Sample viewer

vx.netlux.org/Virus.DOS.Killme.1972

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:18:59.840758239Z 75 PC: 1f5f4 | Execute program
2018-12-17T22:18:59.851291137Z 74 PC: 1f5fe | Reallocate memory
2018-12-17T22:18:59.853240127Z 74 PC: 1f607 | Reallocate memory
2018-12-17T22:18:59.854845185Z 72 PC: 1f611 | Allocate memory
2018-12-17T22:18:59.857210892Z 72 PC: 1f61f | Allocate memory
2018-12-17T22:18:59.865694294Z 48 PC: 1950e | Get DOS version
2018-12-17T22:18:59.867007035Z 74 PC: 1958d | Reallocate memory
2018-12-17T22:18:59.870939093Z 53 PC: 1960b | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:18:59.872789817Z 37 PC: 1961d | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:18:59.874662191Z 68 PC: 196ad | I/O control for devices (Set for = '��4"�-�D�+ǣJ'���7����͋.&%�6���4".����It�+r��&+>�r�9t��It�+r̋�&+>�r�9u�&>�9S�uʌ���+>��{���II�t�+���+��׋t�9�s����>J'�����')
2018-12-17T22:18:59.877179537Z 68 PC: 196ad | I/O control for devices (Set for = '�6��60%�%+0%P���%+0%��~�')
2018-12-17T22:18:59.879206191Z 68 PC: 196ad | I/O control for devices (Set for = '�<')
2018-12-17T22:18:59.881223357Z 68 PC: 196ad | I/O control for devices (Set for = '')
2018-12-17T22:18:59.883594952Z 68 PC: 196ad | I/O control for devices (Set for = '')
2018-12-17T22:18:59.889428897Z 56 PC: 19b1a | Get or set country info
2018-12-17T22:18:59.891933406Z 68 PC: 1740f | I/O control for devices (Set for = '��;�E-��P&���E���8nv"ͩ��s��Ս�-\�+�\V�d��YG?�� "P�)?B�`h��aD��ɱч��5Z�20M��!SH��ޱN��D)��v�nh2Ű�')
2018-12-17T22:18:59.893442251Z 68 PC: 17424 | I/O control for devices
2018-12-17T22:18:59.895578273Z 84 PC: 1781d | Get verify flag
2018-12-17T22:18:59.898025976Z 51 PC: 17825 | Get or set Ctrl-Break
2018-12-17T22:18:59.89935122Z 51 PC: 17830 | Get or set Ctrl-Break
2018-12-17T22:18:59.90516446Z 37 PC: 1783a | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:18:59.906907821Z 53 PC: 1748e | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:18:59.908980536Z 37 PC: 1749e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:18:59.913980837Z 55 PC: 17ad0 | Get or set switch character
2018-12-17T22:18:59.915685227Z 43 PC: 1754d | Set date
2018-12-17T22:18:59.917541269Z 61 PC: 17e4a | Open file (Filename = '���:1x���� ��izt����m쫃���e [t�,?`OP$\��VF��cͳ�ݑ(0�Ү����R���@m2����eqE1WqQ�y�@�,@�XU͙��ag�I��N�A� Bw���+�A�6Z��5�/|�')
2018-12-17T22:18:59.922733283Z 61 PC: 17e4a | Open file (Filename = 'A:/PKWARE.INI')
2018-12-17T22:18:59.930007323Z 68 PC: 17313 | I/O control for devices (Set for = '  ')
2018-12-17T22:18:59.943167292Z 61 PC: 1811a | Open file (Filename = 'ved PKZIP, PKUNZIP, PKSFX Reg. U.S. Pat. and Tm. Off.')
2018-12-17T22:18:59.951177286Z 227 PC: 17584 | UNKNOWN!
2018-12-17T22:18:59.953274343Z 96 PC: 17c76 | Qualify filename
2018-12-17T22:18:59.974097123Z 64 PC: 177c8 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:18:59.977959119Z 64 PC: 177c8 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:18:59.999204413Z 12 PC: 19b1a | Flush input buffer and input