Sample viewer

vx.netlux.org/Virus.DOS.VCL.527

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:55:05.185707526Z	47	PC: 12b31 \| Get disk transfer address
2018-12-17T21:55:05.187723379Z	26	PC: 12b40 \| Set disk transfer address
2018-12-17T21:55:05.188798331Z	78	PC: 12b48 \| Find first file
2018-12-17T21:55:05.194682208Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.196067925Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.199116269Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.200354743Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.204766354Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.206798313Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.209883469Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.212151615Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.217481565Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.219060057Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.221994477Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.224373678Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.227085016Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.228246361Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.231468705Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.232875128Z	61	PC: 12b83 \| Open file (Filename = 'TEST.COM')
2018-12-17T21:55:05.239519122Z	63	PC: 12b8e \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:55:05.24321573Z	62	PC: 12b92 \| Close file
2018-12-17T21:55:05.245440045Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.248106484Z	26	PC: 12b5a \| Set disk transfer address
2018-12-17T21:55:05.250166704Z	47	PC: 12b31 \| Get disk transfer address
2018-12-17T21:55:05.251385184Z	26	PC: 12b40 \| Set disk transfer address
2018-12-17T21:55:05.252846605Z	78	PC: 12b48 \| Find first file
2018-12-17T21:55:05.259369137Z	26	PC: 12b5a \| Set disk transfer address
2018-12-17T21:55:05.260737446Z	47	PC: 12b31 \| Get disk transfer address
2018-12-17T21:55:05.262103548Z	26	PC: 12b40 \| Set disk transfer address
2018-12-17T21:55:05.263654734Z	78	PC: 12b48 \| Find first file
2018-12-17T21:55:05.270044255Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.27229642Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.275193539Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.277583039Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.279474379Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.280379769Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.282710298Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.283659663Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.285353191Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.286729429Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.288409025Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.28930529Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.29174673Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.29287753Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.294687855Z	47	PC: 12b60 \| Get disk transfer address
2018-12-17T21:55:05.297430529Z	61	PC: 12b83 \| Open file (Filename = 'TEST.COM')
2018-12-17T21:55:05.302108687Z	63	PC: 12b8e \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:55:05.303866925Z	62	PC: 12b92 \| Close file
2018-12-17T21:55:05.30546559Z	79	PC: 12b48 \| Find next file
2018-12-17T21:55:05.312894514Z	26	PC: 12b5a \| Set disk transfer address
2018-12-17T21:55:05.314016104Z	47	PC: 12b31 \| Get disk transfer address
2018-12-17T21:55:05.31544198Z	26	PC: 12b40 \| Set disk transfer address
2018-12-17T21:55:05.31644042Z	78	PC: 12b48 \| Find first file
2018-12-17T21:55:05.320047299Z	26	PC: 12b5a \| Set disk transfer address
2018-12-17T21:55:05.321521443Z	42	PC: 12be6 \| Get date 0x12be6: mov al, dl 0x12be8: cwde 0x12be9: ret 0x12bea: mov ah, 0x30 0x12bec: int 0x21 0x12bee: mov bx, ax 0x12bf0: xor bl, bl 0x12bf2: xchg bl, bh 0x12bf4: cwde 0x12bf5: mov cl, 0x64 0x12bf7: mul cl 0x12bf9: add ax, bx 0x12bfb: ret 0x12bfc: sub ch, byte ptr [0x5b2a] 0x12c00: push si 0x12c01: inc bx 0x12c02: dec sp 0x12c03: pop bp 0x12c04: add byte ptr [bp + 0x300], bh 0x12c08: xor ah, ah
2018-12-17T21:55:05.323203368Z	48	PC: 12bee \| Get DOS version
2018-12-17T21:55:05.324226865Z	47	PC: 12a91 \| Get disk transfer address
2018-12-17T21:55:05.32612017Z	78	PC: 12a9a \| Find first file
2018-12-17T21:55:05.329775411Z	76	PC: 12b11 \| Terminate with return code (Return code = '0')