Sample viewer

vx.netlux.org/Virus.DOS.Ksenia.5000.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:22:14.31625545Z	48	PC: 13e7d \| Get DOS version
2018-12-17T22:22:14.318865239Z	24	PC: 13eb4 \| Reserved
2018-12-17T22:22:14.321128189Z	53	PC: 13343 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:14.32210091Z	37	PC: 13356 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:14.323418504Z	53	PC: 1335b \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:22:14.326094305Z	37	PC: 1336b \| Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:22:14.32823934Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.330197826Z	74	PC: 12d46 \| Reallocate memory
2018-12-17T22:22:14.3325075Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.334292358Z	113	PC: 1376a \| UNKNOWN!
2018-12-17T22:22:14.335294113Z	67	PC: 1376a \| Get or set file attributes
2018-12-17T22:22:14.34461538Z	113	PC: 1376a \| UNKNOWN!
2018-12-17T22:22:14.345940111Z	108	PC: 1376a \| Extended open/create file
2018-12-17T22:22:14.351464719Z	68	PC: 1376a \| I/O control for devices (Set for = '')
2018-12-17T22:22:14.354419643Z	66	PC: 1376a \| Move file pointer
2018-12-17T22:22:14.355968064Z	66	PC: 1376a \| Move file pointer
2018-12-17T22:22:14.357940802Z	63	PC: 1376a \| Read file or device (Read 32 bytes on handle 5)
2018-12-17T22:22:14.361976788Z	66	PC: 1376a \| Move file pointer
2018-12-17T22:22:14.364248315Z	87	PC: 1376a \| Get or set file date and time
2018-12-17T22:22:14.366513535Z	66	PC: 1376a \| Move file pointer
2018-12-17T22:22:14.374297021Z	66	PC: 1376a \| Move file pointer
2018-12-17T22:22:14.379698449Z	63	PC: 1376a \| Read file or device (Read 32 bytes on handle 5)
2018-12-17T22:22:14.382678726Z	66	PC: 1376a \| Move file pointer
2018-12-17T22:22:14.38488968Z	87	PC: 1376a \| Get or set file date and time
2018-12-17T22:22:14.38747186Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.401873815Z	113	PC: 1376a \| UNKNOWN!
2018-12-17T22:22:14.403517214Z	75	PC: 12d67 \| Execute program
2018-12-17T22:22:14.413763737Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.432253484Z	48	PC: 1696d \| Get DOS version
2018-12-17T22:22:14.435156778Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.441292976Z	9	PC: 1554c \| Display string (Could not find end pointer)
2018-12-17T22:22:14.44513834Z	76	PC: 15551 \| Terminate with return code (Return code = '0')
2018-12-17T22:22:14.447553494Z	73	PC: 12d71 \| Release memory
2018-12-17T22:22:14.449544208Z	77	PC: 12d95 \| Get program return code
2018-12-17T22:22:14.450929655Z	76	PC: 12d99 \| Terminate with return code (Return code = '0')
2018-12-17T22:22:14.453706662Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:22:14.4557611Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:22:14.457615504Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:22:14.459232861Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:22:14.461040562Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:22:14.462291024Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:14.463480428Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.464681486Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.466462706Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.467986107Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.469615359Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.471297765Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.472651508Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.473966737Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.475980237Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.47720565Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.478682072Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.480684175Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.482151148Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.483655875Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.48606161Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.487681961Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.489426211Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.491275693Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.493089864Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.494708375Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.496645968Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.497816134Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.499819434Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.501705448Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.512701705Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.513971262Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.515510386Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.517407865Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.519459576Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.521315536Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.523743636Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.525646588Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.52766446Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.52955912Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.531606056Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.533698757Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.539435615Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.540814235Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.542933186Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.545368231Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.547684812Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.549547247Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.552812086Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.554646178Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.562569426Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.565066347Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.56698367Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.569304Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.571566191Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.573911699Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.576118585Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.578264806Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.580973239Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.582726343Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.584943423Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.587491555Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.589969193Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.591699209Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.595390934Z	62	PC: 1376a \| Close file
2018-12-17T22:22:14.597558421Z	68	PC: 1376a \| I/O control for devices (Set for = 'mfyW�Wv W�Wj W�WcW�W�W W5W')
2018-12-17T22:22:14.60159384Z	99	PC: 9a5d7 \| Get DBCS lead byte table pointer
2018-12-17T22:22:14.603789452Z	56	PC: 94df9 \| Get or set country info
2018-12-17T22:22:14.60606534Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.607359254Z	68	PC: 1376a \| I/O control for devices (Set for = ' %1 mm-dd-yy')
2018-12-17T22:22:14.609589932Z	68	PC: 1376a \| I/O control for devices (Set for = ' %1 mm-dd-yy')
2018-12-17T22:22:14.611162677Z	64	PC: 1376a \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:22:14.615991697Z	68	PC: 1376a \| I/O control for devices (Set for = ' %1 mm-dd-yy')
2018-12-17T22:22:14.618497928Z	25	PC: 94e62 \| Get default drive
2018-12-17T22:22:14.620372585Z	71	PC: 970dd \| Get current directory
2018-12-17T22:22:14.624731911Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:14.626403695Z	68	PC: 1376a \| I/O control for devices (Set for = 'A:\ win TEMP=C:\WINDOWS\TEMP$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$MS DOS Version 6 (C)Copyright 1981-1994 Microsoft Corp Licensed Material - Property of Microsoft All rights reserved ')
2018-12-17T22:22:14.627641071Z	68	PC: 1376a \| I/O control for devices (Set for = 'A:\ win TEMP=C:\WINDOWS\TEMP$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$MS DOS Version 6 (C)Copyright 1981-1994 Microsoft Corp Licensed Material - Property of Microsoft All rights reserved ')
2018-12-17T22:22:14.628825533Z	64	PC: 1376a \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:22:14.631487827Z	68	PC: 1376a \| I/O control for devices (Set for = 'A:\ win TEMP=C:\WINDOWS\TEMP$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$MS DOS Version 6 (C)Copyright 1981-1994 Microsoft Corp Licensed Material - Property of Microsoft All rights reserved ')
2018-12-17T22:22:14.633314758Z	2	PC: 970b2 \| Character output (Char = '3e')
2018-12-17T22:22:14.637327061Z	93	PC: 94f20 \| File sharing functions
2018-12-17T22:22:14.63916569Z	93	PC: 94f27 \| File sharing functions
2018-12-17T22:22:14.641153542Z	10	PC: 94f39 \| Buffered keyboard input
2018-12-17T22:22:15.484994736Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:16.474725073Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:17.464454239Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:18.454489905Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:19.443525273Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:20.434208468Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:21.423295963Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:22.412740784Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:23.403627768Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:24.392784212Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:25.382472355Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:26.373477127Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:27.362612518Z	98	PC: 1376a \| Get current PSP
2018-12-17T22:22:28.352455209Z	98	PC: 1376a \| Get current PSP