Sample viewer

vx.netlux.org/Virus.DOS.Waria.479

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:30:01.054031516Z	53	PC: 12ac3 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:30:01.056423438Z	37	PC: 12ad4 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:30:01.057878378Z	78	PC: 12afa \| Find first file
2018-12-17T22:30:01.064214676Z	47	PC: 12b13 \| Get disk transfer address
2018-12-17T22:30:01.066889852Z	67	PC: 12b4f \| Get or set file attributes
2018-12-17T22:30:01.079963216Z	67	PC: 12b62 \| Get or set file attributes
2018-12-17T22:30:01.096176258Z	61	PC: 12b6e \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:30:01.105135854Z	87	PC: 12b7c \| Get or set file date and time
2018-12-17T22:30:01.106988395Z	66	PC: 12b9e \| Move file pointer
2018-12-17T22:30:01.108408144Z	63	PC: 12bad \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:30:01.116149114Z	66	PC: 12bbc \| Move file pointer
2018-12-17T22:30:01.11850415Z	66	PC: 12bce \| Move file pointer
2018-12-17T22:30:01.12091366Z	64	PC: 12bdd \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:30:01.124118298Z	66	PC: 12bec \| Move file pointer
2018-12-17T22:30:01.126218116Z	64	PC: 12bfa \| Write file or device (Write 479 bytes on handle 5)
2018-12-17T22:30:01.135066315Z	87	PC: 12c0b \| Get or set file date and time
2018-12-17T22:30:01.136914507Z	62	PC: 12c0f \| Close file
2018-12-17T22:30:01.145494012Z	67	PC: 12c1f \| Get or set file attributes
2018-12-17T22:30:01.155901055Z	79	PC: 12c23 \| Find next file
2018-12-17T22:30:01.158692241Z	47	PC: 12b13 \| Get disk transfer address
2018-12-17T22:30:01.161203025Z	67	PC: 12b4f \| Get or set file attributes
2018-12-17T22:30:01.167152502Z	67	PC: 12b62 \| Get or set file attributes
2018-12-17T22:30:01.177579545Z	61	PC: 12b6e \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:30:01.192163021Z	87	PC: 12b7c \| Get or set file date and time
2018-12-17T22:30:01.19603261Z	87	PC: 12c0b \| Get or set file date and time
2018-12-17T22:30:01.197562215Z	62	PC: 12c0f \| Close file
2018-12-17T22:30:01.210260218Z	67	PC: 12c1f \| Get or set file attributes
2018-12-17T22:30:01.220451064Z	79	PC: 12c23 \| Find next file
2018-12-17T22:30:01.223009423Z	47	PC: 12b13 \| Get disk transfer address
2018-12-17T22:30:01.225345801Z	67	PC: 12b4f \| Get or set file attributes
2018-12-17T22:30:01.231269176Z	67	PC: 12b62 \| Get or set file attributes
2018-12-17T22:30:01.240693588Z	61	PC: 12b6e \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:30:01.253013266Z	87	PC: 12b7c \| Get or set file date and time
2018-12-17T22:30:01.25441785Z	87	PC: 12c0b \| Get or set file date and time
2018-12-17T22:30:01.255850246Z	62	PC: 12c0f \| Close file
2018-12-17T22:30:01.263236163Z	67	PC: 12c1f \| Get or set file attributes
2018-12-17T22:30:01.273116631Z	79	PC: 12c23 \| Find next file
2018-12-17T22:30:01.275604375Z	47	PC: 12b13 \| Get disk transfer address
2018-12-17T22:30:01.276900465Z	67	PC: 12b4f \| Get or set file attributes
2018-12-17T22:30:01.282967653Z	67	PC: 12b62 \| Get or set file attributes
2018-12-17T22:30:01.292384042Z	61	PC: 12b6e \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:30:01.303726867Z	87	PC: 12b7c \| Get or set file date and time
2018-12-17T22:30:01.305323482Z	87	PC: 12c0b \| Get or set file date and time
2018-12-17T22:30:01.306717828Z	62	PC: 12c0f \| Close file
2018-12-17T22:30:01.316361726Z	67	PC: 12c1f \| Get or set file attributes
2018-12-17T22:30:01.326611881Z	79	PC: 12c23 \| Find next file
2018-12-17T22:30:01.329132798Z	47	PC: 12b13 \| Get disk transfer address
2018-12-17T22:30:01.330240115Z	67	PC: 12b4f \| Get or set file attributes
2018-12-17T22:30:01.33676477Z	67	PC: 12b62 \| Get or set file attributes
2018-12-17T22:30:01.346180717Z	61	PC: 12b6e \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:30:01.352505482Z	87	PC: 12b7c \| Get or set file date and time
2018-12-17T22:30:01.357875891Z	87	PC: 12c0b \| Get or set file date and time
2018-12-17T22:30:01.359365577Z	62	PC: 12c0f \| Close file
2018-12-17T22:30:01.368592147Z	67	PC: 12c1f \| Get or set file attributes
2018-12-17T22:30:01.381425914Z	79	PC: 12c23 \| Find next file
2018-12-17T22:30:01.384861965Z	47	PC: 12b13 \| Get disk transfer address
2018-12-17T22:30:01.386139796Z	67	PC: 12b4f \| Get or set file attributes
2018-12-17T22:30:01.392726511Z	67	PC: 12b62 \| Get or set file attributes
2018-12-17T22:30:01.402392421Z	61	PC: 12b6e \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:30:01.409136131Z	87	PC: 12b7c \| Get or set file date and time
2018-12-17T22:30:01.411376151Z	87	PC: 12c0b \| Get or set file date and time
2018-12-17T22:30:01.412826412Z	62	PC: 12c0f \| Close file
2018-12-17T22:30:01.419391955Z	67	PC: 12c1f \| Get or set file attributes
2018-12-17T22:30:01.428983753Z	79	PC: 12c23 \| Find next file
2018-12-17T22:30:01.431594613Z	47	PC: 12b13 \| Get disk transfer address
2018-12-17T22:30:01.432679028Z	67	PC: 12b4f \| Get or set file attributes
2018-12-17T22:30:01.438963958Z	67	PC: 12b62 \| Get or set file attributes
2018-12-17T22:30:01.45141371Z	61	PC: 12b6e \| Open file (Filename = 'PAH.COM')
2018-12-17T22:30:01.457890131Z	87	PC: 12b7c \| Get or set file date and time
2018-12-17T22:30:01.459298868Z	87	PC: 12c0b \| Get or set file date and time
2018-12-17T22:30:01.460853819Z	62	PC: 12c0f \| Close file
2018-12-17T22:30:01.468199127Z	67	PC: 12c1f \| Get or set file attributes
2018-12-17T22:30:01.477751731Z	79	PC: 12c23 \| Find next file
2018-12-17T22:30:01.481179873Z	37	PC: 12c36 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:30:01.482074599Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')