Sample viewer

vx.netlux.org/Virus.DOS.IVP.Messenger.368

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:07:31.453318585Z	26	PC: 12b6c \| Set disk transfer address
2018-12-17T22:07:31.455377548Z	53	PC: 12a67 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:07:31.456712088Z	37	PC: 12a79 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:07:31.457728117Z	71	PC: 12a85 \| Get current directory
2018-12-17T22:07:31.460453378Z	78	PC: 12ac0 \| Find first file
2018-12-17T22:07:31.473641061Z	61	PC: 12b75 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:07:31.480135465Z	63	PC: 12adb \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:07:31.486328743Z	62	PC: 12adf \| Close file
2018-12-17T22:07:31.489799413Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:31.675667376Z	61	PC: 12b75 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:07:31.682611694Z	64	PC: 12b2f \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:07:31.686183131Z	66	PC: 12b67 \| Move file pointer
2018-12-17T22:07:31.687755291Z	64	PC: 12b41 \| Write file or device (Write 368 bytes on handle 5)
2018-12-17T22:07:31.695927921Z	87	PC: 12b50 \| Get or set file date and time
2018-12-17T22:07:31.698442707Z	62	PC: 12b54 \| Close file
2018-12-17T22:07:31.706624732Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:31.716432868Z	79	PC: 12ac0 \| Find next file
2018-12-17T22:07:31.719850431Z	61	PC: 12b75 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:07:31.726303741Z	63	PC: 12adb \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:07:31.732532196Z	62	PC: 12adf \| Close file
2018-12-17T22:07:31.735458871Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:31.745473709Z	61	PC: 12b75 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:07:31.752243655Z	64	PC: 12b2f \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:07:31.755529078Z	66	PC: 12b67 \| Move file pointer
2018-12-17T22:07:31.758024786Z	64	PC: 12b41 \| Write file or device (Write 368 bytes on handle 5)
2018-12-17T22:07:31.760934208Z	87	PC: 12b50 \| Get or set file date and time
2018-12-17T22:07:31.762696866Z	62	PC: 12b54 \| Close file
2018-12-17T22:07:31.782029982Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:31.805850097Z	79	PC: 12ac0 \| Find next file
2018-12-17T22:07:31.80892433Z	61	PC: 12b75 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:07:31.818249331Z	63	PC: 12adb \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:07:31.825134793Z	62	PC: 12adf \| Close file
2018-12-17T22:07:31.827389332Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:31.838541108Z	61	PC: 12b75 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:07:31.845790662Z	64	PC: 12b2f \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:07:31.849063865Z	66	PC: 12b67 \| Move file pointer
2018-12-17T22:07:31.851228061Z	64	PC: 12b41 \| Write file or device (Write 368 bytes on handle 5)
2018-12-17T22:07:31.856341466Z	87	PC: 12b50 \| Get or set file date and time
2018-12-17T22:07:31.858198782Z	62	PC: 12b54 \| Close file
2018-12-17T22:07:31.866638163Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:31.876653667Z	79	PC: 12ac0 \| Find next file
2018-12-17T22:07:31.879974133Z	61	PC: 12b75 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:07:31.887357866Z	63	PC: 12adb \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:07:31.893592439Z	62	PC: 12adf \| Close file
2018-12-17T22:07:31.895374613Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:31.908263553Z	61	PC: 12b75 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:07:31.915303352Z	64	PC: 12b2f \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:07:31.922081663Z	66	PC: 12b67 \| Move file pointer
2018-12-17T22:07:31.924125668Z	64	PC: 12b41 \| Write file or device (Write 368 bytes on handle 5)
2018-12-17T22:07:31.928058506Z	87	PC: 12b50 \| Get or set file date and time
2018-12-17T22:07:31.929917362Z	62	PC: 12b54 \| Close file
2018-12-17T22:07:31.937185551Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:31.947585121Z	79	PC: 12ac0 \| Find next file
2018-12-17T22:07:31.95052164Z	61	PC: 12b75 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:07:31.956962597Z	63	PC: 12adb \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:07:31.966071647Z	62	PC: 12adf \| Close file
2018-12-17T22:07:31.967993571Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:31.972264935Z	61	PC: 12b75 \| Open file (Filename = 'PRINTA~1.COM�')
2018-12-17T22:07:31.977766044Z	64	PC: 12b2f \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:07:31.980557109Z	66	PC: 12b67 \| Move file pointer
2018-12-17T22:07:31.982277283Z	64	PC: 12b41 \| Write file or device (Write 368 bytes on handle 2)
2018-12-17T22:07:31.989662275Z	87	PC: 12b50 \| Get or set file date and time
2018-12-17T22:07:31.991490965Z	62	PC: 12b54 \| Close file
2018-12-17T22:07:31.99358532Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:31.999045192Z	79	PC: 12ac0 \| Find next file
2018-12-17T22:07:32.002284633Z	61	PC: 12b75 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:07:32.008983732Z	63	PC: 12adb \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:07:32.022593686Z	62	PC: 12adf \| Close file
2018-12-17T22:07:32.025142727Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:32.03552316Z	61	PC: 12b75 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:07:32.043166309Z	64	PC: 12b2f \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:07:32.046635335Z	66	PC: 12b67 \| Move file pointer
2018-12-17T22:07:32.048372975Z	64	PC: 12b41 \| Write file or device (Write 368 bytes on handle 2)
2018-12-17T22:07:32.056791041Z	87	PC: 12b50 \| Get or set file date and time
2018-12-17T22:07:32.059603098Z	62	PC: 12b54 \| Close file
2018-12-17T22:07:32.06747365Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:32.077363819Z	79	PC: 12ac0 \| Find next file
2018-12-17T22:07:32.081334733Z	61	PC: 12b75 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:07:32.088058672Z	63	PC: 12adb \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:07:32.094652746Z	62	PC: 12adf \| Close file
2018-12-17T22:07:32.097973774Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:32.121562305Z	61	PC: 12b75 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:07:32.128095886Z	64	PC: 12b2f \| Write file or device (Write 3 bytes on handle 2)
2018-12-17T22:07:32.131651159Z	66	PC: 12b67 \| Move file pointer
2018-12-17T22:07:32.13390067Z	64	PC: 12b41 \| Write file or device (Write 368 bytes on handle 2)
2018-12-17T22:07:32.136632053Z	87	PC: 12b50 \| Get or set file date and time
2018-12-17T22:07:32.139363671Z	62	PC: 12b54 \| Close file
2018-12-17T22:07:32.147061189Z	67	PC: 12b80 \| Get or set file attributes
2018-12-17T22:07:32.157627842Z	79	PC: 12ac0 \| Find next file
2018-12-17T22:07:32.161274699Z	61	PC: 12b75 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:07:32.168532969Z	63	PC: 12adb \| Read file or device (Read 26 bytes on handle 2)
2018-12-17T22:07:32.175124508Z	62	PC: 12adf \| Close file
2018-12-17T22:07:32.178106268Z	79	PC: 12ac0 \| Find next file
2018-12-17T22:07:32.18086976Z	59	PC: 12a94 \| Change current directory
2018-12-17T22:07:32.18529231Z	9	PC: 12a9e \| Display string (String= 'Dude Messenger From Hell [IVP] ')
2018-12-17T22:07:32.193974474Z	37	PC: 12aa8 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:07:32.195817625Z	59	PC: 12ab2 \| Change current directory
2018-12-17T22:07:32.197904518Z	26	PC: 12b6c \| Set disk transfer address