Sample viewer

vx.netlux.org/Virus.DOS.VCL.562

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:11:44.579698235Z	47	PC: 12a65 \| Get disk transfer address
2018-12-17T23:11:44.581382996Z	26	PC: 12a6d \| Set disk transfer address
2018-12-17T23:11:44.582944012Z	71	PC: 12ab9 \| Get current directory
2018-12-17T23:11:44.586196507Z	47	PC: 12ae3 \| Get disk transfer address
2018-12-17T23:11:44.587423973Z	26	PC: 12af2 \| Set disk transfer address
2018-12-17T23:11:44.588906026Z	78	PC: 12afa \| Find first file
2018-12-17T23:11:44.595566727Z	47	PC: 12b12 \| Get disk transfer address
2018-12-17T23:11:44.597399264Z	61	PC: 12b2a \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:11:44.60644512Z	63	PC: 12b36 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:11:44.613951766Z	66	PC: 12b3e \| Move file pointer
2018-12-17T23:11:44.619357436Z	62	PC: 12b43 \| Close file
2018-12-17T23:11:44.623934292Z	67	PC: 12b63 \| Get or set file attributes
2018-12-17T23:11:44.642449773Z	61	PC: 12b68 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:11:44.650247871Z	64	PC: 12b74 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:44.654295531Z	66	PC: 12b7c \| Move file pointer
2018-12-17T23:11:44.656665412Z	64	PC: 12c89 \| Write file or device (Write 562 bytes on handle 5)
2018-12-17T23:11:44.666740836Z	87	PC: 12b8c \| Get or set file date and time
2018-12-17T23:11:44.668659722Z	62	PC: 12b90 \| Close file
2018-12-17T23:11:44.677683725Z	67	PC: 12b9d \| Get or set file attributes
2018-12-17T23:11:44.6887052Z	26	PC: 12b0c \| Set disk transfer address
2018-12-17T23:11:44.690351063Z	59	PC: 12ac8 \| Change current directory
2018-12-17T23:11:44.696065071Z	59	PC: 12ad1 \| Change current directory
2018-12-17T23:11:44.698070545Z	42	PC: 12a81 \| Get date 0x12a81: cmp dl, 0x22 0x12a84: jne 0x12aa2 0x12a86: lea si, word ptr [di + 0x26a] 0x12a8a: mov ah, 0xe 0x12a8c: lodsb al, byte ptr [si] 0x12a8d: or al, al 0x12a8f: je 0x12aa2 0x12a91: int 0x10 0x12a93: jmp 0x12a8a 0x12a95: sub ax, 0x5b3d 0x12a98: push si 0x12a99: inc bx 0x12a9a: dec sp 0x12a9b: das 0x12a9c: inc dx 0x12a9d: inc bp 0x12a9e: jbe 0x12afd 0x12aa0: cmp ax, 0x5a2d 0x12aa3: mov ah, 0x1a 0x12aa5: int 0x21
2018-12-17T23:11:44.700395939Z	26	PC: 12aa7 \| Set disk transfer address