Sample viewer

vx.netlux.org/Virus.DOS.Dr&dr.1141

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:08:49.125319056Z	61	PC: 200d9 \| Open file (Filename = 'ô3ÿ')
2018-12-17T23:08:49.134092747Z	63	PC: 200f4 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:49.137716158Z	66	PC: 200e2 \| Move file pointer
2018-12-17T23:08:49.139897287Z	66	PC: 200e2 \| Move file pointer
2018-12-17T23:08:49.142797548Z	63	PC: 200f4 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:08:49.146255427Z	62	PC: 2010f \| Close file
2018-12-17T23:08:49.148323103Z	67	PC: 202b7 \| Get or set file attributes
2018-12-17T23:08:49.156155334Z	67	PC: 202c4 \| Get or set file attributes
2018-12-17T23:08:49.503875161Z	61	PC: 200d9 \| Open file (Filename = 'ô3ÿ')
2018-12-17T23:08:49.511036742Z	66	PC: 200e2 \| Move file pointer
2018-12-17T23:08:49.513008598Z	64	PC: 200eb \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:08:49.517341782Z	66	PC: 200e2 \| Move file pointer
2018-12-17T23:08:49.519352912Z	64	PC: 200eb \| Write file or device (Write 1141 bytes on handle 5)
2018-12-17T23:08:49.530785219Z	66	PC: 200e2 \| Move file pointer
2018-12-17T23:08:49.533423237Z	64	PC: 200eb \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:08:49.53678231Z	66	PC: 200e2 \| Move file pointer
2018-12-17T23:08:49.538746933Z	64	PC: 200eb \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:08:49.542936708Z	66	PC: 200e2 \| Move file pointer
2018-12-17T23:08:49.546276195Z	64	PC: 200eb \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:08:49.549602657Z	87	PC: 203c1 \| Get or set file date and time
2018-12-17T23:08:49.556987597Z	87	PC: 203c7 \| Get or set file date and time
2018-12-17T23:08:49.563482384Z	62	PC: 2010f \| Close file
2018-12-17T23:08:49.571563533Z	67	PC: 203de \| Get or set file attributes
2018-12-17T23:08:49.583321652Z	80	PC: 13fb9 \| Set current PSP
2018-12-17T23:08:49.584698911Z	48	PC: 13fbe \| Get DOS version
2018-12-17T23:08:49.587881152Z	101	PC: 14044 \| Get extended country info
2018-12-17T23:08:49.590439611Z	99	PC: 1404a \| Get DBCS lead byte table pointer
2018-12-17T23:08:49.591625369Z	74	PC: 140ac \| Reallocate memory
2018-12-17T23:08:49.592948486Z	25	PC: 140e3 \| Get default drive
2018-12-17T23:08:49.594237519Z	37	PC: 13ba3 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T23:08:49.595807159Z	37	PC: 13baa \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:08:49.597376258Z	37	PC: 13bb1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:08:49.60164976Z	2	PC: 13e6c \| Character output (Char = '0d')
2018-12-17T23:08:49.604208059Z	2	PC: 13e6c \| Character output (Char = '0a')
2018-12-17T23:08:49.607422982Z	2	PC: 13e6c \| Character output (Char = '0d')
2018-12-17T23:08:49.609765013Z	2	PC: 13e6c \| Character output (Char = '0a')
2018-12-17T23:08:49.613985997Z	2	PC: 13e6c \| Character output (Char = '4d')
2018-12-17T23:08:49.616516663Z	2	PC: 13e6c \| Character output (Char = '69')
2018-12-17T23:08:49.618950307Z	2	PC: 13e6c \| Character output (Char = '63')
2018-12-17T23:08:49.623625614Z	2	PC: 13e6c \| Character output (Char = '72')
2018-12-17T23:08:49.626078384Z	2	PC: 13e6c \| Character output (Char = '6f')
2018-12-17T23:08:49.628534571Z	2	PC: 13e6c \| Character output (Char = '73')
