Sample viewer

vx.netlux.org/Virus.DOS.Kane.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:52:34.926759426Z 53 PC: 13fca | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:34.928462076Z 53 PC: 13fca | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:52:34.929439573Z 53 PC: 13fca | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:34.930460313Z 53 PC: 13fca | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:52:34.931968532Z 53 PC: 13fca | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:34.933009017Z 53 PC: 13fca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:34.934151502Z 53 PC: 13fca | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:52:34.935527967Z 53 PC: 13fca | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:52:34.936498998Z 53 PC: 13fca | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:52:34.937528607Z 53 PC: 13fca | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:52:34.939481865Z 53 PC: 13fca | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:52:34.940528242Z 53 PC: 13fca | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:52:34.941482151Z 53 PC: 13fca | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:52:34.943058904Z 53 PC: 13fca | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:52:34.944324159Z 53 PC: 13fca | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:52:34.946129362Z 53 PC: 13fca | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:52:34.949375059Z 53 PC: 13fca | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:52:34.951028645Z 53 PC: 13fca | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:34.95267785Z 53 PC: 13fca | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:52:34.954468066Z 37 PC: 13fdf | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:34.955949683Z 37 PC: 13fe7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:34.95729526Z 37 PC: 13fef | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:34.960738379Z 37 PC: 13ff7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:34.962653411Z 68 PC: 14b3f | I/O control for devices (Set for = '')
2018-12-17T21:52:34.963889419Z 53 PC: 13e0f | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T21:52:34.970714458Z 37 PC: 13e2b | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T21:52:34.972650633Z 53 PC: 13e0f | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T21:52:34.974802761Z 37 PC: 13e2b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T21:52:34.977744647Z 53 PC: 13e0f | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:34.979105847Z 37 PC: 13e2b | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:34.980402397Z 51 PC: 13cfd | Get or set Ctrl-Break
2018-12-17T21:52:34.981907805Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:34.984039079Z 48 PC: 14852 | Get DOS version
2018-12-17T21:52:34.985179892Z 48 PC: 14852 | Get DOS version
2018-12-17T21:52:34.986827739Z 26 PC: 13dae | Set disk transfer address
2018-12-17T21:52:34.989116695Z 78 PC: 13dba | Find first file
2018-12-17T21:52:34.996501424Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:34.99860412Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.012823213Z 60 PC: 14690 | Create or truncate file
2018-12-17T21:52:35.022564461Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.023889988Z 65 PC: 147d9 | Delete file (Filename = 'A:\�')
2018-12-17T21:52:35.032927448Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.035171305Z 61 PC: 14690 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:52:35.041965662Z 66 PC: 147c2 | Move file pointer
2018-12-17T21:52:35.044443114Z 63 PC: 14763 | Read file or device (Read 5 bytes on handle 6)
2018-12-17T21:52:35.051510701Z 62 PC: 146e0 | Close file
2018-12-17T21:52:35.053414502Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.056603253Z 61 PC: 14690 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:52:35.063211642Z 63 PC: 14763 | Read file or device (Read 9856 bytes on handle 6)
2018-12-17T21:52:35.070556269Z 62 PC: 146e0 | Close file
2018-12-17T21:52:35.072922579Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.07437748Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.076120514Z 26 PC: 13dae | Set disk transfer address
2018-12-17T21:52:35.078205929Z 78 PC: 13dba | Find first file
2018-12-17T21:52:35.082722098Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.084873852Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.092193932Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.093793079Z 61 PC: 14690 | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:52:35.09890791Z 62 PC: 146e0 | Close file
2018-12-17T21:52:35.10156814Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.112505249Z 26 PC: 13dd2 | Set disk transfer address
2018-12-17T21:52:35.113975841Z 79 PC: 13dd7 | Find next file
2018-12-17T21:52:35.120282378Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.122301459Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.132255979Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.134831895Z 61 PC: 14690 | Open file (Filename = 'PRINT.COM')
2018-12-17T21:52:35.142753228Z 62 PC: 146e0 | Close file
2018-12-17T21:52:35.145819792Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.156908071Z 26 PC: 13dd2 | Set disk transfer address
2018-12-17T21:52:35.158058384Z 79 PC: 13dd7 | Find next file
2018-12-17T21:52:35.160413515Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.162805534Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.170705203Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.172794888Z 61 PC: 14690 | Open file (Filename = 'HELLO.COM')
2018-12-17T21:52:35.179717592Z 62 PC: 146e0 | Close file
2018-12-17T21:52:35.18200089Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.191761242Z 26 PC: 13dd2 | Set disk transfer address
2018-12-17T21:52:35.194247414Z 79 PC: 13dd7 | Find next file
2018-12-17T21:52:35.197534668Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.199237341Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.210280953Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.212385832Z 61 PC: 14690 | Open file (Filename = 'PHANG.COM')
2018-12-17T21:52:35.218879936Z 62 PC: 146e0 | Close file
2018-12-17T21:52:35.222867745Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.234930813Z 26 PC: 13dd2 | Set disk transfer address
2018-12-17T21:52:35.236275845Z 79 PC: 13dd7 | Find next file
2018-12-17T21:52:35.240973291Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.24294922Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.252690883Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.255030592Z 61 PC: 14690 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T21:52:35.262620536Z 62 PC: 146e0 | Close file
2018-12-17T21:52:35.265739278Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.276291439Z 26 PC: 13dd2 | Set disk transfer address
2018-12-17T21:52:35.277290887Z 79 PC: 13dd7 | Find next file
2018-12-17T21:52:35.280300582Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.282147821Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.292692213Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.294689874Z 61 PC: 14690 | Open file (Filename = 'MANDEL.COM')
