Sample viewer

vx.netlux.org/Virus.DOS.Lifeform.2101

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:14:07.656630546Z	58	PC: 12a85 \| Remove subdirectory
2018-12-17T22:14:07.663765409Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:14:07.665088202Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:14:07.666978241Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:14:07.669819693Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:14:07.67143283Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:14:07.672873279Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:14:07.674980927Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.676108008Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.677642879Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.679868139Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.681077477Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.682880123Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.683732249Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.685384564Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.687162688Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.688035051Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.692006045Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.692982571Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.694719502Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.696989043Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.698148946Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.700299934Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.701938873Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.710085012Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.722969054Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.725088754Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.727133553Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.728193205Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.734000197Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.737433038Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.741429438Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.744744628Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.745946Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.747362019Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.749343458Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.750776685Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.752114115Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.753142334Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.755057113Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.756465934Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.757866071Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.759968737Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.761235028Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.763718446Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.77268754Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.774457591Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.776448793Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.777945705Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.779947171Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.782306642Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.784150762Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.786246166Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.787300574Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.789507275Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.791329408Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.792324228Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.795262978Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.796394712Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.798314912Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.800921689Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.802033303Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.804450864Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.806455283Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.808757164Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.810519993Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.812793038Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.814620579Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.815423588Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.818151069Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.820152996Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.821215291Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.82504591Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.826132125Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.827761608Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.830202405Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.831169561Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.833026831Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.835139372Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:07.836687103Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:07.838464254Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:07.839949413Z	62	PC: 122ab \| Close file
2018-12-17T22:14:07.843444953Z	99	PC: 99557 \| Get DBCS lead byte table pointer
2018-12-17T22:14:07.84468531Z	56	PC: 93d79 \| Get or set country info
2018-12-17T22:14:07.84721284Z	64	PC: 997c8 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:14:07.85166214Z	25	PC: 93de2 \| Get default drive
2018-12-17T22:14:07.853360815Z	71	PC: 9605d \| Get current directory
2018-12-17T22:14:07.85658431Z	64	PC: 997c8 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:14:07.858763772Z	2	PC: 96032 \| Character output (Char = '3e')
2018-12-17T22:14:07.860532197Z	93	PC: 93ea0 \| File sharing functions
2018-12-17T22:14:07.862604042Z	93	PC: 93ea7 \| File sharing functions
2018-12-17T22:14:07.86416061Z	10	PC: 93eb9 \| Buffered keyboard input
2018-12-17T22:14:22.648861905Z	0	PC: 0 \| Program terminate
2018-12-17T22:14:24.004264923Z	0	PC: 0 \| Program terminate
2018-12-17T22:14:24.106530898Z	64	PC: 997c8 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:14:24.113433069Z	41	PC: 93f2e \| Parse filename
2018-12-17T22:14:24.116342818Z	41	PC: 93faf \| Parse filename
2018-12-17T22:14:24.118218086Z	41	PC: 93fcc \| Parse filename
2018-12-17T22:14:24.122561102Z	26	PC: 97477 \| Set disk transfer address
2018-12-17T22:14:24.124264138Z	71	PC: 97673 \| Get current directory
2018-12-17T22:14:24.131943215Z	78	PC: 9ed5d \| Find first file
2018-12-17T22:14:24.142135576Z	98	PC: 9f088 \| Get current PSP
2018-12-17T22:14:24.143019744Z	47	PC: 9ed8f \| Get disk transfer address
2018-12-17T22:14:24.144528108Z	71	PC: 974ec \| Get current directory
2018-12-17T22:14:24.147905843Z	73	PC: 96b89 \| Release memory
2018-12-17T22:14:24.149770561Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.150529236Z	42	PC: 9f1b5 \| Get date 0x9f1b5: retf 2 0x9f1b8: push bx 0x9f1b9: push cx 0x9f1ba: push dx 0x9f1bb: mov ax, 0xfa02 0x9f1be: mov dx, 0x5945 0x9f1c1: mov bl, 0 0x9f1c3: int3 0x9f1c4: mov byte ptr cs:[0x824], cl 0x9f1c9: pop dx 0x9f1ca: pop cx 0x9f1cb: pop bx 0x9f1cc: ret 0x9f1cd: push bx 0x9f1ce: push cx 0x9f1cf: push dx 0x9f1d0: mov ax, 0xfa02 0x9f1d3: mov dx, 0x5945 0x9f1d6: mov bl, byte ptr cs:[0x824] 0x9f1db: and bl, 0xfb
