Sample viewer

vx.netlux.org/Virus.DOS.Twin.351

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:11:35.997665553Z	255	PC: 12b25 \| UNKNOWN!
2018-12-17T23:11:35.999002533Z	53	PC: 12b35 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:11:36.000414753Z	37	PC: 12b48 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:11:36.002333627Z	74	PC: 12b7a \| Reallocate memory
2018-12-17T23:11:36.004325334Z	60	PC: 12b01 \| Create or truncate file
2018-12-17T23:11:36.358083553Z	64	PC: 12b11 \| Write file or device (Write 351 bytes on handle 5)
2018-12-17T23:11:36.369527187Z	62	PC: 12b15 \| Close file
2018-12-17T23:11:36.376858798Z	75	PC: 12b94 \| Execute program
2018-12-17T23:11:36.388551719Z	74	PC: 12e4a \| Reallocate memory
2018-12-17T23:11:36.390075997Z	60	PC: 12b01 \| Create or truncate file
2018-12-17T23:11:36.406210099Z	64	PC: 12b11 \| Write file or device (Write 351 bytes on handle 5)
2018-12-17T23:11:36.411171211Z	62	PC: 12b15 \| Close file
2018-12-17T23:11:36.418697921Z	75	PC: 12e64 \| Execute program
2018-12-17T23:11:36.442750629Z	99	PC: 13cc6 \| Get DBCS lead byte table pointer
2018-12-17T23:11:36.445652857Z	68	PC: 13ce0 \| I/O control for devices (Set for = '')
2018-12-17T23:11:36.447337043Z	68	PC: 13ceb \| I/O control for devices (Set for = '')
2018-12-17T23:11:36.449393378Z	68	PC: 13cf6 \| I/O control for devices (Set for = '')
2018-12-17T23:11:36.451542738Z	68	PC: 13cfe \| I/O control for devices (Set for = '��b��g�t�S3��[r�2��W�<t��>W')
2018-12-17T23:11:36.453812608Z	48	PC: 13d03 \| Get DOS version
2018-12-17T23:11:36.455010301Z	37	PC: 16c0f \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:11:36.456386464Z	53	PC: 16c18 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:36.457985762Z	37	PC: 16c2f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:36.459197567Z	25	PC: 16b8d \| Get default drive
2018-12-17T23:11:36.460610344Z	71	PC: 16b97 \| Get current directory
2018-12-17T23:11:36.46481617Z	64	PC: 13f85 \| Write file or device (Write 30 bytes on handle 2)
2018-12-17T23:11:36.47045784Z	64	PC: 13f85 \| Write file or device (Write 9 bytes on handle 1)
2018-12-17T23:11:36.473876745Z	64	PC: 13f85 \| Write file or device (Write 17 bytes on handle 1)
2018-12-17T23:11:36.480278664Z	76	PC: 14d98 \| Terminate with return code (Return code = '4')
2018-12-17T23:11:36.483727758Z	76	PC: 12e00 \| Terminate with return code (Return code = '1')
2018-12-17T23:11:36.487403641Z	49	PC: 12b51 \| Terminate and stay resident (Return code = '0' \| Memory size = '38')