Sample viewer

vx.netlux.org/Virus.DOS.Vienna.415

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:10:33.113696142Z	25	PC: 1303e \| Get default drive
2018-12-17T23:10:33.115443197Z	14	PC: 1306d \| Set default drive (Drive = 'C')
2018-12-17T23:10:33.116644659Z	26	PC: 13078 \| Set disk transfer address
2018-12-17T23:10:33.117602983Z	78	PC: 13087 \| Find first file
2018-12-17T23:10:33.121444203Z	67	PC: 130e0 \| Get or set file attributes
2018-12-17T23:10:33.127814494Z	67	PC: 130f0 \| Get or set file attributes
2018-12-17T23:10:33.481280511Z	61	PC: 130fa \| Open file (Filename = 'COMMAND.COM')
2018-12-17T23:10:33.490954072Z	87	PC: 13106 \| Get or set file date and time
2018-12-17T23:10:33.493924372Z	63	PC: 13118 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:10:33.49743984Z	66	PC: 1312c \| Move file pointer
2018-12-17T23:10:33.499488002Z	64	PC: 13153 \| Write file or device (Write 415 bytes on handle 5)
2018-12-17T23:10:33.506344225Z	66	PC: 13167 \| Move file pointer
2018-12-17T23:10:33.507499471Z	64	PC: 13175 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:10:33.509647443Z	87	PC: 13186 \| Get or set file date and time
2018-12-17T23:10:33.512908998Z	62	PC: 1318a \| Close file
2018-12-17T23:10:33.52201737Z	67	PC: 13192 \| Get or set file attributes
2018-12-17T23:10:33.525096794Z	26	PC: 13199 \| Set disk transfer address
2018-12-17T23:10:33.527217691Z	14	PC: 131a1 \| Set default drive (Drive = 'A')
2018-12-17T23:10:33.528793322Z	2	PC: 12bae \| Character output (Char = '0d')
2018-12-17T23:10:33.531157157Z	2	PC: 12bae \| Character output (Char = '0a')
2018-12-17T23:10:33.535317061Z	2	PC: 12bae \| Character output (Char = '09')
2018-12-17T23:10:33.539520805Z	2	PC: 12bae \| Character output (Char = '09')
2018-12-17T23:10:33.541871141Z	2	PC: 12bae \| Character output (Char = '49')
2018-12-17T23:10:33.54542392Z	2	PC: 12bae \| Character output (Char = '6e')
2018-12-17T23:10:33.554593324Z	2	PC: 12bae \| Character output (Char = '74')
2018-12-17T23:10:33.556737287Z	2	PC: 12bae \| Character output (Char = '65')
2018-12-17T23:10:33.55893325Z	2	PC: 12bae \| Character output (Char = '6c')
2018-12-17T23:10:33.561774807Z	2	PC: 12bae \| Character output (Char = '6c')
2018-12-17T23:10:33.564130547Z	2	PC: 12bae \| Character output (Char = '69')
2018-12-17T23:10:33.566229182Z	2	PC: 12bae \| Character output (Char = '67')
2018-12-17T23:10:33.568993653Z	2	PC: 12bae \| Character output (Char = '65')
2018-12-17T23:10:33.57066222Z	2	PC: 12bae \| Character output (Char = '6e')
2018-12-17T23:10:33.572297487Z	2	PC: 12bae \| Character output (Char = '74')
2018-12-17T23:10:33.574701604Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.576990071Z	2	PC: 12bae \| Character output (Char = '56')
2018-12-17T23:10:33.579274137Z	2	PC: 12bae \| Character output (Char = '69')
2018-12-17T23:10:33.582268325Z	2	PC: 12bae \| Character output (Char = '72')
2018-12-17T23:10:33.584507601Z	2	PC: 12bae \| Character output (Char = '75')
2018-12-17T23:10:33.58679174Z	2	PC: 12bae \| Character output (Char = '73')
2018-12-17T23:10:33.58923305Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.591601729Z	2	PC: 12bae \| Character output (Char = '42')
