Sample viewer

vx.netlux.org/Virus.DOS.Mephisto.3.914

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:08:02.77346551Z	53	PC: 12b71 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:08:02.775421138Z	47	PC: 12c0b \| Get disk transfer address
2018-12-17T22:08:02.776530726Z	25	PC: 12c17 \| Get default drive
2018-12-17T22:08:02.777501338Z	71	PC: 12c2a \| Get current directory
2018-12-17T22:08:02.78177416Z	26	PC: 12c40 \| Set disk transfer address
2018-12-17T22:08:02.783005046Z	78	PC: 12c4b \| Find first file
2018-12-17T22:08:02.789124482Z	67	PC: 12d02 \| Get or set file attributes
2018-12-17T22:08:02.795060711Z	37	PC: 12b98 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:08:02.796074337Z	67	PC: 12d12 \| Get or set file attributes
2018-12-17T22:08:02.811638574Z	37	PC: 12b89 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:08:02.813859855Z	61	PC: 12d23 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:08:02.825142627Z	44	PC: 12d2b \| Get time 0x12d2b: mov word ptr [bp + 0x46a], dx 0x12d2f: mov word ptr [bp + 0x46c], cx 0x12d33: xor dh, ch 0x12d35: xor cl, dl 0x12d37: mov ch, dh 0x12d39: mov word ptr [bp + 0x46e], cx 0x12d3d: mov ax, 0x5700 0x12d40: mov bx, word ptr [bp + 0x16d] 0x12d44: int 0x21 0x12d46: mov word ptr [bp + 0x170], dx 0x12d4a: mov word ptr [bp + 0x16e], cx 0x12d4e: mov ah, 0x3f 0x12d50: mov cx, 3 0x12d53: lea dx, word ptr [bp + 0x15c] 0x12d57: int 0x21 0x12d59: add word ptr [bp + 0x174], 1 0x12d5e: mov ax, 0x4202 0x12d61: mov cx, 0 0x12d64: mov dx, 0 0x12d67: int 0x21
2018-12-17T22:08:02.827450572Z	87	PC: 12d46 \| Get or set file date and time
2018-12-17T22:08:02.831448209Z	63	PC: 12d59 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:08:02.840534198Z	66	PC: 12d69 \| Move file pointer
2018-12-17T22:08:02.842052157Z	66	PC: 12d7d \| Move file pointer
2018-12-17T22:08:02.844034336Z	64	PC: 12d89 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:08:02.848114724Z	66	PC: 12d94 \| Move file pointer
2018-12-17T22:08:02.85151357Z	64	PC: 12dcc \| Write file or device (Write 914 bytes on handle 5)
2018-12-17T22:08:02.86126985Z	87	PC: 12bae \| Get or set file date and time
2018-12-17T22:08:02.875573842Z	62	PC: 12bb2 \| Close file
2018-12-17T22:08:02.880687891Z	67	PC: 12bbf \| Get or set file attributes
2018-12-17T22:08:02.888379971Z	59	PC: 12bc7 \| Change current directory
2018-12-17T22:08:02.890962346Z	26	PC: 12bee \| Set disk transfer address
2018-12-17T22:08:02.892256681Z	0	PC: 12a43 \| Program terminate