Sample viewer

vx.netlux.org/Virus.DOS.Wed.809

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:24:33.284192695Z	255	PC: 1371b \| UNKNOWN!
2018-12-17T22:24:33.286022407Z	53	PC: 13744 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:24:33.288000398Z	37	PC: 1377d \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:24:33.289864176Z	48	PC: 12a54 \| Get DOS version
2018-12-17T22:24:33.292958181Z	74	PC: 12ad3 \| Reallocate memory
2018-12-17T22:24:33.296321868Z	53	PC: 12b51 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:24:33.298143635Z	37	PC: 12b63 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:24:33.299830965Z	68	PC: 12bf3 \| I/O control for devices (Set for = '/[r��׹��2��E�$� �!�E�')
2018-12-17T22:24:33.302879845Z	68	PC: 12bf3 \| I/O control for devices
2018-12-17T22:24:33.304983806Z	68	PC: 12bf3 \| I/O control for devices
2018-12-17T22:24:33.30729376Z	68	PC: 12bf3 \| I/O control for devices
2018-12-17T22:24:33.309790288Z	68	PC: 12bf3 \| I/O control for devices
2018-12-17T22:24:33.312673751Z	74	PC: 1317e \| Reallocate memory
2018-12-17T22:24:33.315129313Z	48	PC: 1327d \| Get DOS version
2018-12-17T22:24:33.318061904Z	72	PC: 13433 \| Allocate memory
2018-12-17T22:24:33.320545823Z	41	PC: 134a8 \| Parse filename
2018-12-17T22:24:33.322590268Z	41	PC: 134b0 \| Parse filename
2018-12-17T22:24:33.325495429Z	61	PC: 9fbd8 \| Open file
2018-12-17T22:24:33.335174404Z	66	PC: 9f9ca \| Move file pointer
2018-12-17T22:24:33.337405625Z	62	PC: 9fbb2 \| Close file
2018-12-17T22:24:33.340347493Z	75	PC: 1347d \| Execute program
2018-12-17T22:24:33.348780899Z	37	PC: 12cc3 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:24:33.351269282Z	76	PC: 12ca8 \| Terminate with return code (Return code = '2')