Sample viewer

vx.netlux.org/Virus.DOS.No25.1744

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:32:17.45716461Z	48	PC: 18d35 \| Get DOS version
2018-12-17T22:32:17.459816604Z	48	PC: 13777 \| Get DOS version
2018-12-17T22:32:17.461347737Z	9	PC: 13783 \| Display string (String= 'Incorrect DOS version ')
2018-12-17T22:32:17.467559516Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:32:17.470163979Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:32:17.472258589Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:32:17.474931786Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:32:17.476859954Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:32:17.479310816Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:17.481479916Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.484282751Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.487214459Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.489140675Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.49129016Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.494610543Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.496364631Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.498050774Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.501198333Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.503334951Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.505472415Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.508523439Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.510319736Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.511945977Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.514860329Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.51682184Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.518928604Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.525299148Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.52761922Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.533538602Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.536792461Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.538538337Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.540464606Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.543896578Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.545838959Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.54797337Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.559391404Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.562237997Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.564306845Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:17.568909207Z	62	PC: 122ab \| Close file
2018-12-17T22:32:17.579362071Z	99	PC: 99997 \| Get DBCS lead byte table pointer
2018-12-17T22:32:17.581022695Z	56	PC: 941b9 \| Get or set country info
2018-12-17T22:32:17.584511802Z	64	PC: 99c08 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:32:17.590003548Z	25	PC: 94222 \| Get default drive
2018-12-17T22:32:17.593030907Z	71	PC: 9649d \| Get current directory
2018-12-17T22:32:17.598137315Z	64	PC: 99c08 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:32:17.602195078Z	2	PC: 96472 \| Character output (Char = '3e')
2018-12-17T22:32:17.605041873Z	93	PC: 942e0 \| File sharing functions
2018-12-17T22:32:17.60727304Z	93	PC: 942e7 \| File sharing functions
2018-12-17T22:32:17.61052782Z	10	PC: 942f9 \| Buffered keyboard input
2018-12-17T22:32:32.437636823Z	0	PC: 0 \| Program terminate
2018-12-17T22:32:33.791446268Z	0	PC: 0 \| Program terminate
2018-12-17T22:32:33.894510375Z	64	PC: 99c08 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:32:33.900557168Z	41	PC: 9436e \| Parse filename
2018-12-17T22:32:33.902655576Z	41	PC: 943ef \| Parse filename
2018-12-17T22:32:33.905485618Z	41	PC: 9440c \| Parse filename
2018-12-17T22:32:33.907650912Z	26	PC: 978b7 \| Set disk transfer address
2018-12-17T22:32:33.910002733Z	71	PC: 97ab3 \| Get current directory
2018-12-17T22:32:33.918910725Z	78	PC: 9f0cc \| Find first file
2018-12-17T22:32:33.9276958Z	47	PC: 9f0cc \| Get disk transfer address
2018-12-17T22:32:33.929803652Z	71	PC: 9792c \| Get current directory
2018-12-17T22:32:33.933020311Z	73	PC: 96fc9 \| Release memory
2018-12-17T22:32:33.934505839Z	61	PC: 9f0cc \| Open file (Filename = 'A:\PRINT.COM')
2018-12-17T22:32:33.949464072Z	62	PC: 9f0cc \| Close file
2018-12-17T22:32:33.951228852Z	75	PC: 11821 \| Execute program
2018-12-17T22:32:33.963500919Z	9	PC: 12a47 \| Display string (String= 'Hello, World! ')
2018-12-17T22:32:33.966319885Z	76	PC: 12a4b \| Terminate with return code (Return code = '36')
2018-12-17T22:32:33.969486486Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:32:33.970858753Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:32:33.973067093Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:32:33.974819686Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:32:33.976060093Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:32:33.978169538Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:33.979484408Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:33.980998169Z	62	PC: 122ab \| Close file
2018-12-17T22:32:33.983857143Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:33.985525446Z	62	PC: 122ab \| Close file
2018-12-17T22:32:33.987157813Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:33.989000586Z	62	PC: 122ab \| Close file
2018-12-17T22:32:33.990622119Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:33.992150146Z	62	PC: 122ab \| Close file
2018-12-17T22:32:33.994388968Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:33.995882799Z	62	PC: 122ab \| Close file
2018-12-17T22:32:33.997464589Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:33.999357307Z	62	PC: 122ab \| Close file
2018-12-17T22:32:34.000894889Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:34.002356139Z	62	PC: 122ab \| Close file
2018-12-17T22:32:34.004292558Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:34.005831869Z	62	PC: 122ab \| Close file
2018-12-17T22:32:34.00743412Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:34.009321684Z	62	PC: 122ab \| Close file
2018-12-17T22:32:34.010955418Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:34.012503324Z	62	PC: 122ab \| Close file
2018-12-17T22:32:34.014634644Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:34.016133269Z	62	PC: 122ab \| Close file
2018-12-17T22:32:34.017925096Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:34.020639819Z	62	PC: 122ab \| Close file
2018-12-17T22:32:34.022495042Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:34.024717783Z	62	PC: 122ab \| Close file
2018-12-17T22:32:34.028536916Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:34.030394881Z	62	PC: 122ab \| Close file
2018-12-17T22:32:34.03235496Z	69	PC: 9f0cc \| Duplicate handle
2018-12-17T22:32:34.035138073Z	62	PC: 122ab \| Close file
2018-12-17T22:32:34.03853591Z	99	PC: 99997 \| Get DBCS lead byte table pointer
2018-12-17T22:32:34.04037604Z	56	PC: 941b9 \| Get or set country info
2018-12-17T22:32:34.044256254Z	64	PC: 99c08 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:32:34.051184192Z	25	PC: 94222 \| Get default drive
2018-12-17T22:32:34.053242297Z	71	PC: 9649d \| Get current directory
2018-12-17T22:32:34.060738995Z	64	PC: 99c08 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:32:34.065179424Z	2	PC: 96472 \| Character output (Char = '3e')
2018-12-17T22:32:34.06790019Z	93	PC: 942e0 \| File sharing functions
2018-12-17T22:32:34.070987458Z	93	PC: 942e7 \| File sharing functions
2018-12-17T22:32:34.073288684Z	10	PC: 942f9 \| Buffered keyboard input