Sample viewer

vx.netlux.org/Virus.DOS.Abba.9849.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:11:59.262302685Z	232	PC: 14108 \| UNKNOWN!
2018-12-17T22:11:59.264187494Z	53	PC: 12b9e \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:11:59.265723989Z	74	PC: 12b2a \| Reallocate memory
2018-12-17T22:11:59.267355375Z	98	PC: 15042 \| Get current PSP
2018-12-17T22:11:59.269527564Z	26	PC: 1504d \| Set disk transfer address
2018-12-17T22:11:59.270667683Z	78	PC: 15059 \| Find first file
2018-12-17T22:11:59.276414366Z	54	PC: 1502b \| Get free disk space
2018-12-17T22:11:59.278785613Z	98	PC: 15042 \| Get current PSP
2018-12-17T22:11:59.279975014Z	26	PC: 1504d \| Set disk transfer address
2018-12-17T22:11:59.281278629Z	78	PC: 15059 \| Find first file
2018-12-17T22:11:59.292325247Z	67	PC: 14e23 \| Get or set file attributes
2018-12-17T22:12:00.605544376Z	78	PC: 12cc1 \| Find first file
2018-12-17T22:12:00.61127465Z	60	PC: 12cd7 \| Create or truncate file
2018-12-17T22:12:00.62359816Z	62	PC: 12cdd \| Close file
2018-12-17T22:12:00.626698286Z	61	PC: 14e64 \| Open file (Filename = '��:u ��;Du��øB�$3�3��!��#�؋�#%')
2018-12-17T22:12:00.632711041Z	63	PC: 14e73 \| Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:12:00.635381803Z	62	PC: 14ea7 \| Close file
2018-12-17T22:12:00.637683371Z	67	PC: 14e32 \| Get or set file attributes
2018-12-17T22:12:00.645804342Z	75	PC: 12b73 \| Execute program
2018-12-17T22:12:00.666142765Z	80	PC: 167a9 \| Set current PSP
2018-12-17T22:12:00.667514728Z	48	PC: 167ae \| Get DOS version
2018-12-17T22:12:00.669000277Z	101	PC: 16834 \| Get extended country info
2018-12-17T22:12:00.670139714Z	99	PC: 1683a \| Get DBCS lead byte table pointer
2018-12-17T22:12:00.671757496Z	74	PC: 1689c \| Reallocate memory
2018-12-17T22:12:00.672964104Z	25	PC: 168d3 \| Get default drive
2018-12-17T22:12:00.673911253Z	37	PC: 16393 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:12:00.67567628Z	37	PC: 1639a \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:12:00.67663233Z	37	PC: 163a1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:12:00.679338971Z	2	PC: 1665c \| Character output (Char = '0d')
2018-12-17T22:12:00.681820346Z	2	PC: 1665c \| Character output (Char = '0a')
2018-12-17T22:12:00.68516543Z	2	PC: 1665c \| Character output (Char = '0d')
2018-12-17T22:12:00.686938348Z	2	PC: 1665c \| Character output (Char = '0a')
2018-12-17T22:12:00.691942663Z	2	PC: 1665c \| Character output (Char = '4d')
2018-12-17T22:12:00.693865319Z	2	PC: 1665c \| Character output (Char = '69')
2018-12-17T22:12:00.69574836Z	2	PC: 1665c \| Character output (Char = '63')
2018-12-17T22:12:00.698292338Z	2	PC: 1665c \| Character output (Char = '72')
2018-12-17T22:12:00.700467494Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T22:12:00.702645176Z	2	PC: 1665c \| Character output (Char = '73')
2018-12-17T22:12:00.705130904Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T22:12:00.707038291Z	2	PC: 1665c \| Character output (Char = '66')
2018-12-17T22:12:00.709060239Z	2	PC: 1665c \| Character output (Char = '74')
2018-12-17T22:12:00.711892351Z	2	PC: 1665c \| Character output (Char = '28')
2018-12-17T22:12:00.713786041Z	2	PC: 1665c \| Character output (Char = '52')
2018-12-17T22:12:00.715962226Z	2	PC: 1665c \| Character output (Char = '29')
2018-12-17T22:12:00.718241506Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.720277286Z	2	PC: 1665c \| Character output (Char = '4d')
2018-12-17T22:12:00.722302751Z	2	PC: 1665c \| Character output (Char = '53')
2018-12-17T22:12:00.724759409Z	2	PC: 1665c \| Character output (Char = '2d')
2018-12-17T22:12:00.726614222Z	2	PC: 1665c \| Character output (Char = '44')
2018-12-17T22:12:00.728518519Z	2	PC: 1665c \| Character output (Char = '4f')
2018-12-17T22:12:00.731526366Z	2	PC: 1665c \| Character output (Char = '53')
2018-12-17T22:12:00.733828607Z	2	PC: 1665c \| Character output (Char = '28')
2018-12-17T22:12:00.736886287Z	2	PC: 1665c \| Character output (Char = '52')
2018-12-17T22:12:00.739652509Z	2	PC: 1665c \| Character output (Char = '29')
2018-12-17T22:12:00.741771404Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.743768703Z	2	PC: 1665c \| Character output (Char = '56')
2018-12-17T22:12:00.746774403Z	2	PC: 1665c \| Character output (Char = '65')
2018-12-17T22:12:00.748747667Z	2	PC: 1665c \| Character output (Char = '72')
2018-12-17T22:12:00.75065873Z	2	PC: 1665c \| Character output (Char = '73')
2018-12-17T22:12:00.753312513Z	2	PC: 1665c \| Character output (Char = '69')
2018-12-17T22:12:00.755717894Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T22:12:00.757654923Z	2	PC: 1665c \| Character output (Char = '6e')
