Sample viewer

vx.netlux.org/Virus.DOS.Chameleon.1993

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:12:46.713309283Z	48	PC: 12bae \| Get DOS version
2018-12-17T23:12:46.716119967Z	47	PC: 12bdc \| Get disk transfer address
2018-12-17T23:12:46.718409302Z	26	PC: 12bf1 \| Set disk transfer address
2018-12-17T23:12:46.720287273Z	78	PC: 12c75 \| Find first file
2018-12-17T23:12:46.728322803Z	67	PC: 12cc4 \| Get or set file attributes
2018-12-17T23:12:46.735246872Z	67	PC: 12cd5 \| Get or set file attributes
2018-12-17T23:12:46.752141268Z	61	PC: 12ce0 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:12:46.76040685Z	87	PC: 12ced \| Get or set file date and time
2018-12-17T23:12:46.762882776Z	63	PC: 12d00 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:12:46.770776878Z	66	PC: 12d1c \| Move file pointer
2018-12-17T23:12:46.772886335Z	44	PC: 12d4a \| Get time 0x12d4a: xor dx, cx 0x12d4c: int3 0x12d4d: jb 0x12d48 0x12d4f: mov dx, fs 0x12d51: add ah, cl 0x12d53: ror dl, 0xcc 0x12d57: inc bx 0x12d58: retf 0xe28c 0x12d5b: add ah, cl 0x12d5d: xchg ax, bp 0x12d5e: sbb al, 0x4e 0x12d60: loop 0x12d4a 0x12d62: xor word ptr [bp + di], ax 0x12d64: mov al, byte ptr [bp - 0x1e] 0x12d67: and al, 3 0x12d69: cmp al, 3 0x12d6b: je 0x12d61 0x12d6d: push ax 0x12d6e: ror al, 1 0x12d70: int3
2018-12-17T23:12:46.785401648Z	64	PC: 13431 \| Write file or device (Write 2350 bytes on handle 5)
2018-12-17T23:12:46.795622316Z	66	PC: 1300f \| Move file pointer
2018-12-17T23:12:46.797668423Z	64	PC: 13020 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:12:46.806084578Z	87	PC: 1303b \| Get or set file date and time
2018-12-17T23:12:46.807975824Z	62	PC: 1303f \| Close file
2018-12-17T23:12:46.816641187Z	67	PC: 1304d \| Get or set file attributes
2018-12-17T23:12:46.829602638Z	26	PC: 13058 \| Set disk transfer address