Sample viewer

vx.netlux.org/Virus.DOS.Kolya.5632.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:22:39.635694389Z	172	PC: 16896 \| UNKNOWN!
2018-12-17T22:22:39.638179915Z	53	PC: 168d5 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:39.639648049Z	37	PC: 168e5 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:39.641094972Z	53	PC: 168ea \| Get interrupt vector (Interrupt = '16' AKA 'Close file')
2018-12-17T22:22:39.64350943Z	37	PC: 168fa \| Set interrupt vector (Interrupt = '16' AKA 'Close file')
2018-12-17T22:22:39.649926467Z	98	PC: 151d8 \| Get current PSP
2018-12-17T22:22:39.650848689Z	74	PC: 15217 \| Reallocate memory
2018-12-17T22:22:39.673230843Z	82	PC: 1521d \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:22:39.675475117Z	25	PC: 162ca \| Get default drive
2018-12-17T22:22:39.677111998Z	13	PC: 16258 \| Disk reset
2018-12-17T22:22:39.680076594Z	99	PC: 13b6b \| Get DBCS lead byte table pointer
2018-12-17T22:22:39.681881977Z	68	PC: 13b85 \| I/O control for devices (Set for = '')
2018-12-17T22:22:39.683599212Z	68	PC: 13b90 \| I/O control for devices (Set for = '')
2018-12-17T22:22:39.688241977Z	68	PC: 13b9b \| I/O control for devices (Set for = '')
2018-12-17T22:22:39.69105926Z	68	PC: 13ba3 \| I/O control for devices (Set for = '��b��g�t�S3��[r�2��W�<t��>W')
2018-12-17T22:22:39.692824503Z	48	PC: 13ba8 \| Get DOS version
2018-12-17T22:22:39.694587682Z	64	PC: 13e21 \| Write file or device (Write 23 bytes on handle 2)
2018-12-17T22:22:39.705786885Z	64	PC: 13e21 \| Write file or device (Write 25 bytes on handle 1)
2018-12-17T22:22:39.710960772Z	64	PC: 13e21 \| Write file or device (Write 169 bytes on handle 1)
2018-12-17T22:22:39.721819644Z	76	PC: 162a8 \| Terminate with return code (Return code = '0')