Sample viewer

vx.netlux.org/Virus.DOS.VCL.JFK.940

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:18:34.61878804Z	47	PC: 12e56 \| Get disk transfer address
2018-12-17T22:18:34.620554965Z	26	PC: 12e5e \| Set disk transfer address
2018-12-17T22:18:34.621714827Z	71	PC: 12fcd \| Get current directory
2018-12-17T22:18:34.624486595Z	59	PC: 12fd5 \| Change current directory
2018-12-17T22:18:34.628784798Z	47	PC: 12fea \| Get disk transfer address
2018-12-17T22:18:34.630026181Z	26	PC: 12ff8 \| Set disk transfer address
2018-12-17T22:18:34.631780908Z	78	PC: 13003 \| Find first file
2018-12-17T22:18:34.637326463Z	79	PC: 1302b \| Find next file
2018-12-17T22:18:34.639804648Z	79	PC: 1302b \| Find next file
2018-12-17T22:18:34.642148778Z	79	PC: 1302b \| Find next file
2018-12-17T22:18:34.644323553Z	79	PC: 1302b \| Find next file
2018-12-17T22:18:34.646805662Z	79	PC: 1302b \| Find next file
2018-12-17T22:18:34.649112634Z	79	PC: 1302b \| Find next file
2018-12-17T22:18:34.651377986Z	79	PC: 1302b \| Find next file
2018-12-17T22:18:34.654279504Z	79	PC: 1302b \| Find next file
2018-12-17T22:18:34.657229179Z	79	PC: 1302b \| Find next file
2018-12-17T22:18:34.659734733Z	47	PC: 13051 \| Get disk transfer address
2018-12-17T22:18:34.661508601Z	26	PC: 13060 \| Set disk transfer address
2018-12-17T22:18:34.662706976Z	78	PC: 1306e \| Find first file
2018-12-17T22:18:34.66858942Z	47	PC: 13086 \| Get disk transfer address
2018-12-17T22:18:34.670229774Z	61	PC: 1309f \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:18:34.676475542Z	63	PC: 130ab \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:18:34.682471883Z	66	PC: 130b5 \| Move file pointer
2018-12-17T22:18:34.684346996Z	62	PC: 130ba \| Close file
2018-12-17T22:18:34.686098633Z	67	PC: 130da \| Get or set file attributes
2018-12-17T22:18:34.695534795Z	61	PC: 130df \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:18:34.7054359Z	64	PC: 130eb \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:18:34.709130037Z	66	PC: 130f5 \| Move file pointer
2018-12-17T22:18:34.711653462Z	64	PC: 131ea \| Write file or device (Write 940 bytes on handle 5)
2018-12-17T22:18:34.722240132Z	87	PC: 13109 \| Get or set file date and time
2018-12-17T22:18:34.72398728Z	62	PC: 1310d \| Close file
2018-12-17T22:18:34.7321986Z	67	PC: 1311a \| Get or set file attributes
2018-12-17T22:18:34.742093806Z	26	PC: 13080 \| Set disk transfer address
2018-12-17T22:18:34.74335247Z	26	PC: 1303d \| Set disk transfer address
2018-12-17T22:18:34.744443321Z	59	PC: 12fdf \| Change current directory
2018-12-17T22:18:34.746119656Z	42	PC: 1312f \| Get date 0x1312f: mov al, dl 0x13131: cwde 0x13132: ret 0x13133: mov ah, 0x2a 0x13135: int 0x21 0x13137: mov al, dh 0x13139: cwde 0x1313a: ret 0x1313b: push sp 0x1313c: outsw dx, word ptr [si] 0x1313d: popaw 0x1313f: jns 0x1316d 0x13141: and byte ptr [bp + si + 0x46], cl 0x13144: dec bx 0x13145: and byte ptr [si + 0x69], ch 0x13148: jbe 0x131af 0x1314a: jae 0x1316c 0x1314c: popaw 0x1314d: popaw 0x1314f: imul bp, word ptr [bp + 0x20], 0x7962
2018-12-17T22:18:34.748424839Z	26	PC: 12fad \| Set disk transfer address
2018-12-17T22:18:34.749518509Z	9	PC: 12e26 \| Display string (String= 'BCDEF- This is a 1000 byte COM test, 1994 ')