Sample viewer

vx.netlux.org/Virus.DOS.Jerk.1077

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:11:14.036438391Z	53	PC: 12a7a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:14.037654829Z	37	PC: 12a8d \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:14.042982109Z	51	PC: 12a94 \| Get or set Ctrl-Break
2018-12-17T23:11:14.043938789Z	26	PC: 12aae \| Set disk transfer address
2018-12-17T23:11:14.045111665Z	25	PC: 12ab2 \| Get default drive
2018-12-17T23:11:14.047570469Z	14	PC: 12b27 \| Set default drive (Drive = 'A')
2018-12-17T23:11:14.049390523Z	54	PC: 12b2e \| Get free disk space
2018-12-17T23:11:14.051774977Z	54	PC: 12b2e \| Get free disk space
2018-12-17T23:11:14.054363706Z	54	PC: 12b2e \| Get free disk space
2018-12-17T23:11:14.100171404Z	14	PC: 12b48 \| Set default drive (Drive = 'C')
2018-12-17T23:11:14.10174343Z	91	PC: 12b53 \| Create new file
2018-12-17T23:11:14.439981545Z	65	PC: 12b59 \| Delete file (Filename = '\^^^^^^^^')
2018-12-17T23:11:14.452947071Z	71	PC: 12bea \| Get current directory
2018-12-17T23:11:14.455958876Z	59	PC: 12b6b \| Change current directory
2018-12-17T23:11:14.460199793Z	71	PC: 12bea \| Get current directory
2018-12-17T23:11:14.463983599Z	78	PC: 12c89 \| Find first file
2018-12-17T23:11:14.470011156Z	67	PC: 12ce8 \| Get or set file attributes
2018-12-17T23:11:14.479789618Z	61	PC: 12cf4 \| Open file (Filename = 'COMMAND.COM')
2018-12-17T23:11:14.487581464Z	63	PC: 12d08 \| Read file or device (Read 9 bytes on handle 6)
2018-12-17T23:11:14.494138556Z	66	PC: 12d39 \| Move file pointer
2018-12-17T23:11:14.495709351Z	64	PC: 12d45 \| Write file or device (Write 9 bytes on handle 6)
2018-12-17T23:11:14.500374686Z	66	PC: 12d4e \| Move file pointer
2018-12-17T23:11:14.502071347Z	64	PC: 12d5a \| Write file or device (Write 1077 bytes on handle 6)
2018-12-17T23:11:14.512939398Z	87	PC: 12cc8 \| Get or set file date and time
2018-12-17T23:11:14.515443328Z	62	PC: 12ccc \| Close file
2018-12-17T23:11:14.52348895Z	67	PC: 12ce8 \| Get or set file attributes
2018-12-17T23:11:14.533587173Z	59	PC: 12bf7 \| Change current directory
2018-12-17T23:11:14.542134289Z	26	PC: 12acf \| Set disk transfer address
2018-12-17T23:11:14.543787318Z	14	PC: 12b27 \| Set default drive (Drive = 'A')
2018-12-17T23:11:14.545562678Z	37	PC: 12adc \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:14.548282533Z	42	PC: 12d5f \| Get date 0x12d5f: test dl, 3 0x12d62: jne 0x12d86 0x12d64: mov ah, 0x2c 0x12d66: int 0x21 0x12d68: test dh, 3 0x12d6b: jne 0x12d86 0x12d6d: mov cx, 0x47 0x12d70: mov si, 0x446 0x12d73: add si, bp 0x12d75: mov di, si 0x12d77: lodsb al, byte ptr [si] 0x12d78: sub al, 0x80 0x12d7a: stosb byte ptr es:[di], al 0x12d7b: loop 0x12d77 0x12d7d: mov ah, 9 0x12d7f: mov dx, 0x446 0x12d82: add dx, bp 0x12d84: int 0x21 0x12d86: ret 0x12d87: ret