Sample viewer

vx.netlux.org/Virus.DOS.Vienna.Born.971

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:06:57.685176566Z	67	PC: 144c6 \| Get or set file attributes
2018-12-17T22:06:57.699633624Z	65	PC: 144cd \| Delete file (Filename = 'chklist.tav')
2018-12-17T22:06:57.706304339Z	67	PC: 144c6 \| Get or set file attributes
2018-12-17T22:06:57.7121763Z	65	PC: 144cd \| Delete file (Filename = 'chklist.cps')
2018-12-17T22:06:57.718126299Z	67	PC: 144c6 \| Get or set file attributes
2018-12-17T22:06:57.725202634Z	65	PC: 144cd \| Delete file (Filename = 'anti-vir.dat')
2018-12-17T22:06:57.731083087Z	67	PC: 144c6 \| Get or set file attributes
2018-12-17T22:06:57.736974258Z	65	PC: 144cd \| Delete file (Filename = 'chklist.ms')
2018-12-17T22:06:57.744177534Z	53	PC: 145c0 \| Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:06:57.745662757Z	37	PC: 145cf \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:06:57.747100888Z	53	PC: 145c0 \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:06:57.749476749Z	37	PC: 145cf \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:06:57.751078823Z	53	PC: 145c0 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:06:57.752532441Z	37	PC: 145cf \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:06:57.755027007Z	47	PC: 147df \| Get disk transfer address
2018-12-17T22:06:57.756521447Z	26	PC: 147ee \| Set disk transfer address
2018-12-17T22:06:57.75812938Z	78	PC: 14684 \| Find first file
2018-12-17T22:06:57.764445523Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:57.767572756Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:57.770097769Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:57.773336231Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:57.777403332Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:57.780723348Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:57.783596495Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:57.790163821Z	78	PC: 14684 \| Find first file
2018-12-17T22:06:57.799304725Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:57.80267702Z	67	PC: 146bd \| Get or set file attributes
2018-12-17T22:06:57.810155955Z	67	PC: 146cd \| Get or set file attributes
2018-12-17T22:06:58.174284813Z	61	PC: 146dc \| Open file (Filename = 'C:\DOS\FORMAT.COM')
2018-12-17T22:06:58.181446736Z	87	PC: 146ea \| Get or set file date and time
2018-12-17T22:06:58.183708157Z	63	PC: 146fc \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:06:58.197639744Z	66	PC: 14736 \| Move file pointer
2018-12-17T22:06:58.200129993Z	64	PC: 14759 \| Write file or device (Write 971 bytes on handle 5)
2018-12-17T22:06:58.224125167Z	66	PC: 14766 \| Move file pointer
2018-12-17T22:06:58.225872148Z	64	PC: 1477c \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:06:58.228910439Z	87	PC: 1478d \| Get or set file date and time
2018-12-17T22:06:58.231659737Z	62	PC: 14791 \| Close file
2018-12-17T22:06:58.241611855Z	67	PC: 1479e \| Get or set file attributes
2018-12-17T22:06:58.251140864Z	78	PC: 14684 \| Find first file
2018-12-17T22:06:58.257147365Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.261287606Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.264202789Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.267734052Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.270991497Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.273767124Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.276561148Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.280407767Z	78	PC: 14684 \| Find first file
2018-12-17T22:06:58.286904253Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.290210489Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.294602418Z	67	PC: 146bd \| Get or set file attributes
2018-12-17T22:06:58.300777342Z	67	PC: 146cd \| Get or set file attributes
2018-12-17T22:06:58.310581549Z	61	PC: 146dc \| Open file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T22:06:58.318750565Z	87	PC: 146ea \| Get or set file date and time
2018-12-17T22:06:58.320491758Z	63	PC: 146fc \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:06:58.326972588Z	66	PC: 14736 \| Move file pointer
2018-12-17T22:06:58.329525941Z	64	PC: 14759 \| Write file or device (Write 971 bytes on handle 5)
2018-12-17T22:06:58.339467982Z	66	PC: 14766 \| Move file pointer
2018-12-17T22:06:58.341161332Z	64	PC: 1477c \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:06:58.34494917Z	87	PC: 1478d \| Get or set file date and time
2018-12-17T22:06:58.347173488Z	62	PC: 14791 \| Close file
2018-12-17T22:06:58.354232081Z	67	PC: 1479e \| Get or set file attributes
2018-12-17T22:06:58.36482329Z	78	PC: 14684 \| Find first file
2018-12-17T22:06:58.37101779Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.373890873Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.377171514Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.389338381Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.391978632Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.405647888Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.408384667Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.410843173Z	78	PC: 14684 \| Find first file
2018-12-17T22:06:58.429694307Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.434101626Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.437314689Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.443568063Z	67	PC: 146bd \| Get or set file attributes
2018-12-17T22:06:58.450874699Z	67	PC: 146cd \| Get or set file attributes
2018-12-17T22:06:58.461263374Z	61	PC: 146dc \| Open file (Filename = 'C:\DOS\SYS.COM')
2018-12-17T22:06:58.468231101Z	87	PC: 146ea \| Get or set file date and time
2018-12-17T22:06:58.470984974Z	63	PC: 146fc \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:06:58.477024986Z	66	PC: 14736 \| Move file pointer
2018-12-17T22:06:58.478680015Z	64	PC: 14759 \| Write file or device (Write 971 bytes on handle 5)
2018-12-17T22:06:58.487505503Z	66	PC: 14766 \| Move file pointer
2018-12-17T22:06:58.489535496Z	64	PC: 1477c \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:06:58.492538524Z	87	PC: 1478d \| Get or set file date and time
2018-12-17T22:06:58.495003784Z	62	PC: 14791 \| Close file
2018-12-17T22:06:58.502240835Z	67	PC: 1479e \| Get or set file attributes
2018-12-17T22:06:58.512088344Z	78	PC: 14684 \| Find first file
2018-12-17T22:06:58.518980356Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.522853292Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.5256015Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.528581194Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.532186654Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.534892733Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.537584205Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.541289093Z	78	PC: 14684 \| Find first file
2018-12-17T22:06:58.547601314Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.550805438Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.555443084Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.558730438Z	79	PC: 1468a \| Find next file
2018-12-17T22:06:58.564792828Z	26	PC: 144a0 \| Set disk transfer address
2018-12-17T22:06:58.567173288Z	37	PC: 145f8 \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:06:58.568561577Z	37	PC: 145f8 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:06:58.56993782Z	37	PC: 145f8 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:06:58.572288345Z	9	PC: 13252 \| Display string (String= 'Goat file (COM). Size=00001A0Ah/0000006666d bytes. ')
2018-12-17T22:06:58.576880658Z	76	PC: 13256 \| Terminate with return code (Return code = '36')