Sample viewer

vx.netlux.org/Virus.DOS.VCL.Replico.422

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:12:42.641632383Z	37	PC: 12e3f \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:12:42.6434607Z	37	PC: 12e43 \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:12:42.645310108Z	26	PC: 12f75 \| Set disk transfer address
2018-12-17T23:12:42.646707097Z	53	PC: 12e7a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:12:42.648334251Z	37	PC: 12e8c \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:12:42.650621613Z	71	PC: 12e98 \| Get current directory
2018-12-17T23:12:42.653511814Z	78	PC: 12ed3 \| Find first file
2018-12-17T23:12:42.665887955Z	61	PC: 12f7e \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:12:42.673446855Z	63	PC: 12eee \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:12:42.680014952Z	62	PC: 12ef2 \| Close file
2018-12-17T23:12:42.682222407Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:42.699005286Z	61	PC: 12f7e \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:12:42.706000482Z	64	PC: 12f38 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:12:42.709081571Z	66	PC: 12f70 \| Move file pointer
2018-12-17T23:12:42.711545728Z	64	PC: 12f4a \| Write file or device (Write 422 bytes on handle 5)
2018-12-17T23:12:42.719841087Z	87	PC: 12f59 \| Get or set file date and time
2018-12-17T23:12:42.721530487Z	62	PC: 12f5d \| Close file
2018-12-17T23:12:42.729374808Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:42.739120371Z	79	PC: 12ed3 \| Find next file
2018-12-17T23:12:42.741919806Z	61	PC: 12f7e \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:12:42.748560273Z	63	PC: 12eee \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:12:42.755410431Z	62	PC: 12ef2 \| Close file
2018-12-17T23:12:42.75715635Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:42.767088352Z	61	PC: 12f7e \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:12:42.778922114Z	64	PC: 12f38 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:12:42.786391592Z	66	PC: 12f70 \| Move file pointer
2018-12-17T23:12:42.787940904Z	64	PC: 12f4a \| Write file or device (Write 422 bytes on handle 5)
2018-12-17T23:12:42.791447692Z	87	PC: 12f59 \| Get or set file date and time
2018-12-17T23:12:42.793098497Z	62	PC: 12f5d \| Close file
2018-12-17T23:12:42.800463828Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:42.81613722Z	79	PC: 12ed3 \| Find next file
2018-12-17T23:12:42.819093489Z	61	PC: 12f7e \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:12:42.826820777Z	63	PC: 12eee \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:12:42.837676086Z	62	PC: 12ef2 \| Close file
2018-12-17T23:12:42.839746644Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:42.849682615Z	61	PC: 12f7e \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:12:42.863302799Z	64	PC: 12f38 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:12:42.869848778Z	66	PC: 12f70 \| Move file pointer
2018-12-17T23:12:42.871246931Z	64	PC: 12f4a \| Write file or device (Write 422 bytes on handle 5)
2018-12-17T23:12:42.879637773Z	87	PC: 12f59 \| Get or set file date and time
2018-12-17T23:12:42.881093129Z	62	PC: 12f5d \| Close file
2018-12-17T23:12:42.888689005Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:42.899447073Z	79	PC: 12ed3 \| Find next file
2018-12-17T23:12:42.904018171Z	61	PC: 12f7e \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:12:42.910372639Z	63	PC: 12eee \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:12:42.916940256Z	62	PC: 12ef2 \| Close file
2018-12-17T23:12:42.919847532Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:42.930669952Z	61	PC: 12f7e \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:12:42.937424096Z	64	PC: 12f38 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:12:42.941038405Z	66	PC: 12f70 \| Move file pointer
