Sample viewer

vx.netlux.org/Virus.DOS.Caterpillar.o

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:12:07.885613532Z	53	PC: 17a16 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:12:07.888859356Z	61	PC: 17665 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T23:12:07.896244784Z	37	PC: 17674 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:12:07.897789098Z	66	PC: 17683 \| Move file pointer
2018-12-17T23:12:07.899953128Z	63	PC: 17691 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:12:07.903800152Z	62	PC: 17695 \| Close file
2018-12-17T23:12:07.906046326Z	37	PC: 176a4 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:12:07.907653468Z	61	PC: 176e4 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T23:12:07.915569725Z	63	PC: 176f8 \| Read file or device (Read 12 bytes on handle 5)
2018-12-17T23:12:07.918980809Z	66	PC: 17701 \| Move file pointer
2018-12-17T23:12:07.921211173Z	64	PC: 1772b \| Write file or device (Write 1490 bytes on handle 5)
2018-12-17T23:12:08.272909412Z	66	PC: 17734 \| Move file pointer
2018-12-17T23:12:08.275467583Z	64	PC: 17742 \| Write file or device (Write 12 bytes on handle 5)
2018-12-17T23:12:08.279099994Z	62	PC: 1774a \| Close file
2018-12-17T23:12:08.290387349Z	99	PC: 13726 \| Get DBCS lead byte table pointer
2018-12-17T23:12:08.29281783Z	68	PC: 13740 \| I/O control for devices (Set for = '')
2018-12-17T23:12:08.294876742Z	68	PC: 1374b \| I/O control for devices (Set for = '')
2018-12-17T23:12:08.298250456Z	68	PC: 13756 \| I/O control for devices (Set for = '')
2018-12-17T23:12:08.300133186Z	68	PC: 1375e \| I/O control for devices (Set for = '��b��g�t�S3��[r�2��W�<t��>W')
2018-12-17T23:12:08.302198821Z	48	PC: 13763 \| Get DOS version
2018-12-17T23:12:08.30539454Z	64	PC: 139e5 \| Write file or device (Write 29 bytes on handle 2)
2018-12-17T23:12:08.313294206Z	64	PC: 139e5 \| Write file or device (Write 9 bytes on handle 1)
2018-12-17T23:12:08.317264612Z	64	PC: 139e5 \| Write file or device (Write 17 bytes on handle 1)
2018-12-17T23:12:08.322869732Z	76	PC: 147f8 \| Terminate with return code (Return code = '4')