Sample viewer

vx.netlux.org/Virus.DOS.VCL.Spooky.810

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:09:39.691867311Z	53	PC: 12a5f \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:09:39.693812593Z	37	PC: 12a66 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:09:39.696975344Z	37	PC: 12a6a \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:09:39.699501141Z	25	PC: 12c9d \| Get default drive
2018-12-17T23:09:39.701246071Z	14	PC: 12ca2 \| Set default drive (Drive = 'C')
2018-12-17T23:09:39.704262468Z	71	PC: 12ca7 \| Get current directory
2018-12-17T23:09:39.707150967Z	26	PC: 12c6a \| Set disk transfer address
2018-12-17T23:09:39.708455488Z	78	PC: 12c60 \| Find first file
2018-12-17T23:09:39.715678013Z	67	PC: 12c78 \| Get or set file attributes
2018-12-17T23:09:40.385069227Z	67	PC: 12c78 \| Get or set file attributes
2018-12-17T23:09:40.404079162Z	79	PC: 12c65 \| Find next file
2018-12-17T23:09:40.407768581Z	59	PC: 12c98 \| Change current directory
2018-12-17T23:09:40.428958342Z	26	PC: 12c72 \| Set disk transfer address
2018-12-17T23:09:40.431233973Z	59	PC: 12c98 \| Change current directory
2018-12-17T23:09:40.435806617Z	59	PC: 12c98 \| Change current directory
2018-12-17T23:09:40.43945508Z	14	PC: 12ca2 \| Set default drive (Drive = 'A')
2018-12-17T23:09:40.441273657Z	42	PC: 12cac \| Get date 0x12cac: ret 0x12cad: mov ah, 9 0x12caf: int 0x21 0x12cb1: ret 0x12cb2: mov ah, 0 0x12cb4: int 0x21 0x12cb6: ret 0x12cb7: add di, word ptr [bx] 0x12cb9: aas 0x12cba: aas 0x12cbb: aas 0x12cbc: aas 0x12cbd: aas 0x12cbe: aas 0x12cbf: aas 0x12cc0: inc bx 0x12cc1: dec di 0x12cc2: dec bp 0x12cc3: pop es 0x12cc4: add al, 0
2018-12-17T23:09:40.477225183Z	53	PC: 12a5f \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:09:40.479696047Z	37	PC: 12a66 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:09:40.481850312Z	37	PC: 12a6a \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:09:40.483897048Z	25	PC: 12c9d \| Get default drive
2018-12-17T23:09:40.493446067Z	14	PC: 12ca2 \| Set default drive (Drive = 'C')
2018-12-17T23:09:40.495350315Z	71	PC: 12ca7 \| Get current directory
2018-12-17T23:09:40.498468931Z	26	PC: 12c6a \| Set disk transfer address
2018-12-17T23:09:40.501035971Z	78	PC: 12c60 \| Find first file
2018-12-17T23:09:40.508222981Z	67	PC: 12c78 \| Get or set file attributes
2018-12-17T23:09:40.519169917Z	61	PC: 12c55 \| Open file (Filename = 'COMMAND.COM')
2018-12-17T23:09:40.527338578Z	63	PC: 12c17 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T23:09:40.531050228Z	66	PC: 12c2b \| Move file pointer
2018-12-17T23:09:40.532900111Z	64	PC: 12c4b \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:09:40.536130522Z	66	PC: 12c21 \| Move file pointer
2018-12-17T23:09:40.537670946Z	64	PC: 12c4b \| Write file or device (Write 810 bytes on handle 5)
2018-12-17T23:09:40.54912294Z	87	PC: 12c5b \| Get or set file date and time
2018-12-17T23:09:40.55112244Z	62	PC: 12c50 \| Close file
2018-12-17T23:09:40.560467758Z	67	PC: 12c78 \| Get or set file attributes
2018-12-17T23:09:40.588163998Z	79	PC: 12c65 \| Find next file
2018-12-17T23:09:40.591456046Z	59	PC: 12c98 \| Change current directory
2018-12-17T23:09:40.596515523Z	26	PC: 12c72 \| Set disk transfer address
2018-12-17T23:09:40.598187378Z	59	PC: 12c98 \| Change current directory
2018-12-17T23:09:40.603092683Z	59	PC: 12c98 \| Change current directory
2018-12-17T23:09:40.606606838Z	14	PC: 12ca2 \| Set default drive (Drive = 'A')
2018-12-17T23:09:40.608432375Z	42	PC: 12cac \| Get date 0x12cac: ret 0x12cad: mov ah, 9 0x12caf: int 0x21 0x12cb1: ret 0x12cb2: mov ah, 0 0x12cb4: int 0x21 0x12cb6: ret 0x12cb7: add di, word ptr [bx] 0x12cb9: aas 0x12cba: aas 0x12cbb: aas 0x12cbc: aas 0x12cbd: aas 0x12cbe: aas 0x12cbf: aas 0x12cc0: inc bx 0x12cc1: dec di 0x12cc2: dec bp 0x12cc3: pop es 0x12cc4: add al, 0