2018-12-17T23:10:33.593907386Z	2	PC: 12bae \| Character output (Char = '61')
2018-12-17T23:10:33.596464122Z	2	PC: 12bae \| Character output (Char = '69')
2018-12-17T23:10:33.600654655Z	2	PC: 12bae \| Character output (Char = '74')
2018-12-17T23:10:33.603815318Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.606556535Z	2	PC: 12bae \| Character output (Char = '53')
2018-12-17T23:10:33.609751586Z	2	PC: 12bae \| Character output (Char = '79')
2018-12-17T23:10:33.613914734Z	2	PC: 12bae \| Character output (Char = '73')
2018-12-17T23:10:33.616744317Z	2	PC: 12bae \| Character output (Char = '74')
2018-12-17T23:10:33.619974048Z	2	PC: 12bae \| Character output (Char = '65')
2018-12-17T23:10:33.624434841Z	2	PC: 12bae \| Character output (Char = '6d')
2018-12-17T23:10:33.627163527Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.631047107Z	2	PC: 12bae \| Character output (Char = '28')
2018-12-17T23:10:33.632713477Z	2	PC: 12bae \| Character output (Char = '74')
2018-12-17T23:10:33.634590713Z	2	PC: 12bae \| Character output (Char = '6d')
2018-12-17T23:10:33.636961366Z	2	PC: 12bae \| Character output (Char = '29')
2018-12-17T23:10:33.639145989Z	2	PC: 12bae \| Character output (Char = '2e')
2018-12-17T23:10:33.641568953Z	2	PC: 12bae \| Character output (Char = '0d')
2018-12-17T23:10:33.644554698Z	2	PC: 12bae \| Character output (Char = '0a')
2018-12-17T23:10:33.648988696Z	2	PC: 12bae \| Character output (Char = '09')
2018-12-17T23:10:33.653614427Z	2	PC: 12bae \| Character output (Char = '43')
2018-12-17T23:10:33.656344176Z	2	PC: 12bae \| Character output (Char = '6f')
2018-12-17T23:10:33.658287686Z	2	PC: 12bae \| Character output (Char = '70')
2018-12-17T23:10:33.661497384Z	2	PC: 12bae \| Character output (Char = '79')
2018-12-17T23:10:33.663427979Z	2	PC: 12bae \| Character output (Char = '72')
2018-12-17T23:10:33.665933609Z	2	PC: 12bae \| Character output (Char = '69')
2018-12-17T23:10:33.667868869Z	2	PC: 12bae \| Character output (Char = '67')
2018-12-17T23:10:33.669563018Z	2	PC: 12bae \| Character output (Char = '68')
2018-12-17T23:10:33.671830454Z	2	PC: 12bae \| Character output (Char = '74')
2018-12-17T23:10:33.673549106Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.676260895Z	2	PC: 12bae \| Character output (Char = '28')
2018-12-17T23:10:33.68027871Z	2	PC: 12bae \| Character output (Char = '63')
2018-12-17T23:10:33.682930603Z	2	PC: 12bae \| Character output (Char = '29')
2018-12-17T23:10:33.685363169Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.693023612Z	2	PC: 12bae \| Character output (Char = '43')
2018-12-17T23:10:33.695462312Z	2	PC: 12bae \| Character output (Char = '6f')
2018-12-17T23:10:33.697838481Z	2	PC: 12bae \| Character output (Char = '6d')
2018-12-17T23:10:33.701177125Z	2	PC: 12bae \| Character output (Char = '70')
2018-12-17T23:10:33.703894601Z	2	PC: 12bae \| Character output (Char = '2d')
2018-12-17T23:10:33.706770036Z	2	PC: 12bae \| Character output (Char = '56')
2018-12-17T23:10:33.709842732Z	2	PC: 12bae \| Character output (Char = '49')
2018-12-17T23:10:33.712966269Z	2	PC: 12bae \| Character output (Char = '52')