2018-12-17T23:08:49.631913161Z	2	PC: 13e6c \| Character output (Char = '6f')
2018-12-17T23:08:49.634554095Z	2	PC: 13e6c \| Character output (Char = '66')
2018-12-17T23:08:49.636601203Z	2	PC: 13e6c \| Character output (Char = '74')
2018-12-17T23:08:49.640030017Z	2	PC: 13e6c \| Character output (Char = '28')
2018-12-17T23:08:49.642444796Z	2	PC: 13e6c \| Character output (Char = '52')
2018-12-17T23:08:49.644977085Z	2	PC: 13e6c \| Character output (Char = '29')
2018-12-17T23:08:49.649605905Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.651472022Z	2	PC: 13e6c \| Character output (Char = '4d')
2018-12-17T23:08:49.65325828Z	2	PC: 13e6c \| Character output (Char = '53')
2018-12-17T23:08:49.656283636Z	2	PC: 13e6c \| Character output (Char = '2d')
2018-12-17T23:08:49.658201049Z	2	PC: 13e6c \| Character output (Char = '44')
2018-12-17T23:08:49.659973501Z	2	PC: 13e6c \| Character output (Char = '4f')
2018-12-17T23:08:49.662421382Z	2	PC: 13e6c \| Character output (Char = '53')
2018-12-17T23:08:49.664225413Z	2	PC: 13e6c \| Character output (Char = '28')
2018-12-17T23:08:49.666583776Z	2	PC: 13e6c \| Character output (Char = '52')
2018-12-17T23:08:49.669051754Z	2	PC: 13e6c \| Character output (Char = '29')
2018-12-17T23:08:49.670887595Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.67278987Z	2	PC: 13e6c \| Character output (Char = '56')
2018-12-17T23:08:49.675579232Z	2	PC: 13e6c \| Character output (Char = '65')
2018-12-17T23:08:49.677798974Z	2	PC: 13e6c \| Character output (Char = '72')
2018-12-17T23:08:49.679820133Z	2	PC: 13e6c \| Character output (Char = '73')
2018-12-17T23:08:49.682853555Z	2	PC: 13e6c \| Character output (Char = '69')
2018-12-17T23:08:49.684570151Z	2	PC: 13e6c \| Character output (Char = '6f')
2018-12-17T23:08:49.686356669Z	2	PC: 13e6c \| Character output (Char = '6e')
2018-12-17T23:08:49.689120794Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.690918002Z	2	PC: 13e6c \| Character output (Char = '36')
2018-12-17T23:08:49.693012228Z	2	PC: 13e6c \| Character output (Char = '2e')
2018-12-17T23:08:49.695752969Z	2	PC: 13e6c \| Character output (Char = '32')
2018-12-17T23:08:49.697956672Z	2	PC: 13e6c \| Character output (Char = '32')
2018-12-17T23:08:49.700821326Z	2	PC: 13e6c \| Character output (Char = '0d')
2018-12-17T23:08:49.703471477Z	2	PC: 13e6c \| Character output (Char = '0a')
2018-12-17T23:08:49.707597071Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.710304449Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.714820327Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.717737059Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.720779407Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.724486665Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.727675609Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.732602479Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.735811951Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.73789673Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.740006335Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.742672756Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.745499068Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.74849036Z	2	PC: 13e6c \| Character output (Char = '28')
