Sample viewer

vx.netlux.org/Virus.DOS.Corrupted.VCL.684

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:27:52.007073221Z	26	PC: 12d54 \| Set disk transfer address
2018-12-17T22:27:52.012779272Z	53	PC: 12b87 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:52.014183211Z	37	PC: 12b99 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:52.015259065Z	71	PC: 12ba5 \| Get current directory
2018-12-17T22:27:52.020979063Z	78	PC: 12c18 \| Find first file
2018-12-17T22:27:52.023710124Z	78	PC: 12c18 \| Find first file
2018-12-17T22:27:52.026310914Z	59	PC: 12bbb \| Change current directory
2018-12-17T22:27:52.028982692Z	9	PC: 12bc5 \| Display string (String= 'Bubbles Virus Admiral Bailey [IVP] ')
2018-12-17T22:27:52.035211335Z	37	PC: 12bcf \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:52.036190082Z	59	PC: 12bd9 \| Change current directory
2018-12-17T22:27:52.044690552Z	26	PC: 12d54 \| Set disk transfer address
2018-12-17T22:27:52.045942557Z	26	PC: 12d54 \| Set disk transfer address
2018-12-17T22:27:52.046818727Z	53	PC: 12b87 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:52.047750015Z	37	PC: 12b99 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:52.049005352Z	71	PC: 12ba5 \| Get current directory
2018-12-17T22:27:52.05472366Z	78	PC: 12c18 \| Find first file
2018-12-17T22:27:52.062714474Z	61	PC: 12d5d \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:27:52.070687253Z	63	PC: 12c33 \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:27:52.074861382Z	62	PC: 12c37 \| Close file
2018-12-17T22:27:52.076277402Z	67	PC: 12d68 \| Get or set file attributes
2018-12-17T22:27:52.091502914Z	61	PC: 12d5d \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:27:52.095727566Z	90	PC: 12d11 \| Create unique file
2018-12-17T22:27:52.104504591Z	87	PC: 12d38 \| Get or set file date and time
2018-12-17T22:27:52.106542171Z	62	PC: 12d3c \| Close file
2018-12-17T22:27:52.113020445Z	67	PC: 12d68 \| Get or set file attributes