Sample viewer

vx.netlux.org/Virus.DOS.Serbu.3322.c

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:08:02.079116636Z 98 PC: 1d02b | Get current PSP
2018-12-17T23:08:02.083943098Z 88 PC: 1d26c | case 0xGet or set allocation strateg:
2018-12-17T23:08:02.086301722Z 88 PC: 1d278 | case 0xGet or set allocation strateg:
2018-12-17T23:08:02.08797684Z 72 PC: 1d27e | Allocate memory
2018-12-17T23:08:02.090385147Z 74 PC: 1d290 | Reallocate memory
2018-12-17T23:08:02.094505702Z 88 PC: 1d278 | case 0xGet or set allocation strateg:
2018-12-17T23:08:02.096218572Z 72 PC: 1d27e | Allocate memory
2018-12-17T23:08:02.09828691Z 88 PC: 1d2ad | case 0xGet or set allocation strateg:
2018-12-17T23:08:02.102247705Z 88 PC: 1d2b2 | case 0xGet or set allocation strateg:
2018-12-17T23:08:02.104008254Z 42 PC: 1dbb9 | Get date 0x1dbb9: sti
0x1dbba: ret
0x1dbbb: cli
0x1dbbc: pushf
0x1dbbd: lcall 0x19:0x44bd
0x1dbc2: sti
0x1dbc3: ret
0x1dbc4: add byte ptr [bp + di], al
0x1dbc6: and byte ptr ds:[bp + si + 0x4c], al
0x1dbcb: sub ax, 0x3339
0x1dbce: xor word ptr [bx + di], si
0x1dbd0: xor ax, 0x3c20
0x1dbd3: cmp al, 0
0x1dbd5: mov dh, bh
0x1dbd7: add dx, si
0x1dbd9: ret 0x962f
0x1dbdc: les dx, ptr [si - 0x6d6c]
0x1dbe0: xchg ax, bp
0x1dbe1: nop
0x1dbe2: fild word ptr [bp + 0x7370]
2018-12-17T23:08:02.123138342Z 48 PC: 18800 | Get DOS version
2018-12-17T23:08:02.125800616Z 74 PC: 18879 | Reallocate memory
2018-12-17T23:08:02.129704334Z 53 PC: 188f7 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:08:02.131710165Z 37 PC: 18909 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:08:02.134411773Z 68 PC: 18999 | I/O control for devices
2018-12-17T23:08:02.136310571Z 68 PC: 18999 | I/O control for devices (Set for = '^�')
2018-12-17T23:08:02.138146703Z 68 PC: 18999 | I/O control for devices (Set for = 'F�@�F��v��')
2018-12-17T23:08:02.141157141Z 68 PC: 18999 | I/O control for devices (Set for = '��� RQ�N���RQ�N��RQ�r��v��')
2018-12-17T23:08:02.142985027Z 68 PC: 18999 | I/O control for devices (Set for = '��� RQ�N���RQ�N��RQ�r��v��')
2018-12-17T23:08:02.14871061Z 56 PC: 18e06 | Get or set country info
2018-12-17T23:08:02.151667998Z 68 PC: 16d11 | I/O control for devices (Set for = '���=�ZҼ߱�(ڭ27��ʺ9U*C�Z �����T���:�z�{$���@� W`y��㨆 p��w�q��. �[Ɍ44R��R�~��')
2018-12-17T23:08:02.153485865Z 68 PC: 16d26 | I/O control for devices (Set for = '*eg?\I8�`�{9U��jl��˝sWkb��bh��+"`g�>�:�e��=��R2h��h�!�܅���N��S"޿DY��ug�y���y��r����0eqUŢm8u1��P���N�~l'��d�N��s�a�+�j����')
2018-12-17T23:08:02.15521232Z 84 PC: 174f7 | Get verify flag
2018-12-17T23:08:02.157093947Z 51 PC: 174ff | Get or set Ctrl-Break
2018-12-17T23:08:02.158799613Z 51 PC: 1750a | Get or set Ctrl-Break
2018-12-17T23:08:02.160172384Z 37 PC: 17514 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:08:02.163646645Z 53 PC: 17046 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:08:02.166981443Z 37 PC: 17056 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:08:02.170324516Z 55 PC: 16d4c | Get or set switch character
2018-12-17T23:08:02.173417741Z 43 PC: 174db | Set date
2018-12-17T23:08:02.177633265Z 61 PC: 9fa71 | Open file (Filename = '�:*O�k')
2018-12-17T23:08:02.186631528Z 61 PC: 9fa71 | Open file (Filename = 'A:/PKZIP.CFG')
2018-12-17T23:08:02.195912965Z 68 PC: 169f5 | I/O control for devices (Set for = '!')
2018-12-17T23:08:02.209691033Z 61 PC: 9fa71 | Open file (Filename = '�LNf��ƚ�juF�D�� �iU�U���t��e���N�P��/���g/!��"w��9>��N�gfW�c�LEg�qOv�����ӷ �ص����A��1M���Y��A3�t���Q]*�?��ˇ9��CB�'��,�a�7�5�CÄ#�9t�4�� ֌_c��p�c���2����Q�ia/��
2018-12-17T23:08:02.218810033Z 227 PC: 16df6 | UNKNOWN!
2018-12-17T23:08:02.221013314Z 96 PC: 16dac | Qualify filename
2018-12-17T23:08:02.228976944Z 64 PC: 17184 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T23:08:02.235578893Z 64 PC: 17184 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T23:08:02.26085285Z 12 PC: 18e06 | Flush input buffer and input