Sample viewer

vx.netlux.org/Virus.DOS.Dauq.2465

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:30:52.855942837Z	48	PC: 12c7e \| Get DOS version
2018-12-17T22:30:52.862900817Z	87	PC: 12c8f \| Get or set file date and time
2018-12-17T22:30:52.864648911Z	42	PC: 12c98 \| Get date 0x12c98: cmp dh, 0xb 0x12c9b: jne 0x12ce4 0x12c9d: cmp dl, 9 0x12ca0: jne 0x12ce4 0x12ca2: mov ah, 0x2b 0x12ca4: mov cx, 0x7d0 0x12ca7: int 0x21 0x12ca9: mov ax, 3 0x12cac: int 0x10 0x12cae: mov si, 0x2fe 0x12cb1: add si, bp 0x12cb3: mov ax, 0xb800 0x12cb6: mov es, ax 0x12cb8: mov di, 0x65a 0x12cbb: mov cx, 3 0x12cbe: push di 0x12cbf: push cx 0x12cc0: mov cx, 0x37 0x12cc3: rep movsd dword ptr es:[di], dword ptr [si] 0x12cc5: pop cx
2018-12-17T22:30:52.867103405Z	82	PC: 12cf1 \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:30:52.879058685Z	82	PC: 12cf1 \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:30:52.881203087Z	82	PC: 12cf1 \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:30:52.883025079Z	82	PC: 12cf1 \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:30:52.88576065Z	88	PC: 12d28 \| case 0xGet or set allocation strateg:
2018-12-17T22:30:52.887907162Z	88	PC: 12d35 \| case 0xGet or set allocation strateg:
2018-12-17T22:30:52.889222099Z	72	PC: 12d41 \| Allocate memory
2018-12-17T22:30:52.891967866Z	74	PC: 12d5f \| Reallocate memory
2018-12-17T22:30:52.893662559Z	72	PC: 12d68 \| Allocate memory
2018-12-17T22:30:52.896054389Z	88	PC: 12dc9 \| case 0xGet or set allocation strateg:
2018-12-17T22:30:52.897484349Z	9	PC: 12c12 \| Display string (Could not find end pointer)
2018-12-17T22:30:52.902013967Z	76	PC: 12c17 \| Terminate with return code (Return code = '0')
2018-12-17T22:30:52.90548745Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:30:52.907104533Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:30:52.910741636Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:30:52.913315726Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:30:52.914865812Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:30:52.91712614Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:30:52.926183597Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:52.927774561Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:52.94363725Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:52.945525217Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:52.9476196Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:52.95033763Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:52.953019511Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:52.955821573Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:52.97023358Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:52.971866076Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:52.973658948Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:52.97601916Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:52.979936759Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:52.98175812Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:52.98345543Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:52.985023845Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:52.986174638Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:52.987456221Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:52.989025639Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:52.990576224Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:52.99258851Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:52.996447076Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:52.998338631Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:52.99982991Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:53.001753073Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:53.003222021Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:53.00474997Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:53.006593092Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:53.00816216Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:53.009998716Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:53.013279985Z	61	PC: 9ed3b \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:30:53.019336891Z	101	PC: 9ed3b \| Get extended country info
2018-12-17T22:30:53.02076394Z	108	PC: 9ed3b \| Extended open/create file
2018-12-17T22:30:53.027205813Z	63	PC: 9ed3b \| Read file or device (Read 24 bytes on handle 6)
2018-12-17T22:30:53.029713635Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:53.031527193Z	66	PC: 9ed3b \| Move file pointer
2018-12-17T22:30:53.033264526Z	63	PC: 9ed3b \| Read file or device (Read 44693 bytes on handle 5)
2018-12-17T22:30:53.054133354Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:53.055789051Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:30:53.058289085Z	62	PC: 9ed3b \| Close file
2018-12-17T22:30:53.717959222Z	99	PC: 991c7 \| Get DBCS lead byte table pointer
2018-12-17T22:30:53.719984682Z	56	PC: 939e9 \| Get or set country info
2018-12-17T22:30:53.722604768Z	64	PC: 99438 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:30:53.72762035Z	25	PC: 93a52 \| Get default drive
2018-12-17T22:30:53.729808225Z	71	PC: 95ccd \| Get current directory
2018-12-17T22:30:53.735668958Z	64	PC: 99438 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:30:53.73930188Z	2	PC: 95ca2 \| Character output (Char = '3e')
