, 0x1e 0x12bbd: sub al, 0x1e
2018-12-17T23:06:46.895787376Z	26	PC: 12bf2 \| Set disk transfer address
2018-12-17T23:06:46.89934819Z	26	PC: 12a48 \| Set disk transfer address
2018-12-17T23:06:46.900839914Z	26	PC: 12ac2 \| Set disk transfer address
2018-12-17T23:06:46.902224998Z	78	PC: 12acd \| Find first file
2018-12-17T23:06:46.909662781Z	62	PC: 12b8b \| Close file
2018-12-17T23:06:46.911832169Z	44	PC: 12b90 \| Get time 0x12b90: cmp dl, 0x14 0x12b93: jg 0x12be8 0x12b95: mov ax, 0xe07 0x12b98: int 0x10 0x12b9a: mov ax, 0xf00 0x12b9d: int 0x10 0x12b9f: push ax 0x12ba0: xor ax, ax 0x12ba2: int 0x10 0x12ba4: mov cx, 0x1e 0x12ba7: mov dx, 0xa06 0x12baa: mov bl, 0xe 0x12bac: mov bp, 0x1f 0x12baf: mov ah, 2 0x12bb1: int 0x10 0x12bb3: mov si, 0x1e 0x12bb6: sub si, cx 0x12bb8: mov al, byte ptr ds:[bp + si] 0x12bbb: add al, 0x1e 0x12bbd: sub al, 0x1e
2018-12-17T23:06:46.914802674Z	26	PC: 12bf2 \| Set disk transfer address