Sample viewer

vx.netlux.org/Virus.DOS.LJF.1098

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:05:31.565687656Z	255	PC: 178d8 \| UNKNOWN!
2018-12-17T22:05:31.567127618Z	53	PC: 9f3f3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:05:31.568183504Z	37	PC: 9f404 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:05:31.569033959Z	53	PC: 9f409 \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:05:31.570431391Z	37	PC: 9f41a \| Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:05:31.571552328Z	99	PC: 13726 \| Get DBCS lead byte table pointer
2018-12-17T22:05:31.572708301Z	68	PC: 13740 \| I/O control for devices (Set for = '')
2018-12-17T22:05:31.573728384Z	68	PC: 1374b \| I/O control for devices (Set for = '')
2018-12-17T22:05:31.575555725Z	68	PC: 13756 \| I/O control for devices (Set for = '')
2018-12-17T22:05:31.5776535Z	68	PC: 1375e \| I/O control for devices (Set for = '��b��g�t�S3��[r�2��W�<t��>W')
2018-12-17T22:05:31.578926909Z	48	PC: 13763 \| Get DOS version
2018-12-17T22:05:31.580807203Z	37	PC: 1666f \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:05:31.581928349Z	53	PC: 16678 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:05:31.584933361Z	37	PC: 1668f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:05:31.586488398Z	25	PC: 165ed \| Get default drive
2018-12-17T22:05:31.587820223Z	71	PC: 165f7 \| Get current directory
2018-12-17T22:05:31.591901486Z	64	PC: 139e5 \| Write file or device (Write 30 bytes on handle 2)
2018-12-17T22:05:31.598063139Z	64	PC: 139e5 \| Write file or device (Write 9 bytes on handle 1)
2018-12-17T22:05:31.601523375Z	64	PC: 139e5 \| Write file or device (Write 17 bytes on handle 1)
2018-12-17T22:05:31.606122218Z	76	PC: 147f8 \| Terminate with return code (Return code = '4')