2018-12-17T21:52:35.301761373Z 62 PC: 146e0 | Close file
2018-12-17T21:52:35.304906866Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.315801306Z 26 PC: 13dd2 | Set disk transfer address
2018-12-17T21:52:35.317206002Z 79 PC: 13dd7 | Find next file
2018-12-17T21:52:35.321657517Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.323726573Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.33344244Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.336070043Z 61 PC: 14690 | Open file (Filename = 'PAH.COM')
2018-12-17T21:52:35.342799054Z 62 PC: 146e0 | Close file
2018-12-17T21:52:35.345218453Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.355369105Z 26 PC: 13dd2 | Set disk transfer address
2018-12-17T21:52:35.356344208Z 79 PC: 13dd7 | Find next file
2018-12-17T21:52:35.363044246Z 26 PC: 13dae | Set disk transfer address
2018-12-17T21:52:35.364469434Z 78 PC: 13dba | Find first file
2018-12-17T21:52:35.370891275Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.373235619Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.384243221Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.385809157Z 61 PC: 14690 | Open file (Filename = 'TEST.EXE')
2018-12-17T21:52:35.392288585Z 62 PC: 146e0 | Close file
2018-12-17T21:52:35.396257134Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.405725135Z 26 PC: 13dd2 | Set disk transfer address
2018-12-17T21:52:35.406652363Z 79 PC: 13dd7 | Find next file
2018-12-17T21:52:35.410704003Z 37 PC: 13e2b | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T21:52:35.411670082Z 37 PC: 13e2b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T21:52:35.412441253Z 37 PC: 13e2b | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:35.413808879Z 26 PC: 13dae | Set disk transfer address
2018-12-17T21:52:35.414628039Z 78 PC: 13dba | Find first file
2018-12-17T21:52:35.418528372Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.420033022Z 61 PC: 14690 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:52:35.424273581Z 66 PC: 147c2 | Move file pointer
2018-12-17T21:52:35.425381008Z 63 PC: 14763 | Read file or device (Read 9856 bytes on handle 6)
2018-12-17T21:52:35.43188241Z 66 PC: 147c2 | Move file pointer
2018-12-17T21:52:35.43327363Z 64 PC: 146c1 | Write file or device (Write 0 bytes on handle 6)
2018-12-17T21:52:35.440892614Z 66 PC: 147c2 | Move file pointer
2018-12-17T21:52:35.443069854Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.444703215Z 64 PC: 14763 | Write file or device (Write 9856 bytes on handle 6)
2018-12-17T21:52:35.453510071Z 66 PC: 147c2 | Move file pointer
2018-12-17T21:52:35.455912191Z 63 PC: 14763 | Read file or device (Read 1112 bytes on handle 6)
2018-12-17T21:52:35.463360537Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.465002981Z 66 PC: 147c2 | Move file pointer
2018-12-17T21:52:35.466919648Z 63 PC: 14763 | Read file or device (Read 1112 bytes on handle 6)
2018-12-17T21:52:35.474328726Z 66 PC: 147c2 | Move file pointer
2018-12-17T21:52:35.475979162Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.47880983Z 64 PC: 14763 | Write file or device (Write 1112 bytes on handle 6)
2018-12-17T21:52:35.486525393Z 66 PC: 147c2 | Move file pointer
2018-12-17T21:52:35.487866882Z 64 PC: 14763 | Write file or device (Write 1112 bytes on handle 6)
2018-12-17T21:52:35.496450365Z 66 PC: 147c2 | Move file pointer
2018-12-17T21:52:35.497927596Z 66 PC: 147c2 | Move file pointer
2018-12-17T21:52:35.499529709Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.502278339Z 63 PC: 14763 | Read file or device (Read 1223 bytes on handle 6)
2018-12-17T21:52:35.510705587Z 66 PC: 147c2 | Move file pointer
2018-12-17T21:52:35.512844147Z 64 PC: 14763 | Write file or device (Write 1223 bytes on handle 6)
2018-12-17T21:52:35.522498771Z 66 PC: 147c2 | Move file pointer
2018-12-17T21:52:35.524039255Z 87 PC: 13d7e | Get or set file date and time
2018-12-17T21:52:35.52559411Z 67 PC: 13d37 | Get or set file attributes
2018-12-17T21:52:35.536588993Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.53828299Z 62 PC: 146e0 | Close file
2018-12-17T21:52:35.544231134Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:35.546256603Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:52:35.547417389Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:52:35.548594134Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:52:35.550780275Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:35.552090762Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:52:35.553418209Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:52:35.555656039Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:52:35.556931738Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:35.558270187Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:52:35.560386894Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:35.561378516Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:52:35.562460347Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:52:35.564606939Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:52:35.565690394Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:52:35.566764052Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:52:35.568492758Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:52:35.569588025Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:52:35.570733159Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:52:35.572594131Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:52:35.57357981Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:52:35.57455529Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:52:35.576218736Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:52:35.577311653Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:52:35.578140844Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:52:35.580129122Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:52:35.581123826Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:52:35.582518002Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:52:35.58424616Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:52:35.585367382Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:52:35.586428429Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:52:35.587969438Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:52:35.589019804Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:52:35.59058371Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:52:35.592301504Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:35.593611007Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:52:35.595385034Z 53 PC: 13f48 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:52:35.597556312Z 37 PC: 13f51 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:52:35.599831046Z 64 PC: 143e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:52:35.603399091Z 41 PC: 13eff | Parse filename
2018-12-17T21:52:35.607948253Z 41 PC: 13f0d | Parse filename
2018-12-17T21:52:35.618572906Z 75 PC: 13f18 | Execute program