2018-12-17T22:30:53.741961713Z	93	PC: 93b10 \| File sharing functions
2018-12-17T22:30:53.744774422Z	93	PC: 93b17 \| File sharing functions
2018-12-17T22:30:53.746794434Z	10	PC: 93b29 \| Buffered keyboard input
2018-12-17T22:31:07.835043456Z	0	PC: 0 \| Program terminate
2018-12-17T22:31:09.189847465Z	0	PC: 0 \| Program terminate
2018-12-17T22:31:09.29253248Z	64	PC: 99438 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:31:09.299519728Z	41	PC: 93b9e \| Parse filename
2018-12-17T22:31:09.302615058Z	41	PC: 93c1f \| Parse filename
2018-12-17T22:31:09.305757206Z	41	PC: 93c3c \| Parse filename
2018-12-17T22:31:09.309426169Z	26	PC: 970e7 \| Set disk transfer address
2018-12-17T22:31:09.312215786Z	71	PC: 972e3 \| Get current directory
2018-12-17T22:31:09.32039443Z	78	PC: 9ed3b \| Find first file
2018-12-17T22:31:09.330425279Z	47	PC: 9ed3b \| Get disk transfer address
2018-12-17T22:31:09.331968858Z	101	PC: 9ed3b \| Get extended country info
2018-12-17T22:31:09.334093851Z	71	PC: 9715c \| Get current directory
2018-12-17T22:31:09.340335504Z	73	PC: 967f9 \| Release memory
2018-12-17T22:31:09.342334551Z	101	PC: 9ed3b \| Get extended country info
2018-12-17T22:31:09.344147143Z	67	PC: 9ed3b \| Get or set file attributes
2018-12-17T22:31:09.350918498Z	67	PC: 9ed3b \| Get or set file attributes
2018-12-17T22:31:09.368466184Z	108	PC: 9ed3b \| Extended open/create file
2018-12-17T22:31:09.376089702Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.377613491Z	63	PC: 9ed3b \| Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:31:09.38203373Z	66	PC: 9ed3b \| Move file pointer
2018-12-17T22:31:09.383813443Z	64	PC: 9ed3b \| Write file or device (Write 2465 bytes on handle 5)
2018-12-17T22:31:09.39095966Z	66	PC: 9ed3b \| Move file pointer
2018-12-17T22:31:09.392315142Z	64	PC: 9ed3b \| Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:31:09.396754443Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.398541038Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.403816228Z	67	PC: 9ed3b \| Get or set file attributes
2018-12-17T22:31:09.413361766Z	75	PC: 11821 \| Execute program
2018-12-17T22:31:09.423149599Z	48	PC: 12ab1 \| Get DOS version
2018-12-17T22:31:09.42459509Z	9	PC: 12a47 \| Display string (String= 'Hello, World! ')
2018-12-17T22:31:09.427140258Z	76	PC: 12a4b \| Terminate with return code (Return code = '36')
2018-12-17T22:31:09.429944119Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:31:09.431137863Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:31:09.43304786Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:31:09.435056834Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:31:09.436148665Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:31:09.437201707Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:31:09.438783008Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.439932608Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.441191435Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.442565093Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.444544151Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.445678004Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.446947715Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.451592793Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.452906284Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.454067596Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.455847747Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.456942969Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.458213091Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.460778549Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.462560526Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.463749762Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.466068398Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.467205887Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.468386038Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.469955973Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.471392099Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.472493973Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.474297839Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.475506557Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.47669932Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.478445666Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.479732661Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.480848245Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.482520797Z	87	PC: 9ed3b \| Get or set file date and time
2018-12-17T22:31:09.483642287Z	62	PC: 9ed3b \| Close file
2018-12-17T22:31:09.485714477Z	99	PC: 991c7 \| Get DBCS lead byte table pointer
2018-12-17T22:31:09.4872704Z	56	PC: 939e9 \| Get or set country info
2018-12-17T22:31:09.488738418Z	64	PC: 99438 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:31:09.491512195Z	25	PC: 93a52 \| Get default drive
2018-12-17T22:31:09.49486346Z	71	PC: 95ccd \| Get current directory
2018-12-17T22:31:09.498823066Z	64	PC: 99438 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:31:09.502391368Z	2	PC: 95ca2 \| Character output (Char = '3e')
2018-12-17T22:31:09.50538076Z	93	PC: 93b10 \| File sharing functions
2018-12-17T22:31:09.506716078Z	93	PC: 93b17 \| File sharing functions
2018-12-17T22:31:09.508045764Z	10	PC: 93b29 \| Buffered keyboard input