2018-12-17T23:10:33.715865567Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.718926115Z	2	PC: 12bae \| Character output (Char = '49')
2018-12-17T23:10:33.723052364Z	2	PC: 12bae \| Character output (Char = '6e')
2018-12-17T23:10:33.725974984Z	2	PC: 12bae \| Character output (Char = '63')
2018-12-17T23:10:33.728904881Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.732264341Z	2	PC: 12bae \| Character output (Char = '31')
2018-12-17T23:10:33.734643357Z	2	PC: 12bae \| Character output (Char = '39')
2018-12-17T23:10:33.737126604Z	2	PC: 12bae \| Character output (Char = '39')
2018-12-17T23:10:33.740395492Z	2	PC: 12bae \| Character output (Char = '36')
2018-12-17T23:10:33.74263374Z	2	PC: 12bae \| Character output (Char = '2c')
2018-12-17T23:10:33.745039158Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.748044964Z	2	PC: 12bae \| Character output (Char = '41')
2018-12-17T23:10:33.750776063Z	2	PC: 12bae \| Character output (Char = '6c')
2018-12-17T23:10:33.754076739Z	2	PC: 12bae \| Character output (Char = '6c')
2018-12-17T23:10:33.758645191Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.764003403Z	2	PC: 12bae \| Character output (Char = '72')
2018-12-17T23:10:33.766977232Z	2	PC: 12bae \| Character output (Char = '69')
2018-12-17T23:10:33.770426653Z	2	PC: 12bae \| Character output (Char = '67')
2018-12-17T23:10:33.773580132Z	2	PC: 12bae \| Character output (Char = '68')
2018-12-17T23:10:33.775987594Z	2	PC: 12bae \| Character output (Char = '74')
2018-12-17T23:10:33.77833873Z	2	PC: 12bae \| Character output (Char = '73')
2018-12-17T23:10:33.781179644Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.78388666Z	2	PC: 12bae \| Character output (Char = '72')
2018-12-17T23:10:33.786392929Z	2	PC: 12bae \| Character output (Char = '65')
2018-12-17T23:10:33.789992771Z	2	PC: 12bae \| Character output (Char = '73')
2018-12-17T23:10:33.792446045Z	2	PC: 12bae \| Character output (Char = '65')
2018-12-17T23:10:33.794950625Z	2	PC: 12bae \| Character output (Char = '76')
2018-12-17T23:10:33.798685883Z	2	PC: 12bae \| Character output (Char = '65')
2018-12-17T23:10:33.801253029Z	2	PC: 12bae \| Character output (Char = '72')
2018-12-17T23:10:33.804110853Z	2	PC: 12bae \| Character output (Char = '65')
2018-12-17T23:10:33.807901104Z	2	PC: 12bae \| Character output (Char = '64')
2018-12-17T23:10:33.81059569Z	2	PC: 12bae \| Character output (Char = '21')
2018-12-17T23:10:33.814009697Z	2	PC: 12bae \| Character output (Char = '0d')
2018-12-17T23:10:33.816877448Z	2	PC: 12bae \| Character output (Char = '0a')
2018-12-17T23:10:33.82120713Z	2	PC: 12bae \| Character output (Char = '09')
2018-12-17T23:10:33.825289631Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.827851193Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.831895112Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.835214998Z	2	PC: 12bae \| Character output (Char = '42')
2018-12-17T23:10:33.838764891Z	2	PC: 12bae \| Character output (Char = '61')
2018-12-17T23:10:33.841495863Z	2	PC: 12bae \| Character output (Char = '69')
2018-12-17T23:10:33.848937959Z	2	PC: 12bae \| Character output (Char = '74')
2018-12-17T23:10:33.851505888Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.855265366Z	2	PC: 12bae \| Character output (Char = '66')
