Sample viewer

vx.netlux.org/Virus.DOS.No25.1886

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:24:44.262499976Z 48 PC: 16759 | Get DOS version
2018-12-17T22:24:44.280187998Z 99 PC: 15227 | Get DBCS lead byte table pointer
2018-12-17T22:24:44.282006924Z 68 PC: 15241 | I/O control for devices (Set for = '')
2018-12-17T22:24:44.283937808Z 68 PC: 1524c | I/O control for devices (Set for = '')
2018-12-17T22:24:44.286871336Z 68 PC: 15257 | I/O control for devices (Set for = '')
2018-12-17T22:24:44.288787553Z 68 PC: 1525f | I/O control for devices (Set for = '��b���g�t�S3����[r�2��W�<t�<u�6�u����>��>W')
2018-12-17T22:24:44.290853704Z 48 PC: 15264 | Get DOS version
2018-12-17T22:24:44.294292398Z 64 PC: 15399 | Write file or device (Write 23 bytes on handle 2)
2018-12-17T22:24:44.300371791Z 76 PC: 12b6b | Terminate with return code (Return code = '0')
2018-12-17T22:24:44.304440092Z 77 PC: 11fe0 | Get program return code
2018-12-17T22:24:44.306446403Z 72 PC: 12174 | Allocate memory
2018-12-17T22:24:44.309457835Z 72 PC: 1218d | Allocate memory
2018-12-17T22:24:44.312538682Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:24:44.314483596Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:24:44.317520085Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:24:44.319361936Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.321471069Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.324664002Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.326640678Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.328628511Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.332527819Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.346511919Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.349584166Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.352562662Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.355371271Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.358269885Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.366055508Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.368132611Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.370791876Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.37308179Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.375503244Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.387869857Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.389847875Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.392504704Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.394600705Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.396565363Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.399675712Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.410788478Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.4130216Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.41632451Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.418389439Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.420481112Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.423712957Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.427318214Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:24:44.43129887Z 62 PC: 122ab | Close file
2018-12-17T22:24:44.435842165Z 99 PC: 998a7 | Get DBCS lead byte table pointer
2018-12-17T22:24:44.440996682Z 56 PC: 940c9 | Get or set country info
2018-12-17T22:24:44.443924523Z 64 PC: 99b18 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:24:44.449358157Z 25 PC: 94132 | Get default drive
2018-12-17T22:24:44.452507488Z 71 PC: 963ad | Get current directory
2018-12-17T22:24:44.457968529Z 64 PC: 99b18 | Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:24:44.462174601Z 2 PC: 96382 | Character output (Char = '3e')
2018-12-17T22:24:44.465884803Z 93 PC: 941f0 | File sharing functions
2018-12-17T22:24:44.468282091Z 93 PC: 941f7 | File sharing functions
2018-12-17T22:24:44.470907433Z 10 PC: 94209 | Buffered keyboard input
2018-12-17T22:24:59.193612093Z 0 PC: 0 | Program terminate
2018-12-17T22:25:00.548764951Z 0 PC: 0 | Program terminate
2018-12-17T22:25:00.653893162Z 64 PC: 99b18 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:25:00.660499475Z 41 PC: 9427e | Parse filename
2018-12-17T22:25:00.662753097Z 41 PC: 942ff | Parse filename
2018-12-17T22:25:00.666481565Z 41 PC: 9431c | Parse filename
2018-12-17T22:25:00.668585878Z 26 PC: 977c7 | Set disk transfer address
2018-12-17T22:25:00.670001933Z 71 PC: 979c3 | Get current directory
2018-12-17T22:25:00.675802167Z 78 PC: 9eff8 | Find first file
2018-12-17T22:25:00.684327413Z 47 PC: 9eff8 | Get disk transfer address
2018-12-17T22:25:00.686327164Z 71 PC: 9783c | Get current directory
2018-12-17T22:25:00.690606994Z 73 PC: 96ed9 | Release memory
2018-12-17T22:25:00.692489903Z 61 PC: 9eff8 | Open file (Filename = 'A:\PRINT.COM')
2018-12-17T22:25:00.716043921Z 62 PC: 9eff8 | Close file
2018-12-17T22:25:00.718016383Z 75 PC: 11821 | Execute program
2018-12-17T22:25:00.731597377Z 9 PC: 12a47 | Display string (String= 'Hello, World! ')
2018-12-17T22:25:00.734422458Z 76 PC: 12a4b | Terminate with return code (Return code = '36')
2018-12-17T22:25:00.737536331Z 77 PC: 11fe0 | Get program return code
2018-12-17T22:25:00.738755521Z 72 PC: 12174 | Allocate memory
2018-12-17T22:25:00.740249126Z 72 PC: 1218d | Allocate memory
2018-12-17T22:25:00.747784419Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:25:00.748969405Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:25:00.750067003Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:25:00.751822567Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.753492755Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.755514588Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.757834058Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.759931258Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.761706925Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.763741812Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.765772387Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.767454241Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.76918418Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.771245226Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.772963075Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.775050029Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.777082482Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.779249893Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.781355557Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.783331759Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.785054165Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.786890729Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.788861317Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.790710233Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.793086669Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.796010067Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.797791865Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.799654088Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.802399051Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.80761684Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.811689972Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.814215262Z 69 PC: 9eff8 | Duplicate handle
2018-12-17T22:25:00.816048263Z 62 PC: 122ab | Close file
2018-12-17T22:25:00.820003541Z 99 PC: 998a7 | Get DBCS lead byte table pointer
2018-12-17T22:25:00.822193691Z 56 PC: 940c9 | Get or set country info
2018-12-17T22:25:00.824904285Z 64 PC: 99b18 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:25:00.831435348Z 25 PC: 94132 | Get default drive
2018-12-17T22:25:00.834294951Z 71 PC: 963ad | Get current directory
2018-12-17T22:25:00.839266263Z 64 PC: 99b18 | Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:25:00.842960613Z 2 PC: 96382 | Character output (Char = '3e')
2018-12-17T22:25:00.846326008Z 93 PC: 941f0 | File sharing functions
2018-12-17T22:25:00.849485135Z 93 PC: 941f7 | File sharing functions
2018-12-17T22:25:00.852446164Z 10 PC: 94209 | Buffered keyboard input