Sample viewer

vx.netlux.org/Virus.DOS.Crow.4041

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:30:19.37479489Z	26	PC: 1e21a \| Set disk transfer address
2018-12-17T22:30:19.377005725Z	78	PC: 1e21a \| Find first file
2018-12-17T22:30:19.384082054Z	255	PC: 1d3c0 \| UNKNOWN!
2018-12-17T22:30:19.385402957Z	74	PC: 1e21a \| Reallocate memory
2018-12-17T22:30:19.388449402Z	74	PC: 1e21a \| Reallocate memory
2018-12-17T22:30:19.390025126Z	72	PC: 1e21a \| Allocate memory
2018-12-17T22:30:19.392557364Z	72	PC: 1e21a \| Allocate memory
2018-12-17T22:30:19.397550293Z	53	PC: 1e21a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:30:19.406745247Z	48	PC: 12a4c \| Get DOS version
2018-12-17T22:30:19.408198825Z	53	PC: 12bbc \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:30:19.409623364Z	53	PC: 12bc9 \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:30:19.412033574Z	53	PC: 12bd6 \| Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:30:19.413282432Z	53	PC: 12be3 \| Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:30:19.414816636Z	37	PC: 12bf7 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:30:19.417033121Z	74	PC: 12ad6 \| Reallocate memory
2018-12-17T22:30:19.419541417Z	68	PC: 18fcf \| I/O control for devices (Set for = '')
2018-12-17T22:30:19.421907092Z	74	PC: 1a75a \| Reallocate memory
2018-12-17T22:30:19.425282896Z	68	PC: 18fcf \| I/O control for devices (Set for = 'Borland C++ - Copyright 1991 Borland Intl.')
2018-12-17T22:30:19.429258462Z	68	PC: 12cd3 \| I/O control for devices (Set for = '')
2018-12-17T22:30:19.431826522Z	64	PC: 1c212 \| Write file or device (Write 56 bytes on handle 2)
2018-12-17T22:30:19.44005977Z	11	PC: 12ced \| Get input status
2018-12-17T22:30:19.443511953Z	64	PC: 1c212 \| Write file or device (Write 909 bytes on handle 2)
2018-12-17T22:30:19.489595675Z	37	PC: 12c03 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:30:19.491391117Z	37	PC: 12c0e \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:30:19.492851005Z	37	PC: 12c19 \| Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:30:19.494429878Z	37	PC: 12c24 \| Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:30:19.496827412Z	76	PC: 12bad \| Terminate with return code (Return code = '1')