2018-12-17T23:12:42.942441212Z	64	PC: 12f4a \| Write file or device (Write 422 bytes on handle 5)
2018-12-17T23:12:42.945210042Z	87	PC: 12f59 \| Get or set file date and time
2018-12-17T23:12:42.947425922Z	62	PC: 12f5d \| Close file
2018-12-17T23:12:42.954708223Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:42.964381397Z	79	PC: 12ed3 \| Find next file
2018-12-17T23:12:42.967848739Z	61	PC: 12f7e \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:12:42.974289966Z	63	PC: 12eee \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T23:12:42.980559958Z	62	PC: 12ef2 \| Close file
2018-12-17T23:12:42.983094478Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:42.993022116Z	61	PC: 12f7e \| Open file (Filename = 'PRINTA~1.COM�')
2018-12-17T23:12:42.99794082Z	64	PC: 12f38 \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T23:12:43.00118059Z	66	PC: 12f70 \| Move file pointer
2018-12-17T23:12:43.002863571Z	64	PC: 12f4a \| Write file or device (Write 422 bytes on handle 2)
2018-12-17T23:12:43.011174547Z	87	PC: 12f59 \| Get or set file date and time
2018-12-17T23:12:43.01360049Z	62	PC: 12f5d \| Close file
2018-12-17T23:12:43.016270309Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:43.020720098Z	79	PC: 12ed3 \| Find next file
2018-12-17T23:12:43.027377578Z	61	PC: 12f7e \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:12:43.03431714Z	63	PC: 12eee \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T23:12:43.040565188Z	62	PC: 12ef2 \| Close file
2018-12-17T23:12:43.042713639Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:43.052929954Z	61	PC: 12f7e \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:12:43.060068778Z	64	PC: 12f38 \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T23:12:43.063151565Z	66	PC: 12f70 \| Move file pointer
2018-12-17T23:12:43.065011615Z	64	PC: 12f4a \| Write file or device (Write 422 bytes on handle 2)
2018-12-17T23:12:43.073099198Z	87	PC: 12f59 \| Get or set file date and time
2018-12-17T23:12:43.075413067Z	62	PC: 12f5d \| Close file
2018-12-17T23:12:43.083621995Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:43.093637982Z	79	PC: 12ed3 \| Find next file
2018-12-17T23:12:43.097166882Z	61	PC: 12f7e \| Open file (Filename = 'PAH.COM')
2018-12-17T23:12:43.103943022Z	63	PC: 12eee \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T23:12:43.110169328Z	62	PC: 12ef2 \| Close file
2018-12-17T23:12:43.112221264Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:43.123720717Z	61	PC: 12f7e \| Open file (Filename = 'PAH.COM')
2018-12-17T23:12:43.130568833Z	64	PC: 12f38 \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T23:12:43.133673245Z	66	PC: 12f70 \| Move file pointer
2018-12-17T23:12:43.136548254Z	64	PC: 12f4a \| Write file or device (Write 422 bytes on handle 2)
2018-12-17T23:12:43.139504742Z	87	PC: 12f59 \| Get or set file date and time
2018-12-17T23:12:43.141322639Z	62	PC: 12f5d \| Close file
2018-12-17T23:12:43.149213228Z	67	PC: 12f89 \| Get or set file attributes
2018-12-17T23:12:43.160288104Z	79	PC: 12ed3 \| Find next file
2018-12-17T23:12:43.162882664Z	61	PC: 12f7e \| Open file (Filename = 'TEST.COM')
2018-12-17T23:12:43.169826432Z	63	PC: 12eee \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T23:12:43.176059484Z	62	PC: 12ef2 \| Close file
2018-12-17T23:12:43.177882183Z	79	PC: 12ed3 \| Find next file
2018-12-17T23:12:43.180765701Z	59	PC: 12ea7 \| Change current directory
2018-12-17T23:12:43.189860145Z	9	PC: 12eb1 \| Display string (String= 'Replico Virus NoTrace D Italian Viral Labs [IVP] ')
2018-12-17T23:12:43.197321574Z	37	PC: 12ebb \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:12:43.198933727Z	59	PC: 12ec5 \| Change current directory
2018-12-17T23:12:43.200524546Z	26	PC: 12f75 \| Set disk transfer address