Sample viewer

vx.netlux.org/Virus.DOS.Sandy.1038

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:10:45.088077275Z	53	PC: 12ae7 \| Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:10:45.090254379Z	53	PC: 12af3 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:10:45.093404165Z	37	PC: 12b02 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:10:45.097542857Z	37	PC: 12b09 \| Set interrupt vector (Interrupt = '112' AKA 'UNKNOWN!')
2018-12-17T23:10:45.099410475Z	47	PC: 12d75 \| Get disk transfer address
2018-12-17T23:10:45.108728581Z	71	PC: 12d87 \| Get current directory
2018-12-17T23:10:45.112355294Z	26	PC: 12d3d \| Set disk transfer address
2018-12-17T23:10:45.114186863Z	78	PC: 12d47 \| Find first file
2018-12-17T23:10:45.123131918Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T23:10:45.141007272Z	61	PC: 12b8a \| Open file (Filename = 'TEST.EXE')
2018-12-17T23:10:45.149401938Z	63	PC: 12b97 \| Read file or device (Read 27 bytes on handle 5)
2018-12-17T23:10:45.153848685Z	66	PC: 12d0b \| Move file pointer
2018-12-17T23:10:45.156616715Z	64	PC: 12d15 \| Write file or device (Write 1038 bytes on handle 5)
2018-12-17T23:10:45.170513431Z	66	PC: 12ba1 \| Move file pointer
2018-12-17T23:10:45.172828337Z	64	PC: 12bab \| Write file or device (Write 27 bytes on handle 5)
2018-12-17T23:10:45.177841123Z	87	PC: 12bbc \| Get or set file date and time
2018-12-17T23:10:45.180062366Z	62	PC: 12bc1 \| Close file
2018-12-17T23:10:45.189700748Z	67	PC: 12bcf \| Get or set file attributes
2018-12-17T23:10:45.202798476Z	79	PC: 12d67 \| Find next file
2018-12-17T23:10:45.20564821Z	26	PC: 12d93 \| Set disk transfer address
2018-12-17T23:10:45.207359189Z	78	PC: 12d9d \| Find first file
2018-12-17T23:10:45.215244868Z	67	PC: 12b85 \| Get or set file attributes
2018-12-17T23:10:45.226120807Z	61	PC: 12b8a \| Open file (Filename = '�D�� ~��E�5�!�Q�S�$�!�M�O�%��!�p��!.�C3��\,�<')
2018-12-17T23:10:45.234765103Z	87	PC: 12bd7 \| Get or set file date and time
2018-12-17T23:10:45.237812046Z	67	PC: 12be8 \| Get or set file attributes
2018-12-17T23:10:45.244577465Z	63	PC: 12b97 \| Read file or device (Read 27 bytes on handle 5)
2018-12-17T23:10:45.247886667Z	66	PC: 12de3 \| Move file pointer
2018-12-17T23:10:45.250541483Z	64	PC: 12de9 \| Write file or device (Write 0 bytes on handle 5)
2018-12-17T23:10:45.259646408Z	66	PC: 12ba1 \| Move file pointer
2018-12-17T23:10:45.261570453Z	64	PC: 12bab \| Write file or device (Write 27 bytes on handle 5)
2018-12-17T23:10:45.265086019Z	87	PC: 12bbc \| Get or set file date and time
2018-12-17T23:10:45.267447308Z	62	PC: 12bc1 \| Close file
2018-12-17T23:10:45.276043386Z	67	PC: 12bcf \| Get or set file attributes
2018-12-17T23:10:45.280514227Z	59	PC: 12e10 \| Change current directory
2018-12-17T23:10:45.285591493Z	37	PC: 12e1e \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:10:45.286864803Z	37	PC: 12e2c \| Set interrupt vector (Interrupt = '112' AKA 'UNKNOWN!')
2018-12-17T23:10:45.28809557Z	26	PC: 12e3a \| Set disk transfer address