2018-12-17T23:08:49.753648124Z	2	PC: 13e6c \| Character output (Char = '43')
2018-12-17T23:08:49.75600297Z	2	PC: 13e6c \| Character output (Char = '29')
2018-12-17T23:08:49.761348207Z	2	PC: 13e6c \| Character output (Char = '43')
2018-12-17T23:08:49.764442303Z	2	PC: 13e6c \| Character output (Char = '6f')
2018-12-17T23:08:49.766878662Z	2	PC: 13e6c \| Character output (Char = '70')
2018-12-17T23:08:49.769499197Z	2	PC: 13e6c \| Character output (Char = '79')
2018-12-17T23:08:49.773248804Z	2	PC: 13e6c \| Character output (Char = '72')
2018-12-17T23:08:49.776429252Z	2	PC: 13e6c \| Character output (Char = '69')
2018-12-17T23:08:49.778812932Z	2	PC: 13e6c \| Character output (Char = '67')
2018-12-17T23:08:49.782327578Z	2	PC: 13e6c \| Character output (Char = '68')
2018-12-17T23:08:49.784596963Z	2	PC: 13e6c \| Character output (Char = '74')
2018-12-17T23:08:49.786830201Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.790019525Z	2	PC: 13e6c \| Character output (Char = '4d')
2018-12-17T23:08:49.792641724Z	2	PC: 13e6c \| Character output (Char = '69')
2018-12-17T23:08:49.795588443Z	2	PC: 13e6c \| Character output (Char = '63')
2018-12-17T23:08:49.798791262Z	2	PC: 13e6c \| Character output (Char = '72')
2018-12-17T23:08:49.801411066Z	2	PC: 13e6c \| Character output (Char = '6f')
2018-12-17T23:08:49.804066717Z	2	PC: 13e6c \| Character output (Char = '73')
2018-12-17T23:08:49.807189306Z	2	PC: 13e6c \| Character output (Char = '6f')
2018-12-17T23:08:49.809744018Z	2	PC: 13e6c \| Character output (Char = '66')
2018-12-17T23:08:49.81221947Z	2	PC: 13e6c \| Character output (Char = '74')
2018-12-17T23:08:49.81544906Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.818640349Z	2	PC: 13e6c \| Character output (Char = '43')
2018-12-17T23:08:49.82097137Z	2	PC: 13e6c \| Character output (Char = '6f')
2018-12-17T23:08:49.823912839Z	2	PC: 13e6c \| Character output (Char = '72')
2018-12-17T23:08:49.826306157Z	2	PC: 13e6c \| Character output (Char = '70')
2018-12-17T23:08:49.828516231Z	2	PC: 13e6c \| Character output (Char = '20')
2018-12-17T23:08:49.832430648Z	2	PC: 13e6c \| Character output (Char = '31')
2018-12-17T23:08:49.835585548Z	2	PC: 13e6c \| Character output (Char = '39')
2018-12-17T23:08:49.837848902Z	2	PC: 13e6c \| Character output (Char = '38')
2018-12-17T23:08:49.840800689Z	2	PC: 13e6c \| Character output (Char = '31')
2018-12-17T23:08:49.842755594Z	2	PC: 13e6c \| Character output (Char = '2d')
2018-12-17T23:08:49.844534237Z	2	PC: 13e6c \| Character output (Char = '31')
2018-12-17T23:08:49.846752255Z	2	PC: 13e6c \| Character output (Char = '39')
2018-12-17T23:08:49.848582375Z	2	PC: 13e6c \| Character output (Char = '39')
2018-12-17T23:08:49.85035639Z	2	PC: 13e6c \| Character output (Char = '34')
2018-12-17T23:08:49.853016961Z	2	PC: 13e6c \| Character output (Char = '2e')
2018-12-17T23:08:49.85489995Z	2	PC: 13e6c \| Character output (Char = '0d')
2018-12-17T23:08:49.856550552Z	2	PC: 13e6c \| Character output (Char = '0a')
2018-12-17T23:08:49.860131743Z	74	PC: 12d4c \| Reallocate memory
2018-12-17T23:08:49.861607416Z	72	PC: 12d8d \| Allocate memory
2018-12-17T23:08:49.863134256Z	72	PC: 12dc5 \| Allocate memory
2018-12-17T23:08:49.865511755Z	72	PC: 12dcd \| Allocate memory