Sample viewer

vx.netlux.org/Virus.DOS.Mururoa.Eldorado-based

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:06:52.894256114Z	102	PC: 12b2e \| Get or set code page
2018-12-17T23:06:52.896797537Z	37	PC: 12b85 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:06:52.900938272Z	77	PC: 11fe0 \| Get program return code
2018-12-17T23:06:52.902331979Z	72	PC: 12174 \| Allocate memory
2018-12-17T23:06:52.904209306Z	72	PC: 1218d \| Allocate memory
2018-12-17T23:06:52.907428009Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T23:06:52.909441801Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:06:52.911659023Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:06:52.913867628Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.915735032Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.918224969Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.919757203Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.921307343Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.924133025Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.926022246Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.927990207Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.930440063Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.932528805Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.934503077Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.93648952Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.93949088Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.941149473Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.942954644Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.945257186Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.946911999Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.94853909Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.952185811Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.957314993Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.959195562Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.961601361Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.963772461Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.966112215Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.983259465Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.985037851Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.98680697Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.994892122Z	62	PC: 122ab \| Close file
2018-12-17T23:06:52.996681098Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:52.998348836Z	62	PC: 122ab \| Close file
2018-12-17T23:06:53.001945438Z	61	PC: 9dce8 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T23:06:53.009592041Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:53.01114523Z	62	PC: 9dce8 \| Close file
2018-12-17T23:06:53.01303025Z	61	PC: 12354 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T23:06:53.020001028Z	66	PC: 12372 \| Move file pointer
2018-12-17T23:06:53.021526205Z	63	PC: 12383 \| Read file or device (Read 44693 bytes on handle 5)
2018-12-17T23:06:53.041405821Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:06:53.043929409Z	62	PC: 1238a \| Close file
2018-12-17T23:06:53.047735808Z	99	PC: 985d7 \| Get DBCS lead byte table pointer
2018-12-17T23:06:53.050259877Z	56	PC: 92df9 \| Get or set country info
2018-12-17T23:06:53.053399676Z	64	PC: 98848 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T23:06:53.058990365Z	25	PC: 92e62 \| Get default drive
2018-12-17T23:06:53.061288849Z	71	PC: 950dd \| Get current directory
2018-12-17T23:06:53.06719378Z	64	PC: 98848 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T23:06:53.071610972Z	2	PC: 950b2 \| Character output (Char = '3e')
2018-12-17T23:06:53.074583007Z	93	PC: 92f20 \| File sharing functions
2018-12-17T23:06:53.07715484Z	93	PC: 92f27 \| File sharing functions
2018-12-17T23:06:53.080544942Z	10	PC: 92f39 \| Buffered keyboard input
2018-12-17T23:07:07.871629051Z	0	PC: 0 \| Program terminate
2018-12-17T23:07:09.22729139Z	0	PC: 0 \| Program terminate
2018-12-17T23:07:09.330132074Z	64	PC: 98848 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T23:07:09.33589303Z	41	PC: 92fae \| Parse filename
2018-12-17T23:07:09.338097585Z	41	PC: 9302f \| Parse filename
2018-12-17T23:07:09.339446352Z	41	PC: 9304c \| Parse filename
2018-12-17T23:07:09.341121334Z	26	PC: 964f7 \| Set disk transfer address
2018-12-17T23:07:09.343948434Z	71	PC: 966f3 \| Get current directory
2018-12-17T23:07:09.349371631Z	78	PC: 9dce8 \| Find first file
2018-12-17T23:07:09.359377212Z	47	PC: 9dce8 \| Get disk transfer address
2018-12-17T23:07:09.361170189Z	71	PC: 9656c \| Get current directory
2018-12-17T23:07:09.363386876Z	73	PC: 95c09 \| Release memory
2018-12-17T23:07:09.365251215Z	61	PC: 9dce8 \| Open file (Filename = 'A:\PRINT.COM')
2018-12-17T23:07:09.370525773Z	63	PC: 9dce8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:07:09.374919Z	66	PC: 9dce8 \| Move file pointer
2018-12-17T23:07:09.376186552Z	63	PC: 9dce8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:07:09.378678083Z	66	PC: 9dce8 \| Move file pointer
2018-12-17T23:07:09.379975048Z	66	PC: 9dce8 \| Move file pointer
2018-12-17T23:07:09.381313122Z	63	PC: 9dce8 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:07:09.384410573Z	66	PC: 9dce8 \| Move file pointer
2018-12-17T23:07:09.385767879Z	66	PC: 9dce8 \| Move file pointer
2018-12-17T23:07:09.386970846Z	64	PC: 9dce8 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:07:09.389189121Z	66	PC: 9dce8 \| Move file pointer
2018-12-17T23:07:09.391700693Z	64	PC: 9dce8 \| Write file or device (Write 2070 bytes on handle 5)
2018-12-17T23:07:09.404522491Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.406007059Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.407818414Z	62	PC: 9dce8 \| Close file
2018-12-17T23:07:09.413757394Z	75	PC: 11821 \| Execute program
2018-12-17T23:07:09.440939133Z	9	PC: 12a47 \| Display string (String= 'Hello, World! ')
2018-12-17T23:07:09.446718696Z	76	PC: 12a4b \| Terminate with return code (Return code = '36')
2018-12-17T23:07:09.450570253Z	77	PC: 11fe0 \| Get program return code
2018-12-17T23:07:09.452383981Z	72	PC: 12174 \| Allocate memory
2018-12-17T23:07:09.456449025Z	72	PC: 1218d \| Allocate memory
2018-12-17T23:07:09.45874443Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T23:07:09.460483421Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:07:09.463000872Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:07:09.465202502Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.467293057Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.470191593Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.472610274Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.474746434Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.476862642Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.480036945Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.482144932Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.485598371Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.48874859Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.490911935Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.493019442Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.49597477Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.498395699Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.500523578Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.50338402Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.505835768Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.50794854Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.510093569Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.513215757Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.515358385Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.517459115Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.520613343Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.522728464Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.524866543Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.527811684Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.530291106Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.532389069Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.535301946Z	87	PC: 9dce8 \| Get or set file date and time
2018-12-17T23:07:09.537711559Z	62	PC: 122ab \| Close file
2018-12-17T23:07:09.542322764Z	99	PC: 985d7 \| Get DBCS lead byte table pointer
2018-12-17T23:07:09.54422851Z	56	PC: 92df9 \| Get or set country info
2018-12-17T23:07:09.547791811Z	64	PC: 98848 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T23:07:09.553259712Z	25	PC: 92e62 \| Get default drive
2018-12-17T23:07:09.555505976Z	71	PC: 950dd \| Get current directory
2018-12-17T23:07:09.561328155Z	64	PC: 98848 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T23:07:09.56535334Z	2	PC: 950b2 \| Character output (Char = '3e')
2018-12-17T23:07:09.568649867Z	93	PC: 92f20 \| File sharing functions
2018-12-17T23:07:09.571858119Z	93	PC: 92f27 \| File sharing functions
2018-12-17T23:07:09.574589916Z	10	PC: 92f39 \| Buffered keyboard input