Sample viewer

vx.netlux.org/Virus.DOS.Mephisto.3.938

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:31:32.275840494Z	53	PC: 12b7d \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:31:32.277252561Z	47	PC: 12c01 \| Get disk transfer address
2018-12-17T22:31:32.295766237Z	25	PC: 12c0d \| Get default drive
2018-12-17T22:31:32.297516987Z	71	PC: 12c20 \| Get current directory
2018-12-17T22:31:32.300991421Z	26	PC: 12c44 \| Set disk transfer address
2018-12-17T22:31:32.303369562Z	78	PC: 12c4f \| Find first file
2018-12-17T22:31:32.309414834Z	67	PC: 12d0e \| Get or set file attributes
2018-12-17T22:31:32.314933097Z	37	PC: 12ba4 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:31:32.31796372Z	67	PC: 12d1d \| Get or set file attributes
2018-12-17T22:31:32.335369179Z	37	PC: 12b95 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:31:32.337320584Z	61	PC: 12d2e \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:31:32.357133715Z	44	PC: 12d43 \| Get time 0x12d43: mov word ptr [bp + 0x482], dx 0x12d47: mov word ptr [bp + 0x484], cx 0x12d4b: xor dh, ch 0x12d4d: xor cl, dl 0x12d4f: mov ch, dh 0x12d51: mov word ptr [bp + 0x486], cx 0x12d55: mov ax, 0x5700 0x12d58: mov bx, word ptr [bp + 0x179] 0x12d5c: int 0x21 0x12d5e: mov word ptr [bp + 0x17c], dx 0x12d62: mov word ptr [bp + 0x17a], cx 0x12d66: mov ah, 0x3f 0x12d68: mov cx, 3 0x12d6b: lea dx, word ptr [bp + 0x15c] 0x12d6f: int 0x21 0x12d71: add word ptr [bp + 0x180], 1 0x12d76: mov ax, 0x4202 0x12d79: mov cx, 0 0x12d7c: mov dx, 0 0x12d7f: int 0x21
2018-12-17T22:31:32.359822145Z	87	PC: 12d5e \| Get or set file date and time
2018-12-17T22:31:32.361486427Z	63	PC: 12d71 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:31:32.370232328Z	66	PC: 12d81 \| Move file pointer
2018-12-17T22:31:32.372056792Z	66	PC: 12d95 \| Move file pointer
2018-12-17T22:31:32.373807349Z	64	PC: 12da1 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:31:32.377351329Z	66	PC: 12dac \| Move file pointer
2018-12-17T22:31:32.379657137Z	64	PC: 12de4 \| Write file or device (Write 938 bytes on handle 5)
2018-12-17T22:31:32.390007153Z	87	PC: 12bba \| Get or set file date and time
2018-12-17T22:31:32.391758261Z	62	PC: 12bbe \| Close file
2018-12-17T22:31:32.400999777Z	67	PC: 12bcb \| Get or set file attributes
2018-12-17T22:31:32.413102642Z	59	PC: 12bd3 \| Change current directory
2018-12-17T22:31:32.415792693Z	26	PC: 12be4 \| Set disk transfer address
2018-12-17T22:31:32.418654046Z	0	PC: 12a43 \| Program terminate