2018-12-17T22:14:24.153546188Z	67	PC: 9f1b5 \| Get or set file attributes
2018-12-17T22:14:24.159009687Z	65	PC: 9f1b5 \| Delete file
2018-12-17T22:14:24.164450722Z	67	PC: 9f1b5 \| Get or set file attributes
2018-12-17T22:14:24.175679485Z	65	PC: 9f1b5 \| Delete file
2018-12-17T22:14:24.181523735Z	67	PC: 9f1b5 \| Get or set file attributes
2018-12-17T22:14:24.187134219Z	65	PC: 9f1b5 \| Delete file
2018-12-17T22:14:24.193389717Z	67	PC: 9f1b5 \| Get or set file attributes
2018-12-17T22:14:24.198892293Z	65	PC: 9f1b5 \| Delete file
2018-12-17T22:14:24.209258205Z	67	PC: 9f1b5 \| Get or set file attributes
2018-12-17T22:14:24.2202684Z	65	PC: 9f1b5 \| Delete file
2018-12-17T22:14:24.230876676Z	67	PC: 9f1b5 \| Get or set file attributes
2018-12-17T22:14:24.241764567Z	65	PC: 9f1b5 \| Delete file
2018-12-17T22:14:24.248307792Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.249608921Z	75	PC: 11821 \| Execute program
2018-12-17T22:14:24.26317372Z	9	PC: 12a47 \| Display string (String= 'Hello, World! ')
2018-12-17T22:14:24.268304597Z	76	PC: 12a4b \| Terminate with return code (Return code = '36')
2018-12-17T22:14:24.271567385Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:14:24.2727554Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:14:24.275193355Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:14:24.277253758Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:14:24.278760475Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:14:24.280714836Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:14:24.282228326Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.283039168Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.285259445Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.287070701Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.288038197Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.291326599Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.292016215Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.293475105Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.295535123Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.296357084Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.297995741Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.29910347Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.300577741Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.302313559Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.303788946Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.305753531Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.306653816Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.309847974Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.312903651Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.314271499Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.316892571Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.3179944Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.31987698Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.322879996Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.324151986Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.326378707Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.329013353Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.330949156Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.333149769Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.335724135Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.337590518Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.338273071Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.340362213Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.342701556Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.344229724Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.347865622Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.349166619Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.351092725Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.353745387Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.354755259Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.356808909Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.359007413Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.360838387Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.363133271Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.365811634Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.368086257Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.369218501Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.372283225Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.374601971Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.375911246Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.379186441Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.380396387Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.382413796Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.385598399Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.386942305Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.389188782Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.391534858Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.393561414Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.395446497Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.397183946Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.399126732Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.399974358Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.402124514Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.404058801Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.40587691Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.409080084Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.40988549Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.411397771Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.414319525Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.415746937Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.418094329Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.419654549Z	69	PC: 9f1b5 \| Duplicate handle
2018-12-17T22:14:24.421030421Z	62	PC: 9f1b5 \| Close file
2018-12-17T22:14:24.422952718Z	250	PC: 9f1b5 \| UNKNOWN!
2018-12-17T22:14:24.424517369Z	62	PC: 122ab \| Close file
2018-12-17T22:14:24.42756096Z	99	PC: 99557 \| Get DBCS lead byte table pointer
2018-12-17T22:14:24.429580568Z	56	PC: 93d79 \| Get or set country info
2018-12-17T22:14:24.43213926Z	64	PC: 997c8 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:14:24.437218674Z	25	PC: 93de2 \| Get default drive
2018-12-17T22:14:24.439934952Z	71	PC: 9605d \| Get current directory
2018-12-17T22:14:24.444847279Z	64	PC: 997c8 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:14:24.447893611Z	2	PC: 96032 \| Character output (Char = '3e')
2018-12-17T22:14:24.450894011Z	93	PC: 93ea0 \| File sharing functions
2018-12-17T22:14:24.452952591Z	93	PC: 93ea7 \| File sharing functions
2018-12-17T22:14:24.455254136Z	10	PC: 93eb9 \| Buffered keyboard input