Sample viewer

vx.netlux.org/Virus.DOS.VCL.Stalker.858

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:09:31.846843523Z	71	PC: 12ae2 \| Get current directory
2018-12-17T23:09:31.85032693Z	59	PC: 12ae9 \| Change current directory
2018-12-17T23:09:31.856763336Z	47	PC: 12afe \| Get disk transfer address
2018-12-17T23:09:31.858446129Z	26	PC: 12b0c \| Set disk transfer address
2018-12-17T23:09:31.860083346Z	78	PC: 12b16 \| Find first file
2018-12-17T23:09:31.868128236Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:31.871544366Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:31.874531951Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:31.879794231Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:31.883012409Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:31.886233914Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:31.891026331Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:31.894561444Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:31.897844745Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:31.901245667Z	47	PC: 12b6e \| Get disk transfer address
2018-12-17T23:09:31.902953226Z	26	PC: 12b7d \| Set disk transfer address
2018-12-17T23:09:31.904506866Z	78	PC: 12b85 \| Find first file
2018-12-17T23:09:31.911465244Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:31.913760919Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:31.916841007Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:31.919217914Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:31.92344578Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:31.925014008Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:31.928041377Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:31.93061293Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:31.933668944Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:31.935255656Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:31.93965799Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:31.941464084Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:31.94659628Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:31.948366928Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:31.951435885Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:31.95301338Z	61	PC: 12bc0 \| Open file (Filename = 'TEST.COM')
2018-12-17T23:09:31.973970276Z	63	PC: 12bcb \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:09:31.977305354Z	62	PC: 12bcf \| Close file
2018-12-17T23:09:31.97975039Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:31.98327305Z	26	PC: 12b97 \| Set disk transfer address
2018-12-17T23:09:31.985241159Z	47	PC: 12b6e \| Get disk transfer address
2018-12-17T23:09:31.986864289Z	26	PC: 12b7d \| Set disk transfer address
2018-12-17T23:09:31.988442335Z	78	PC: 12b85 \| Find first file
2018-12-17T23:09:31.995443113Z	26	PC: 12b97 \| Set disk transfer address
2018-12-17T23:09:31.996833686Z	26	PC: 12b54 \| Set disk transfer address
2018-12-17T23:09:31.998973788Z	59	PC: 12af3 \| Change current directory
2018-12-17T23:09:32.002114741Z	71	PC: 12ae2 \| Get current directory
2018-12-17T23:09:32.006284709Z	59	PC: 12ae9 \| Change current directory
2018-12-17T23:09:32.011043913Z	47	PC: 12afe \| Get disk transfer address
2018-12-17T23:09:32.013518323Z	26	PC: 12b0c \| Set disk transfer address
2018-12-17T23:09:32.015091771Z	78	PC: 12b16 \| Find first file
2018-12-17T23:09:32.022271734Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.026052711Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.029136787Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.032615054Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.036306351Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.039413301Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.042203875Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.045751843Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.048621046Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.051307505Z	47	PC: 12b6e \| Get disk transfer address
2018-12-17T23:09:32.052568605Z	26	PC: 12b7d \| Set disk transfer address
2018-12-17T23:09:32.054583863Z	78	PC: 12b85 \| Find first file
2018-12-17T23:09:32.061530197Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.063364935Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.067099093Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.06835325Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.071251838Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.073403252Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.076106011Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.077229893Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.081338956Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.082730712Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.085712786Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.087751788Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.090659483Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.092327317Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.100004967Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.102042666Z	61	PC: 12bc0 \| Open file (Filename = 'TEST.COM')
2018-12-17T23:09:32.109324983Z	63	PC: 12bcb \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:09:32.114071393Z	62	PC: 12bcf \| Close file
2018-12-17T23:09:32.116991331Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.120129209Z	26	PC: 12b97 \| Set disk transfer address