2018-12-17T23:10:33.859252703Z	2	PC: 12bae \| Character output (Char = '69')
2018-12-17T23:10:33.862461791Z	2	PC: 12bae \| Character output (Char = '6c')
2018-12-17T23:10:33.866216096Z	2	PC: 12bae \| Character output (Char = '65')
2018-12-17T23:10:33.869845248Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.876733182Z	2	PC: 12bae \| Character output (Char = '23')
2018-12-17T23:10:33.88450361Z	2	PC: 12bae \| Character output (Char = '31')
2018-12-17T23:10:33.886925749Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.889491593Z	2	PC: 12bae \| Character output (Char = '28')
2018-12-17T23:10:33.89266289Z	2	PC: 12bae \| Character output (Char = '2e')
2018-12-17T23:10:33.895155915Z	2	PC: 12bae \| Character output (Char = '43')
2018-12-17T23:10:33.897731524Z	2	PC: 12bae \| Character output (Char = '4f')
2018-12-17T23:10:33.900776786Z	2	PC: 12bae \| Character output (Char = '4d')
2018-12-17T23:10:33.90377125Z	2	PC: 12bae \| Character output (Char = '29')
2018-12-17T23:10:33.906481745Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.90950771Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.912171311Z	2	PC: 12bae \| Character output (Char = '4f')
2018-12-17T23:10:33.914853314Z	2	PC: 12bae \| Character output (Char = '72')
2018-12-17T23:10:33.918524522Z	2	PC: 12bae \| Character output (Char = '67')
2018-12-17T23:10:33.920980746Z	2	PC: 12bae \| Character output (Char = '69')
2018-12-17T23:10:33.923751659Z	2	PC: 12bae \| Character output (Char = '6e')
2018-12-17T23:10:33.927992878Z	2	PC: 12bae \| Character output (Char = '61')
2018-12-17T23:10:33.930747017Z	2	PC: 12bae \| Character output (Char = '6c')
2018-12-17T23:10:33.934658801Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.938870461Z	2	PC: 12bae \| Character output (Char = '73')
2018-12-17T23:10:33.942025432Z	2	PC: 12bae \| Character output (Char = '69')
2018-12-17T23:10:33.944763579Z	2	PC: 12bae \| Character output (Char = '7a')
2018-12-17T23:10:33.948258301Z	2	PC: 12bae \| Character output (Char = '65')
2018-12-17T23:10:33.95147005Z	2	PC: 12bae \| Character output (Char = '3a')
2018-12-17T23:10:33.954224858Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.957425835Z	2	PC: 12bae \| Character output (Char = '31')
2018-12-17T23:10:33.960265027Z	2	PC: 12bae \| Character output (Char = '35')
2018-12-17T23:10:33.964177602Z	2	PC: 12bae \| Character output (Char = '30')
2018-12-17T23:10:33.967640145Z	2	PC: 12bae \| Character output (Char = '30')
2018-12-17T23:10:33.970404541Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:33.973133597Z	2	PC: 12bae \| Character output (Char = '62')
2018-12-17T23:10:33.976677834Z	2	PC: 12bae \| Character output (Char = '79')
2018-12-17T23:10:33.979748993Z	2	PC: 12bae \| Character output (Char = '74')
2018-12-17T23:10:33.982485865Z	2	PC: 12bae \| Character output (Char = '65')
2018-12-17T23:10:33.986239287Z	2	PC: 12bae \| Character output (Char = '73')
2018-12-17T23:10:33.988914167Z	2	PC: 12bae \| Character output (Char = '0d')
2018-12-17T23:10:33.99143048Z	2	PC: 12bae \| Character output (Char = '0a')
2018-12-17T23:10:33.996362099Z	2	PC: 12bae \| Character output (Char = '0a')
