Sample viewer

vx.netlux.org/Virus.DOS.Treb.1457

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:12:03.133687564Z 176 PC: 2ded3 | UNKNOWN!
2018-12-17T23:12:03.13878474Z 74 PC: 2e2e9 | Reallocate memory
2018-12-17T23:12:03.140794609Z 72 PC: 2e2f4 | Allocate memory
2018-12-17T23:12:03.14384206Z 53 PC: 2e31e | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:12:03.145784603Z 37 PC: 2e32f | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:12:03.147643619Z 67 PC: 2dee8 | Get or set file attributes
2018-12-17T23:12:03.155343058Z 48 PC: 292a6 | Get DOS version
2018-12-17T23:12:03.157023578Z 74 PC: 292f6 | Reallocate memory
2018-12-17T23:12:03.159511146Z 48 PC: 2880c | Get DOS version
2018-12-17T23:12:03.162038409Z 53 PC: 28814 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:12:03.163856858Z 37 PC: 28826 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:12:03.16587836Z 53 PC: 2bab2 | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:12:03.168512614Z 37 PC: 2bac2 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T23:12:03.170008778Z 53 PC: 2bac7 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:12:03.17140877Z 37 PC: 2bad7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:12:03.173453095Z 53 PC: 29806 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:12:03.17506222Z 53 PC: 29806 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:12:03.176597938Z 53 PC: 29806 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:12:03.178682809Z 53 PC: 29806 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:12:03.180450704Z 53 PC: 29806 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:12:03.182193572Z 53 PC: 29806 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:12:03.185009016Z 53 PC: 29806 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:12:03.187274506Z 53 PC: 29806 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:12:03.188858575Z 53 PC: 29806 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:12:03.191832598Z 53 PC: 29806 | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:12:03.1937694Z 53 PC: 29806 | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T23:12:03.195525783Z 37 PC: 29835 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T23:12:03.197669013Z 37 PC: 29835 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T23:12:03.200349564Z 37 PC: 29835 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T23:12:03.202812636Z 37 PC: 29835 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T23:12:03.206140654Z 37 PC: 29835 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T23:12:03.208853846Z 37 PC: 29835 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T23:12:03.211563202Z 37 PC: 29835 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T23:12:03.215597859Z 37 PC: 29835 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T23:12:03.217304579Z 37 PC: 2983c | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T23:12:03.21915044Z 37 PC: 29841 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T23:12:03.225826034Z 68 PC: 288b7 | I/O control for devices (Set for = '��H ���')
2018-12-17T23:12:03.228343618Z 68 PC: 288b7 | I/O control for devices (Set for = '�����P�� ���\��拄����V�����������Q3�P���P�')
2018-12-17T23:12:03.230239713Z 68 PC: 288b7 | I/O control for devices (Set for = 'P�b��L\ S�A��')
2018-12-17T23:12:03.232288566Z 68 PC: 288b7 | I/O control for devices (Set for = '')
2018-12-17T23:12:03.23471021Z 68 PC: 288b7 | I/O control for devices (Set for = '')
2018-12-17T23:12:03.237273761Z 53 PC: 2529a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:12:03.23931528Z 53 PC: 252a7 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:12:03.24179881Z 53 PC: 252b4 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:12:03.243779215Z 37 PC: 252c9 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T23:12:03.245732048Z 37 PC: 252d1 | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T23:12:03.249191843Z 37 PC: 252d9 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:12:03.251150847Z 53 PC: 25930 | Get interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T23:12:03.252961282Z 53 PC: 2593d | Get interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T23:12:03.255390981Z 53 PC: 2594c | Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T23:12:03.257201596Z 37 PC: 25959 | Set interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T23:12:03.258970142Z 53 PC: 25960 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T23:12:03.261501803Z 37 PC: 2596d | Set interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T23:12:03.263616359Z 53 PC: 25979 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T23:12:03.268651738Z 48 PC: 25a3b | Get DOS version
2018-12-17T23:12:03.271018389Z 74 PC: 24213 | Reallocate memory
2018-12-17T23:12:03.273314907Z 74 PC: 24213 | Reallocate memory
2018-12-17T23:12:03.275344294Z 68 PC: 25210 | I/O control for devices (Set for = '')
2018-12-17T23:12:03.277720743Z 68 PC: 25210 | I/O control for devices (Set for = '')
2018-12-17T23:12:03.279687772Z 51 PC: 2522e | Get or set Ctrl-Break
2018-12-17T23:12:03.281118102Z 51 PC: 2523a | Get or set Ctrl-Break
2018-12-17T23:12:03.283198694Z 72 PC: 271f8 | Allocate memory
2018-12-17T23:12:03.285761233Z 74 PC: 24213 | Reallocate memory
2018-12-17T23:12:03.287799406Z 72 PC: 271f8 | Allocate memory
2018-12-17T23:12:03.292040351Z 37 PC: 2218d | Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T23:12:03.294131023Z 44 PC: 211b3 | Get time 0x211b3: mov al, 0x3c
0x211b5: mul ch
0x211b7: xor ch, ch
0x211b9: add ax, cx
0x211bb: mov bx, ax
0x211bd: push dx
0x211be: call 0x26a16
0x211c1: pop dx
0x211c2: mov ax, 0x3c
0x211c5: call 0x211ef
0x211c8: mov al, dh
0x211ca: mov ah, 1
0x211cc: call 0x211ef
0x211cf: mov ax, 0x64
0x211d2: call 0x211ef
0x211d5: mov al, dl
0x211d7: mov ah, 1
0x211d9: call 0x211ef
0x211dc: mov ax, 0x264
0x211df: call 0x211ef
2018-12-17T23:12:03.310117316Z 37 PC: 2442a | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T23:12:03.334097541Z 25 PC: 218f8 | Get default drive
2018-12-17T23:12:03.335858483Z 71 PC: 21908 | Get current directory
2018-12-17T23:12:03.340318359Z 61 PC: 1ed4c | Open file (Filename = 'A:\DATA.AQA')
2018-12-17T23:12:03.348822121Z 60 PC: 1ec11 | Create or truncate file
2018-12-17T23:12:03.460714999Z 62 PC: 21d0d | Close file
2018-12-17T23:12:03.463122617Z 61 PC: 1ed4c | Open file (Filename = 'A:\DATA.AQA')
2018-12-17T23:12:03.472337355Z 68 PC: 1eca5 | I/O control for devices (Set for = '')
2018-12-17T23:12:03.474309825Z 66 PC: 21aaf | Move file pointer
2018-12-17T23:12:03.475877272Z 66 PC: 21aaf | Move file pointer
2018-12-17T23:12:03.478521013Z 66 PC: 21aaf | Move file pointer
2018-12-17T23:12:03.480493613Z 62 PC: 21d0d | Close file
2018-12-17T23:12:03.483641974Z 25 PC: 218f8 | Get default drive
2018-12-17T23:12:03.485670428Z 71 PC: 21908 | Get current directory