2018-12-17T22:12:00.760028609Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.762051297Z	2	PC: 1665c \| Character output (Char = '36')
2018-12-17T22:12:00.76404949Z	2	PC: 1665c \| Character output (Char = '2e')
2018-12-17T22:12:00.766474393Z	2	PC: 1665c \| Character output (Char = '32')
2018-12-17T22:12:00.769160737Z	2	PC: 1665c \| Character output (Char = '32')
2018-12-17T22:12:00.771150206Z	2	PC: 1665c \| Character output (Char = '0d')
2018-12-17T22:12:00.773465987Z	2	PC: 1665c \| Character output (Char = '0a')
2018-12-17T22:12:00.776979604Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.779026997Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.781367909Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.783278143Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.7853123Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.787589309Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.789632427Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.791586839Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.793903701Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.796276081Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.79825139Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.813624738Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.815895971Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.818070336Z	2	PC: 1665c \| Character output (Char = '28')
2018-12-17T22:12:00.820891685Z	2	PC: 1665c \| Character output (Char = '43')
2018-12-17T22:12:00.822991984Z	2	PC: 1665c \| Character output (Char = '29')
2018-12-17T22:12:00.826253552Z	2	PC: 1665c \| Character output (Char = '43')
2018-12-17T22:12:00.829558828Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T22:12:00.832303891Z	2	PC: 1665c \| Character output (Char = '70')
2018-12-17T22:12:00.83430601Z	2	PC: 1665c \| Character output (Char = '79')
2018-12-17T22:12:00.837068097Z	2	PC: 1665c \| Character output (Char = '72')
2018-12-17T22:12:00.839507484Z	2	PC: 1665c \| Character output (Char = '69')
2018-12-17T22:12:00.841643464Z	2	PC: 1665c \| Character output (Char = '67')
2018-12-17T22:12:00.847982761Z	2	PC: 1665c \| Character output (Char = '68')
2018-12-17T22:12:00.849925837Z	2	PC: 1665c \| Character output (Char = '74')
2018-12-17T22:12:00.851943104Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.854973791Z	2	PC: 1665c \| Character output (Char = '4d')
2018-12-17T22:12:00.856871735Z	2	PC: 1665c \| Character output (Char = '69')
2018-12-17T22:12:00.859544507Z	2	PC: 1665c \| Character output (Char = '63')
2018-12-17T22:12:00.862610961Z	2	PC: 1665c \| Character output (Char = '72')
2018-12-17T22:12:00.864625865Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T22:12:00.866600765Z	2	PC: 1665c \| Character output (Char = '73')
2018-12-17T22:12:00.869029874Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T22:12:00.871037581Z	2	PC: 1665c \| Character output (Char = '66')
2018-12-17T22:12:00.87303358Z	2	PC: 1665c \| Character output (Char = '74')
2018-12-17T22:12:00.876168973Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.878088792Z	2	PC: 1665c \| Character output (Char = '43')
2018-12-17T22:12:00.881071492Z	2	PC: 1665c \| Character output (Char = '6f')
2018-12-17T22:12:00.883653965Z	2	PC: 1665c \| Character output (Char = '72')
2018-12-17T22:12:00.885813085Z	2	PC: 1665c \| Character output (Char = '70')
2018-12-17T22:12:00.888607898Z	2	PC: 1665c \| Character output (Char = '20')
2018-12-17T22:12:00.891796832Z	2	PC: 1665c \| Character output (Char = '31')
2018-12-17T22:12:00.893857057Z	2	PC: 1665c \| Character output (Char = '39')
2018-12-17T22:12:00.896095995Z	2	PC: 1665c \| Character output (Char = '38')
2018-12-17T22:12:00.900172506Z	2	PC: 1665c \| Character output (Char = '31')
2018-12-17T22:12:00.902250959Z	2	PC: 1665c \| Character output (Char = '2d')
2018-12-17T22:12:00.904696094Z	2	PC: 1665c \| Character output (Char = '31')
2018-12-17T22:12:00.908303644Z	2	PC: 1665c \| Character output (Char = '39')
2018-12-17T22:12:00.910332687Z	2	PC: 1665c \| Character output (Char = '39')
2018-12-17T22:12:00.912317177Z	2	PC: 1665c \| Character output (Char = '34')
2018-12-17T22:12:00.914826787Z	2	PC: 1665c \| Character output (Char = '2e')
2018-12-17T22:12:00.916830111Z	2	PC: 1665c \| Character output (Char = '0d')
2018-12-17T22:12:00.918811Z	2	PC: 1665c \| Character output (Char = '0a')
2018-12-17T22:12:00.92388458Z	74	PC: 1553c \| Reallocate memory
2018-12-17T22:12:00.925256884Z	72	PC: 1557d \| Allocate memory
2018-12-17T22:12:00.926732872Z	72	PC: 155b5 \| Allocate memory
2018-12-17T22:12:00.929849287Z	72	PC: 155bd \| Allocate memory