Sample viewer

vx.netlux.org/Virus.DOS.MtE-based

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:22:03.337085737Z	26	PC: 12aa5 \| Set disk transfer address
2018-12-17T22:22:03.339417514Z	53	PC: 12aaa \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:03.340698688Z	37	PC: 12ab4 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:03.342433213Z	78	PC: 12acd \| Find first file
2018-12-17T22:22:03.353880399Z	67	PC: 12b10 \| Get or set file attributes
2018-12-17T22:22:03.37068035Z	61	PC: 12b17 \| Open file (Filename = '��>s')
2018-12-17T22:22:03.378191451Z	63	PC: 12b24 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:22:03.385195279Z	66	PC: 12b3c \| Move file pointer
2018-12-17T22:22:03.388393049Z	87	PC: 12b52 \| Get or set file date and time
2018-12-17T22:22:03.395268821Z	64	PC: 12b85 \| Write file or device (Write 3177 bytes on handle 5)
2018-12-17T22:22:03.403798837Z	66	PC: 12b94 \| Move file pointer
2018-12-17T22:22:03.410235046Z	64	PC: 12b9e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:22:03.413699271Z	87	PC: 12ba5 \| Get or set file date and time
2018-12-17T22:22:03.41544344Z	62	PC: 12ba9 \| Close file
2018-12-17T22:22:03.424984829Z	79	PC: 12acd \| Find next file
2018-12-17T22:22:03.427297043Z	67	PC: 12b10 \| Get or set file attributes
2018-12-17T22:22:03.434416731Z	61	PC: 12b17 \| Open file (Filename = ' ��"��y��)tj��Z�߽�=7��CZM�Ը��7��ڨ�b�#��l��gna&o1�v2��~�x�~��k�QB�=�2mZ��2=��ϴ:�z��>7��o�S˸�=�(�N�%��!0��ވٳ� ��:,-�1V� ��"=̈J(��%�')
2018-12-17T22:22:03.462528782Z	63	PC: 12b24 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:22:03.469288081Z	66	PC: 12b3c \| Move file pointer
2018-12-17T22:22:03.470873899Z	87	PC: 12b52 \| Get or set file date and time
2018-12-17T22:22:03.480367789Z	64	PC: 12b85 \| Write file or device (Write 3045 bytes on handle 5)
2018-12-17T22:22:03.488758885Z	66	PC: 12b94 \| Move file pointer
2018-12-17T22:22:03.490167097Z	64	PC: 12b9e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:22:03.493878873Z	87	PC: 12ba5 \| Get or set file date and time
2018-12-17T22:22:03.495404744Z	62	PC: 12ba9 \| Close file
2018-12-17T22:22:03.50316893Z	79	PC: 12acd \| Find next file
2018-12-17T22:22:03.506131618Z	67	PC: 12b10 \| Get or set file attributes
2018-12-17T22:22:03.516054103Z	61	PC: 12b17 \| Open file (Filename = '�uy-�P$��֞Dָ�-��PP� ��6��0��fS\|��~]}�A�#��#1�L��90_��d�\�À�P�~��x\|�&�Q]��Oe÷I�=�ѣ9��x��YX��)�n��ߞ�р9˩�'��w�� vv�~z�')
2018-12-17T22:22:03.522995164Z	63	PC: 12b24 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:22:03.529788345Z	66	PC: 12b3c \| Move file pointer
2018-12-17T22:22:03.531786958Z	87	PC: 12b52 \| Get or set file date and time
2018-12-17T22:22:03.539024913Z	64	PC: 12b85 \| Write file or device (Write 2980 bytes on handle 5)
2018-12-17T22:22:03.548894531Z	66	PC: 12b94 \| Move file pointer
2018-12-17T22:22:03.551573352Z	64	PC: 12b9e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:22:03.554563761Z	87	PC: 12ba5 \| Get or set file date and time
2018-12-17T22:22:03.556337306Z	62	PC: 12ba9 \| Close file
2018-12-17T22:22:03.56524919Z	79	PC: 12acd \| Find next file
2018-12-17T22:22:03.567913694Z	67	PC: 12b10 \| Get or set file attributes
2018-12-17T22:22:03.577627098Z	61	PC: 12b17 \| Open file (Filename = '� L�9��'')
2018-12-17T22:22:03.59277145Z	63	PC: 12b24 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:22:03.597237245Z	66	PC: 12b3c \| Move file pointer
2018-12-17T22:22:03.598414404Z	87	PC: 12b52 \| Get or set file date and time
2018-12-17T22:22:03.605635249Z	64	PC: 12b85 \| Write file or device (Write 3043 bytes on handle 5)
2018-12-17T22:22:03.628644015Z	66	PC: 12b94 \| Move file pointer
2018-12-17T22:22:03.630387962Z	64	PC: 12b9e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:22:03.634487545Z	87	PC: 12ba5 \| Get or set file date and time
2018-12-17T22:22:03.636603429Z	62	PC: 12ba9 \| Close file
2018-12-17T22:22:03.644391179Z	37	PC: 12af9 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:03.646589117Z	26	PC: 12b02 \| Set disk transfer address