2018-12-17T23:12:03.490214293Z 61 PC: 1ed4c | Open file (Filename = 'A:\ACCESS.AQA')
2018-12-17T23:12:03.500896852Z 60 PC: 1ec11 | Create or truncate file
2018-12-17T23:12:03.513884605Z 62 PC: 21d0d | Close file
2018-12-17T23:12:03.516463966Z 61 PC: 1ed4c | Open file (Filename = 'A:\ACCESS.AQA')
2018-12-17T23:12:03.530276872Z 68 PC: 1eca5 | I/O control for devices (Set for = '')
2018-12-17T23:12:03.533501947Z 66 PC: 21aaf | Move file pointer
2018-12-17T23:12:03.53558825Z 63 PC: 21cd6 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:12:03.539190304Z 66 PC: 21aaf | Move file pointer
2018-12-17T23:12:03.542038149Z 63 PC: 21cd6 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:12:03.545591211Z 62 PC: 21d0d | Close file
2018-12-17T23:12:03.561202869Z 25 PC: 218f8 | Get default drive
2018-12-17T23:12:03.562890322Z 71 PC: 21908 | Get current directory
2018-12-17T23:12:03.566827977Z 61 PC: 1ed4c | Open file (Filename = 'A:\COLOR.AQA')
2018-12-17T23:12:03.574988113Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.577171438Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.580774554Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.583211587Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.585671573Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.588748038Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.591851284Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.594184182Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.597017049Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.599401002Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.60176642Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.605110098Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.607725827Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.610355552Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.613739717Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.616007271Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.618578105Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.621747845Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.623990062Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.626272314Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.629783707Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.632597538Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.635013181Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.637938282Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.640733589Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.643337386Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.64678533Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.649577099Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.652049419Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.65465581Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.657098694Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.660503186Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.663177134Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.665634505Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.668436846Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.671898455Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.674550703Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.679107833Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.681689217Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.683995193Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.687191354Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.689671559Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.692137125Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.695743947Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.698139172Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.700443114Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.70374296Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.706111594Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.708384729Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.711968659Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.714314961Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.716634663Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.720342195Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.72315228Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.725932398Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.7294435Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.732480772Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.735110538Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.739241836Z 73 PC: 271f8 | Release memory
2018-12-17T23:12:03.741366632Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.743874488Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.747984147Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.75060224Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.753918226Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.758320384Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.761065536Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.763819155Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.767516949Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.778358396Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.781005514Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.78439061Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.787013172Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.790368381Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.792917836Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.796244582Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.798739965Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.80115164Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.803784521Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.806349164Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.80970777Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.812036339Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.814984192Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.818049977Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.82147569Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.82665511Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.829403679Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.83214285Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.835654153Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.838176616Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.84066206Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.844132096Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.84675099Z 6 PC: 251e1 | Direct console I/O
2018-12-17T23:12:03.850709925Z 12 PC: 2528a | Flush input buffer and input