Sample viewer

vx.netlux.org/Virus.DOS.Nigeb.890

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:08:32.072225618Z 255 PC: 12e4f | UNKNOWN!
2018-12-17T23:08:32.073638073Z 74 PC: 12e64 | Reallocate memory
2018-12-17T23:08:32.076150061Z 53 PC: 12a97 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:08:32.077674119Z 53 PC: 12aa3 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T23:08:32.079223464Z 37 PC: 12ab3 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:08:32.081686209Z 37 PC: 12aba | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T23:08:32.083752064Z 53 PC: 12b7e | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:08:32.085536946Z 37 PC: 12b8e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:08:32.087967951Z 61 PC: 12ba2 | Open file (Filename = '')
2018-12-17T23:08:32.092960877Z 63 PC: 12bb2 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:32.095026076Z 62 PC: 12cae | Close file
2018-12-17T23:08:32.097276559Z 37 PC: 12cbd | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:08:32.098417752Z 75 PC: 12ae5 | Execute program
2018-12-17T23:08:32.108557952Z 9 PC: 13306 | Display string (String= 'BCDEF- This is a 1000 byte COM test, 1994 ')
2018-12-17T23:08:32.116294312Z 73 PC: 12aef | Release memory
2018-12-17T23:08:32.11812148Z 49 PC: 12af4 | Terminate and stay resident (Return code = '0' | Memory size = '72')