Sample viewer

vx.netlux.org/Virus.DOS.AntiPascal.604.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:24:58.93630275Z	74	PC: 12aa2 \| Reallocate memory
2018-12-17T22:24:58.93869251Z	72	PC: 12aa9 \| Allocate memory
2018-12-17T22:24:58.94053289Z	37	PC: 12ab6 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:24:58.94205755Z	26	PC: 12abd \| Set disk transfer address
2018-12-17T22:24:58.944127649Z	25	PC: 12ac1 \| Get default drive
2018-12-17T22:24:58.945640265Z	78	PC: 12bf4 \| Find first file
2018-12-17T22:24:58.953829693Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:58.956230924Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:58.959026028Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:58.960645669Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:58.964267605Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:58.965786083Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:58.968233374Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:58.969583058Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:58.978439511Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:58.979890833Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:58.982752731Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:58.985101807Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:58.988733721Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:58.990531225Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:58.994497334Z	61	PC: 12b79 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:24:59.001071995Z	63	PC: 12b89 \| Read file or device (Read 604 bytes on handle 5)
2018-12-17T22:24:59.008571435Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:59.010895586Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:59.013323632Z	78	PC: 12bb2 \| Find first file
2018-12-17T22:24:59.018960534Z	78	PC: 12bb2 \| Find first file
2018-12-17T22:24:59.025657239Z	78	PC: 12c54 \| Find first file
2018-12-17T22:24:59.031718269Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.034133405Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.037228142Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.03979925Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.042178643Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.04482915Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.049593658Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.052026954Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.054460336Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.057434433Z	68	PC: 12aea \| I/O control for devices (Set for = '*.???')
2018-12-17T22:24:59.059237846Z	14	PC: 12af6 \| Set default drive (Drive = 'D')
2018-12-17T22:24:59.060686519Z	78	PC: 12bf4 \| Find first file
2018-12-17T22:24:59.067917233Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:59.069832709Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:59.073324167Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:59.075997681Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:59.078601993Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:59.079944086Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:59.083002521Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:59.084444287Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:59.086813419Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:59.089290153Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:59.091852614Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:59.093426947Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:59.096162836Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:59.098084173Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:59.100685701Z	61	PC: 12b79 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:24:59.107523371Z	63	PC: 12b89 \| Read file or device (Read 604 bytes on handle 3)
2018-12-17T22:24:59.115118643Z	62	PC: 12c2e \| Close file
2018-12-17T22:24:59.116747906Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:24:59.119044013Z	78	PC: 12bb2 \| Find first file
2018-12-17T22:24:59.125915007Z	78	PC: 12bb2 \| Find first file
2018-12-17T22:24:59.131658383Z	78	PC: 12c54 \| Find first file
2018-12-17T22:24:59.137417248Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.140924985Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.143738005Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.146611913Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.150445153Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.15300077Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.155782553Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.159220977Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.161938774Z	79	PC: 12c54 \| Find next file
2018-12-17T22:24:59.164431648Z	14	PC: 12afe \| Set default drive (Drive = 'A')
2018-12-17T22:24:59.167081524Z	73	PC: 12b0a \| Release memory
2018-12-17T22:24:59.168598676Z	74	PC: 12b13 \| Reallocate memory
2018-12-17T22:24:59.17024811Z	74	PC: 12b17 \| Reallocate memory
2018-12-17T22:24:59.172025287Z	26	PC: 12b1e \| Set disk transfer address
2018-12-17T22:24:59.173016356Z	37	PC: 12b28 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:24:59.174289379Z	9	PC: 12a85 \| Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:24:59.180183467Z	0	PC: 12a89 \| Program terminate