Sample viewer

vx.netlux.org/Virus.DOS.Writer.1336

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:23:33.153320287Z	48	PC: 12aa4 \| Get DOS version
2018-12-17T22:23:33.155072011Z	82	PC: 12ab1 \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:23:33.157539562Z	74	PC: 12af0 \| Reallocate memory
2018-12-17T22:23:33.159417931Z	74	PC: 12af8 \| Reallocate memory
2018-12-17T22:23:33.161034695Z	72	PC: 12aff \| Allocate memory
2018-12-17T22:23:33.171613752Z	82	PC: 9f346 \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:23:33.175657726Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:23:33.177550977Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:23:33.181536943Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:23:33.184919842Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:23:33.186788923Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:23:33.194751559Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:23:33.196689023Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.197680448Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.200777066Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.203000539Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.204021665Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.206128549Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.208462868Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.209536306Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.212559882Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.215799019Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.217209404Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.219409197Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.222333528Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.224349865Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.226509236Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.229505629Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.230568221Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.232697987Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.235278401Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.236611096Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.238629675Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.241054339Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.242398066Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.244803056Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.247388757Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.248771383Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.251744666Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.254844145Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.256263068Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.258541447Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.262105159Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.263181452Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.264963625Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.267489438Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.268617285Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.270393607Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.272490448Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.273720227Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.275391239Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.277173127Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.279170282Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.281316661Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.283555249Z	62	PC: 122ab \| Close file
2018-12-17T22:23:33.28557387Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:33.287703709Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:33.291575864Z	99	PC: 99b27 \| Get DBCS lead byte table pointer
2018-12-17T22:23:33.294671885Z	56	PC: 94349 \| Get or set country info
2018-12-17T22:23:33.29743662Z	64	PC: 99d98 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:23:33.298836492Z	68	PC: 9f3d1 \| I/O control for devices (Set for = ' %1 mm-dd-yy')
2018-12-17T22:23:33.306166669Z	25	PC: 943b2 \| Get default drive
2018-12-17T22:23:33.308365308Z	71	PC: 9662d \| Get current directory
2018-12-17T22:23:33.313554537Z	64	PC: 99d98 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:23:33.315591613Z	68	PC: 9f3d1 \| I/O control for devices (Set for = 'A:\ win TEMP=C:\WINDOWS\TEMP$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$MS DOS Version 6 (C)Copyright 1981-1994 Microsoft Corp Licensed Material - Property of Microsoft All rights reserved ')
2018-12-17T22:23:33.31986503Z	2	PC: 96602 \| Character output (Char = '3e')
2018-12-17T22:23:33.322921309Z	93	PC: 94470 \| File sharing functions
2018-12-17T22:23:33.325607389Z	93	PC: 94477 \| File sharing functions
2018-12-17T22:23:33.328801058Z	10	PC: 94489 \| Buffered keyboard input
2018-12-17T22:23:48.136129492Z	0	PC: 0 \| Program terminate
2018-12-17T22:23:49.496890095Z	0	PC: 0 \| Program terminate
2018-12-17T22:23:49.599702553Z	64	PC: 99d98 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:23:49.606145769Z	68	PC: 9f3d1 \| I/O control for devices (Set for = ' %1 mm-dd-yy')
2018-12-17T22:23:49.613323174Z	41	PC: 944fe \| Parse filename
2018-12-17T22:23:49.617211821Z	41	PC: 9457f \| Parse filename
2018-12-17T22:23:49.619453346Z	41	PC: 9459c \| Parse filename
2018-12-17T22:23:49.623418795Z	26	PC: 97a47 \| Set disk transfer address
2018-12-17T22:23:49.625779668Z	71	PC: 97c43 \| Get current directory
2018-12-17T22:23:49.641267083Z	78	PC: 97c4e \| Find first file
2018-12-17T22:23:49.652877765Z	71	PC: 97abc \| Get current directory
2018-12-17T22:23:49.656899726Z	73	PC: 97159 \| Release memory
2018-12-17T22:23:49.659099869Z	75	PC: 11821 \| Execute program
2018-12-17T22:23:49.675121513Z	9	PC: 12a47 \| Display string (String= 'Hello, World! ')
2018-12-17T22:23:49.68050996Z	76	PC: 12a4b \| Terminate with return code (Return code = '36')
2018-12-17T22:23:49.6844737Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:23:49.687533798Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:23:49.690102781Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:23:49.692479098Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:23:49.694373697Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:23:49.697188693Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:23:49.699059894Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.70041976Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.703157452Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.705933247Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.707127422Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.709744573Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.711609896Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.712663368Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.71720126Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.722900032Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.724281144Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.726296356Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.729000884Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.730327552Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.732500754Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.735897611Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.737283251Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.739506018Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.742677573Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.744088497Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.746249917Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.74900738Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.750375286Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.752371514Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.755326754Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.756419151Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.758252279Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.762954971Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.764414787Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.767155905Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.770190485Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.771880507Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.773999442Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.776350926Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.777916806Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.779636345Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.782520179Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.784458069Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.786282851Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.788196351Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.790693287Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.792480235Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.794386111Z	62	PC: 122ab \| Close file
2018-12-17T22:23:49.796393806Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '� ��6')
2018-12-17T22:23:49.79814013Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.802105916Z	61	PC: 12354 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:23:49.809813067Z	66	PC: 12372 \| Move file pointer
2018-12-17T22:23:49.8119287Z	63	PC: 12383 \| Read file or device (Read 44693 bytes on handle 5)
2018-12-17T22:23:49.827865609Z	62	PC: 1238a \| Close file
2018-12-17T22:23:49.83000786Z	68	PC: 9f3d1 \| I/O control for devices (Set for = '.� ��6')
2018-12-17T22:23:49.831737004Z	66	PC: 9f3d1 \| Move file pointer
2018-12-17T22:23:49.833269914Z	63	PC: 9f3d1 \| Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:23:49.84233006Z	99	PC: 99b27 \| Get DBCS lead byte table pointer
2018-12-17T22:23:49.854163654Z	56	PC: 94349 \| Get or set country info
2018-12-17T22:23:49.856588729Z	64	PC: 99d98 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:23:49.85924451Z	68	PC: 9f3d1 \| I/O control for devices (Set for = ' %1 mm-dd-yy')
2018-12-17T22:23:49.865432487Z	25	PC: 943b2 \| Get default drive
2018-12-17T22:23:49.867882335Z	71	PC: 9662d \| Get current directory
2018-12-17T22:23:49.873930113Z	64	PC: 99d98 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:23:49.875428553Z	68	PC: 9f3d1 \| I/O control for devices (Set for = 'A:\$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$MS DOS Version 6 (C)Copyright 1981-1994 Microsoft Corp Licensed Material - Property of Microsoft All rights reserved ')
2018-12-17T22:23:49.879705658Z	2	PC: 96602 \| Character output (Char = '3e')
2018-12-17T22:23:49.883598732Z	93	PC: 94470 \| File sharing functions
2018-12-17T22:23:49.886568949Z	93	PC: 94477 \| File sharing functions
2018-12-17T22:23:49.889221984Z	10	PC: 94489 \| Buffered keyboard input