Sample viewer

vx.netlux.org/Virus.DOS.Born2Loose.1038

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:10:09.348091909Z	53	PC: 1515e \| Get interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-17T23:10:09.353073061Z	65	PC: 15213 \| Delete file (Filename = 'chklist.tav')
2018-12-17T23:10:09.358927636Z	65	PC: 1521e \| Delete file (Filename = 'chklist.cps')
2018-12-17T23:10:09.364534758Z	65	PC: 15229 \| Delete file (Filename = 'chklist.ms')
2018-12-17T23:10:09.371122126Z	53	PC: 15306 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:10:09.372355826Z	37	PC: 15315 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:10:09.373541732Z	47	PC: 154f9 \| Get disk transfer address
2018-12-17T23:10:09.375105922Z	26	PC: 15508 \| Set disk transfer address
2018-12-17T23:10:09.376461232Z	78	PC: 153b2 \| Find first file
2018-12-17T23:10:09.380290079Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.383060435Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.385114611Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.387008955Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.388853423Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.39115677Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.392785109Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.394368184Z	67	PC: 153eb \| Get or set file attributes
2018-12-17T23:10:09.401523002Z	67	PC: 153fb \| Get or set file attributes
2018-12-17T23:10:09.419742958Z	61	PC: 1540a \| Open file (Filename = 'TEST.COM')
2018-12-17T23:10:09.424194022Z	87	PC: 15418 \| Get or set file date and time
2018-12-17T23:10:09.425965823Z	63	PC: 1542a \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:10:09.432287132Z	87	PC: 154bb \| Get or set file date and time
2018-12-17T23:10:09.433623794Z	62	PC: 154bf \| Close file
2018-12-17T23:10:09.440978253Z	67	PC: 154cc \| Get or set file attributes
2018-12-17T23:10:09.450689835Z	78	PC: 153b2 \| Find first file
2018-12-17T23:10:09.456471421Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.460162671Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.462644492Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.465054019Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.468641408Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.471446882Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.474213739Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.477733139Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.480349778Z	78	PC: 153b2 \| Find first file
2018-12-17T23:10:09.489993712Z	79	PC: 153b8 \| Find next file
2018-12-17T23:10:09.494136901Z	67	PC: 153eb \| Get or set file attributes
2018-12-17T23:10:09.500772035Z	67	PC: 153fb \| Get or set file attributes
2018-12-17T23:10:09.857306337Z	61	PC: 1540a \| Open file (Filename = 'C:\DOS\FORMAT.COM')
2018-12-17T23:10:09.864313127Z	87	PC: 15418 \| Get or set file date and time
2018-12-17T23:10:09.866322764Z	63	PC: 1542a \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:10:09.871755572Z	66	PC: 15464 \| Move file pointer
2018-12-17T23:10:09.873207805Z	64	PC: 15487 \| Write file or device (Write 1038 bytes on handle 5)
2018-12-17T23:10:09.88136084Z	66	PC: 15494 \| Move file pointer
2018-12-17T23:10:09.882817447Z	64	PC: 154aa \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:10:09.885638898Z	87	PC: 154bb \| Get or set file date and time
2018-12-17T23:10:09.887805453Z	62	PC: 154bf \| Close file
2018-12-17T23:10:09.894353228Z	67	PC: 154cc \| Get or set file attributes
2018-12-17T23:10:09.905618534Z	26	PC: 151f6 \| Set disk transfer address
2018-12-17T23:10:09.907406879Z	37	PC: 15331 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:10:09.908621505Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=00002710h/0000010000d bytes. ')
2018-12-17T23:10:09.912905082Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')