Sample viewer

vx.netlux.org/Virus.DOS.Amuck.3184.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:22:53.718263886Z	48	PC: 14990 \| Get DOS version
2018-12-17T22:22:53.719677489Z	82	PC: 1499d \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:22:53.72126255Z	53	PC: 14a49 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:53.72225209Z	37	PC: 14a59 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:53.7238177Z	42	PC: 14a5d \| Get date 0x14a5d: mov byte ptr [0x4e7], al 0x14a60: mov word ptr [0x4e4], dx 0x14a64: sub cx, 0x7bc 0x14a68: mov al, 0xc 0x14a6a: xchg cl, al 0x14a6c: mul cl 0x14a6e: shr dx, 8 0x14a71: add ax, dx 0x14a73: mov bx, ax 0x14a75: mov word ptr [0x468], 0xea60 0x14a7b: sub bx, word ptr [0x466] 0x14a7f: mov word ptr [0x466], ax 0x14a82: jb 0x14ac5 0x14a84: cmp bx, 4 0x14a87: jb 0x14ac5 0x14a89: mov ax, 0x3510 0x14a8c: int 0x21 0x14a8e: mov word ptr [0x46e], bx 0x14a92: mov word ptr [0x470], es 0x14a96: mov ax, 0x2510
2018-12-17T22:22:53.726021768Z	53	PC: 14a8e \| Get interrupt vector (Interrupt = '16' AKA 'Close file')
2018-12-17T22:22:53.72712524Z	37	PC: 14a9e \| Set interrupt vector (Interrupt = '16' AKA 'Close file')
2018-12-17T22:22:53.730623922Z	82	PC: 150bb \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:22:53.731921364Z	25	PC: 150bf \| Get default drive
2018-12-17T22:22:53.741946931Z	37	PC: 150de \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:22:53.743425701Z	67	PC: 150e6 \| Get or set file attributes
2018-12-17T22:22:53.747352977Z	61	PC: 15107 \| Open file (Filename = '')
2018-12-17T22:22:53.751897134Z	87	PC: 15118 \| Get or set file date and time
2018-12-17T22:22:53.757598882Z	63	PC: 15137 \| Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:22:53.759617614Z	66	PC: 15166 \| Move file pointer
2018-12-17T22:22:53.7606795Z	63	PC: 15170 \| Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:22:53.765039373Z	66	PC: 15179 \| Move file pointer
2018-12-17T22:22:53.766620139Z	64	PC: 14cdd \| Write file or device (Write 3206 bytes on handle 5)
2018-12-17T22:22:54.109533209Z	66	PC: 151be \| Move file pointer
2018-12-17T22:22:54.112292855Z	64	PC: 151c8 \| Write file or device (Write 10 bytes on handle 5)
2018-12-17T22:22:54.115650389Z	87	PC: 15296 \| Get or set file date and time
2018-12-17T22:22:54.117123337Z	62	PC: 1529a \| Close file
2018-12-17T22:22:54.124463381Z	9	PC: 12aca \| Display string (Could not find end pointer)
2018-12-17T22:22:54.237779605Z	76	PC: 12acf \| Terminate with return code (Return code = '0')