Sample viewer

vx.netlux.org/Virus.DOS.MTZ.2501

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:31:47.18150568Z 48 PC: 12b5e | Get DOS version
2018-12-17T22:31:47.184309147Z 24 PC: 12b6a | Reserved
2018-12-17T22:31:47.185534339Z 74 PC: 1310b | Reallocate memory
2018-12-17T22:31:47.187984675Z 72 PC: 13113 | Allocate memory
2018-12-17T22:31:47.191503871Z 76 PC: 12bb6 | Terminate with return code (Return code = '115')
2018-12-17T22:31:47.194965134Z 77 PC: 11fe0 | Get program return code
2018-12-17T22:31:47.196477785Z 72 PC: 12174 | Allocate memory
2018-12-17T22:31:47.199527627Z 72 PC: 1218d | Allocate memory
2018-12-17T22:31:47.201732174Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:31:47.202887503Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:31:47.204942289Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:31:47.20643488Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.208206309Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.209937826Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.212189972Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.21398713Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.215825189Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.218421289Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.220402701Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.222339069Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.226301301Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.228247072Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.23023669Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.233622198Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.235607181Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.237461986Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.240352348Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.242384751Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.244236889Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.246135734Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.247825931Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.249081685Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.250535985Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.251952411Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.253053028Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.254099713Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.256222564Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.25794849Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.259707424Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.262014407Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.263573495Z 62 PC: 122ab | Close file
2018-12-17T22:31:47.266120597Z 61 PC: 12354 | Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:31:47.273398247Z 66 PC: 12372 | Move file pointer
2018-12-17T22:31:47.274847468Z 63 PC: 12383 | Read file or device (Read 44693 bytes on handle 5)
2018-12-17T22:31:47.288409857Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:31:47.291588651Z 62 PC: 9eb54 | Close file
2018-12-17T22:31:47.293792692Z 62 PC: 1238a | Close file
2018-12-17T22:31:47.298913511Z 99 PC: 990f7 | Get DBCS lead byte table pointer
2018-12-17T22:31:47.302805922Z 56 PC: 93919 | Get or set country info
2018-12-17T22:31:47.304998083Z 64 PC: 99368 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:31:47.310358189Z 25 PC: 93982 | Get default drive
2018-12-17T22:31:47.313025408Z 71 PC: 95bfd | Get current directory
2018-12-17T22:31:47.316829756Z 64 PC: 99368 | Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:31:47.31999004Z 2 PC: 95bd2 | Character output (Char = '3e')
2018-12-17T22:31:47.323037467Z 93 PC: 93a40 | File sharing functions
2018-12-17T22:31:47.324744867Z 93 PC: 93a47 | File sharing functions
2018-12-17T22:31:47.326429161Z 10 PC: 93a59 | Buffered keyboard input
2018-12-17T22:32:02.142760748Z 0 PC: 0 | Program terminate
2018-12-17T22:32:03.497152596Z 0 PC: 0 | Program terminate
2018-12-17T22:32:03.599839902Z 64 PC: 99368 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:32:03.605546267Z 41 PC: 93ace | Parse filename
2018-12-17T22:32:03.607451816Z 41 PC: 93b4f | Parse filename
2018-12-17T22:32:03.609569863Z 41 PC: 93b6c | Parse filename
2018-12-17T22:32:03.611652854Z 26 PC: 97017 | Set disk transfer address
2018-12-17T22:32:03.614288052Z 71 PC: 97213 | Get current directory
2018-12-17T22:32:03.621914449Z 78 PC: 9e992 | Find first file
2018-12-17T22:32:03.631318046Z 47 PC: 9e9b2 | Get disk transfer address
2018-12-17T22:32:03.632341189Z 96 PC: 9e9ca | Qualify filename
2018-12-17T22:32:03.638514426Z 71 PC: 9708c | Get current directory
2018-12-17T22:32:03.64097108Z 73 PC: 96729 | Release memory
2018-12-17T22:32:03.642090748Z 75 PC: 11821 | Execute program
2018-12-17T22:32:03.655842804Z 9 PC: 12a47 | Display string (String= 'Hello, World! ')
2018-12-17T22:32:03.659622538Z 76 PC: 12a4b | Terminate with return code (Return code = '36')
2018-12-17T22:32:03.662644948Z 77 PC: 11fe0 | Get program return code
2018-12-17T22:32:03.664952949Z 72 PC: 12174 | Allocate memory
2018-12-17T22:32:03.666656164Z 72 PC: 1218d | Allocate memory
2018-12-17T22:32:03.66871936Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:32:03.670433173Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:32:03.671538573Z 37 PC: 123d2 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:03.672635416Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.674698403Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.676087225Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.677492409Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.679545508Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.680945851Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.682297202Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.684744286Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.686150973Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.687793019Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.69062313Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.692156648Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.693589412Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.695806865Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.697514977Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.699384912Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.701745922Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.70329053Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.704939149Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.707535665Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.709055411Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.710712951Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.713274837Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.720682013Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.722085843Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.724030818Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.725522799Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.727325116Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.729698732Z 69 PC: 9ea9f | Duplicate handle
2018-12-17T22:32:03.731536868Z 62 PC: 122ab | Close file
2018-12-17T22:32:03.734612259Z 99 PC: 990f7 | Get DBCS lead byte table pointer
2018-12-17T22:32:03.745413747Z 56 PC: 93919 | Get or set country info
2018-12-17T22:32:03.747720129Z 64 PC: 99368 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:32:03.752398795Z 25 PC: 93982 | Get default drive
2018-12-17T22:32:03.755138967Z 71 PC: 95bfd | Get current directory
2018-12-17T22:32:03.759054065Z 64 PC: 99368 | Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:32:03.762996734Z 2 PC: 95bd2 | Character output (Char = '3e')
2018-12-17T22:32:03.76614884Z 93 PC: 93a40 | File sharing functions
2018-12-17T22:32:03.767742794Z 93 PC: 93a47 | File sharing functions
2018-12-17T22:32:03.769410343Z 10 PC: 93a59 | Buffered keyboard input