2018-12-17T23:10:34.001265016Z	61	PC: 12a69 \| Open file (Filename = 'A:\TEST.COM')
2018-12-17T23:10:34.010383339Z	63	PC: 12a69 \| Read file or device (Read 24 bytes on handle 5)
2018-12-17T23:10:34.013791776Z	62	PC: 12a69 \| Close file
2018-12-17T23:10:34.016291656Z	2	PC: 12bae \| Character output (Char = '56')
2018-12-17T23:10:34.019028898Z	2	PC: 12bae \| Character output (Char = '49')
2018-12-17T23:10:34.021948231Z	2	PC: 12bae \| Character output (Char = '52')
2018-12-17T23:10:34.028295916Z	2	PC: 12bae \| Character output (Char = '55')
2018-12-17T23:10:34.031067306Z	2	PC: 12bae \| Character output (Char = '53')
2018-12-17T23:10:34.034471742Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:34.03734654Z	2	PC: 12bae \| Character output (Char = '52')
2018-12-17T23:10:34.041431384Z	2	PC: 12bae \| Character output (Char = '45')
2018-12-17T23:10:34.04434818Z	2	PC: 12bae \| Character output (Char = '4c')
2018-12-17T23:10:34.047276649Z	2	PC: 12bae \| Character output (Char = '45')
2018-12-17T23:10:34.050057606Z	2	PC: 12bae \| Character output (Char = '41')
2018-12-17T23:10:34.05296505Z	2	PC: 12bae \| Character output (Char = '53')
2018-12-17T23:10:34.060344221Z	2	PC: 12bae \| Character output (Char = '45')
2018-12-17T23:10:34.062788978Z	2	PC: 12bae \| Character output (Char = '44')
2018-12-17T23:10:34.065400372Z	2	PC: 12bae \| Character output (Char = '21')
2018-12-17T23:10:34.06836098Z	2	PC: 12bae \| Character output (Char = '21')
2018-12-17T23:10:34.070767755Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:34.073170536Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:34.076226711Z	2	PC: 12bae \| Character output (Char = '49')
2018-12-17T23:10:34.078616508Z	2	PC: 12bae \| Character output (Char = '74')
2018-12-17T23:10:34.081836697Z	2	PC: 12bae \| Character output (Char = '27')
2018-12-17T23:10:34.085454903Z	2	PC: 12bae \| Character output (Char = '73')
2018-12-17T23:10:34.087865103Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:34.090266498Z	2	PC: 12bae \| Character output (Char = '6e')
2018-12-17T23:10:34.093555674Z	2	PC: 12bae \| Character output (Char = '61')
2018-12-17T23:10:34.095935499Z	2	PC: 12bae \| Character output (Char = '6d')
2018-12-17T23:10:34.098331751Z	2	PC: 12bae \| Character output (Char = '65')
2018-12-17T23:10:34.102220098Z	2	PC: 12bae \| Character output (Char = '20')
2018-12-17T23:10:34.10498294Z	2	PC: 12bae \| Character output (Char = '69')
2018-12-17T23:10:34.1100536Z	2	PC: 12bae \| Character output (Char = '73')
2018-12-17T23:10:34.113236108Z	2	PC: 12bae \| Character output (Char = '3a')
2018-12-17T23:10:34.116497375Z	2	PC: 12bae \| Character output (Char = '0d')
2018-12-17T23:10:34.119559675Z	2	PC: 12bae \| Character output (Char = '0a')
2018-12-17T23:10:34.12601345Z	2	PC: 12bae \| Character output (Char = '0a')
2018-12-17T23:10:34.13080914Z	2	PC: 12bae \| Character output (Char = '07')
2018-12-17T23:10:34.133516827Z	9	PC: 12b93 \| Display string (String= 'This file has not had the INJECT.EXE run on it to load the Virus name into it ')
2018-12-17T23:10:34.141285933Z	76	PC: 12a69 \| Terminate with return code (Return code = '1')