Sample viewer

vx.netlux.org/Virus.DOS.VCOMM.636.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:09:41.189507914Z 47 PC: 13c5d | Get disk transfer address
2018-12-17T22:09:41.191249617Z 26 PC: 13c6e | Set disk transfer address
2018-12-17T22:09:41.192403322Z 53 PC: 13c73 | Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:09:41.193742448Z 78 PC: 13cbd | Find first file
2018-12-17T22:09:41.200159842Z 67 PC: 13cd3 | Get or set file attributes
2018-12-17T22:09:41.205581145Z 67 PC: 13ce1 | Get or set file attributes
2018-12-17T22:09:41.221251428Z 86 PC: 13cfd | Rename file
2018-12-17T22:09:41.230740629Z 61 PC: 13d05 | Open file (Filename = 'TEST.')
2018-12-17T22:09:41.240219787Z 87 PC: 13d0e | Get or set file date and time
2018-12-17T22:09:41.241371112Z 63 PC: 13d20 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:09:41.247313269Z 34 PC: 13d44 | Random write
2018-12-17T22:09:41.250581831Z 63 PC: 13d4e | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:09:41.253811499Z 66 PC: 13ddf | Move file pointer
2018-12-17T22:09:41.261395873Z 64 PC: 13de9 | Write file or device (Write 26 bytes on handle 5)
2018-12-17T22:09:41.26352852Z 66 PC: 13df2 | Move file pointer
2018-12-17T22:09:41.265008893Z 64 PC: 13e02 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:09:41.267262816Z 66 PC: 13e1c | Move file pointer
2018-12-17T22:09:41.268967431Z 64 PC: 13e22 | Write file or device (Write 388 bytes on handle 5)
2018-12-17T22:09:41.276209745Z 64 PC: 13e36 | Write file or device (Write 636 bytes on handle 5)
2018-12-17T22:09:41.285506663Z 87 PC: 13e84 | Get or set file date and time
2018-12-17T22:09:41.287629934Z 62 PC: 13e88 | Close file
2018-12-17T22:09:41.295386936Z 86 PC: 13e92 | Rename file
2018-12-17T22:09:41.306774554Z 67 PC: 13e9e | Get or set file attributes
2018-12-17T22:09:41.317622071Z 26 PC: 13e4e | Set disk transfer address
2018-12-17T22:09:41.318704934Z 9 PC: 12a5c | Display string (Could not find end pointer)
2018-12-17T22:09:41.342776329Z 76 PC: 12a61 | Terminate with return code (Return code = '0')