2018-12-17T23:09:32.121339604Z	47	PC: 12b6e \| Get disk transfer address
2018-12-17T23:09:32.123268208Z	26	PC: 12b7d \| Set disk transfer address
2018-12-17T23:09:32.124858296Z	78	PC: 12b85 \| Find first file
2018-12-17T23:09:32.131452089Z	26	PC: 12b97 \| Set disk transfer address
2018-12-17T23:09:32.133545584Z	26	PC: 12b54 \| Set disk transfer address
2018-12-17T23:09:32.134788339Z	59	PC: 12af3 \| Change current directory
2018-12-17T23:09:32.136578463Z	71	PC: 12ae2 \| Get current directory
2018-12-17T23:09:32.150092482Z	59	PC: 12ae9 \| Change current directory
2018-12-17T23:09:32.15903065Z	47	PC: 12afe \| Get disk transfer address
2018-12-17T23:09:32.166334157Z	26	PC: 12b0c \| Set disk transfer address
2018-12-17T23:09:32.171158002Z	78	PC: 12b16 \| Find first file
2018-12-17T23:09:32.177456961Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.180045185Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.183025166Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.187197598Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.190182618Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.193132431Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.196270459Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.198941219Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.201544762Z	79	PC: 12b3d \| Find next file
2018-12-17T23:09:32.204575147Z	47	PC: 12b6e \| Get disk transfer address
2018-12-17T23:09:32.205774691Z	26	PC: 12b7d \| Set disk transfer address
2018-12-17T23:09:32.207516966Z	78	PC: 12b85 \| Find first file
2018-12-17T23:09:32.216495209Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.218534983Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.222622195Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.225423499Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.234913846Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.236860634Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.241062882Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.243319463Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.246790637Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.24921872Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.252670838Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.254401261Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.258378576Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.26009958Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.26315363Z	47	PC: 12b9d \| Get disk transfer address
2018-12-17T23:09:32.265054863Z	61	PC: 12bc0 \| Open file (Filename = 'TEST.COM')
2018-12-17T23:09:32.274782585Z	63	PC: 12bcb \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:09:32.2780732Z	62	PC: 12bcf \| Close file
2018-12-17T23:09:32.28062196Z	79	PC: 12b85 \| Find next file
2018-12-17T23:09:32.284959522Z	26	PC: 12b97 \| Set disk transfer address
2018-12-17T23:09:32.286788429Z	47	PC: 12b6e \| Get disk transfer address
2018-12-17T23:09:32.288591258Z	26	PC: 12b7d \| Set disk transfer address
2018-12-17T23:09:32.291252679Z	78	PC: 12b85 \| Find first file
2018-12-17T23:09:32.298349527Z	26	PC: 12b97 \| Set disk transfer address
2018-12-17T23:09:32.300108453Z	26	PC: 12b54 \| Set disk transfer address
2018-12-17T23:09:32.30299057Z	59	PC: 12af3 \| Change current directory
2018-12-17T23:09:32.305549569Z	42	PC: 12c3e \| Get date 0x12c3e: mov al, dl 0x12c40: cwde 0x12c41: ret 0x12c42: mov ah, 0x2c 0x12c44: int 0x21 0x12c46: mov al, dh 0x12c48: cwde 0x12c49: ret 0x12c4a: mov al, byte ptr [0x2de] 0x12c4d: cwde 0x12c4e: ret 0x12c4f: pop cx 0x12c50: outsw dx, word ptr [si] 0x12c51: jne 0x12c73 0x12c53: popaw 0x12c54: jb 0x12cbb 0x12c56: and byte ptr [bp + si + 0x65], ah 0x12c59: imul bp, word ptr [bp + 0x67], 0x7720 0x12c5e: popaw 0x12c5f: je 0x12cc4
2018-12-17T23:09:32.308724666Z	42	PC: 12c3e \| Get date 0x12c3e: mov al, dl 0x12c40: cwde 0x12c41: ret 0x12c42: mov ah, 0x2c 0x12c44: int 0x21 0x12c46: mov al, dh 0x12c48: cwde 0x12c49: ret 0x12c4a: mov al, byte ptr [0x2de] 0x12c4d: cwde 0x12c4e: ret 0x12c4f: pop cx 0x12c50: outsw dx, word ptr [si] 0x12c51: jne 0x12c73 0x12c53: popaw 0x12c54: jb 0x12cbb 0x12c56: and byte ptr [bp + si + 0x65], ah 0x12c59: imul bp, word ptr [bp + 0x67], 0x7720 0x12c5e: popaw 0x12c5f: je 0x12cc4
2018-12-17T23:09:32.312890336Z	42	PC: 12c3e \| Get date 0x12c3e: mov al, dl 0x12c40: cwde 0x12c41: ret 0x12c42: mov ah, 0x2c 0x12c44: int 0x21 0x12c46: mov al, dh 0x12c48: cwde 0x12c49: ret 0x12c4a: mov al, byte ptr [0x2de] 0x12c4d: cwde 0x12c4e: ret 0x12c4f: pop cx 0x12c50: outsw dx, word ptr [si] 0x12c51: jne 0x12c73 0x12c53: popaw 0x12c54: jb 0x12cbb 0x12c56: and byte ptr [bp + si + 0x65], ah 0x12c59: imul bp, word ptr [bp + 0x67], 0x7720 0x12c5e: popaw 0x12c5f: je 0x12cc4
2018-12-17T23:09:32.320013352Z	44	PC: 12c46 \| Get time 0x12c46: mov al, dh 0x12c48: cwde 0x12c49: ret 0x12c4a: mov al, byte ptr [0x2de] 0x12c4d: cwde 0x12c4e: ret 0x12c4f: pop cx 0x12c50: outsw dx, word ptr [si] 0x12c51: jne 0x12c73 0x12c53: popaw 0x12c54: jb 0x12cbb 0x12c56: and byte ptr [bp + si + 0x65], ah 0x12c59: imul bp, word ptr [bp + 0x67], 0x7720 0x12c5e: popaw 0x12c5f: je 0x12cc4 0x12c61: push 0x6465 0x12c64: or ax, 0xa 0x12c6a: pop cx 0x12c6b: outsw dx, word ptr [si] 0x12c6c: jne 0x12c8e
2018-12-17T23:09:32.322974397Z	76	PC: 12ad3 \| Terminate with return code (Return code = '0')