Sample viewer

vx.netlux.org/Virus.DOS.Lifeform.2063

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:32:35.461103068Z	58	PC: 12a85 \| Remove subdirectory
2018-12-17T22:32:35.473060049Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:32:35.47473868Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:32:35.47700451Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:32:35.479694836Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:32:35.481328707Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:32:35.482640991Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:35.484617478Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.487254535Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.489568968Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.492158334Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.494159039Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.496199231Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.497026486Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.510242716Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.512135136Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.513079163Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.515493762Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.51631434Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.518118541Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.522612477Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.524112553Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.526364832Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.528171229Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.530345396Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.532342461Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.53400992Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.540027158Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.541060205Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.543494202Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.545589233Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.546475369Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.54874466Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.550770389Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.552331811Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.554221399Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.556305725Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.558449068Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.559498357Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.562253245Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.564373099Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.56562253Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.568414692Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.569581419Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.571484814Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.574567974Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.576687123Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.579638218Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.581773689Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.583362629Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.58523218Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.586776195Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.589811809Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.59107679Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.594099569Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.595973119Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.596937068Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.599448065Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.600833395Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.602787478Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.605834671Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.607514179Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.609775191Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.611590036Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.613930107Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.61579593Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.616954807Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.619309989Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.620129165Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.621903234Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.624300278Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.625278258Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.627303617Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.628559191Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.630079787Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.632390278Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.634105552Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.638045535Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.639605568Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:35.642864033Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:35.645846448Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:35.646836939Z	62	PC: 122ab \| Close file
2018-12-17T22:32:35.65105856Z	99	PC: 995a7 \| Get DBCS lead byte table pointer
2018-12-17T22:32:35.653336738Z	56	PC: 93dc9 \| Get or set country info
2018-12-17T22:32:35.656518345Z	64	PC: 99818 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:32:35.663070574Z	25	PC: 93e32 \| Get default drive
2018-12-17T22:32:35.665158573Z	71	PC: 960ad \| Get current directory
2018-12-17T22:32:35.669677305Z	64	PC: 99818 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:32:35.673774868Z	2	PC: 96082 \| Character output (Char = '3e')
2018-12-17T22:32:35.676374152Z	93	PC: 93ef0 \| File sharing functions
2018-12-17T22:32:35.678516728Z	93	PC: 93ef7 \| File sharing functions
2018-12-17T22:32:35.681903797Z	10	PC: 93f09 \| Buffered keyboard input
2018-12-17T22:32:50.454611707Z	0	PC: 0 \| Program terminate
2018-12-17T22:32:51.808533413Z	0	PC: 0 \| Program terminate
2018-12-17T22:32:51.910828713Z	64	PC: 99818 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:32:51.917769637Z	41	PC: 93f7e \| Parse filename
2018-12-17T22:32:51.919587253Z	41	PC: 93fff \| Parse filename
2018-12-17T22:32:51.921308299Z	41	PC: 9401c \| Parse filename
2018-12-17T22:32:51.92462828Z	26	PC: 974c7 \| Set disk transfer address
2018-12-17T22:32:51.926738056Z	71	PC: 976c3 \| Get current directory
2018-12-17T22:32:51.935035781Z	78	PC: 9edad \| Find first file
2018-12-17T22:32:51.943824011Z	98	PC: 9f0d8 \| Get current PSP
2018-12-17T22:32:51.945191983Z	47	PC: 9eddf \| Get disk transfer address
2018-12-17T22:32:51.947112609Z	71	PC: 9753c \| Get current directory
2018-12-17T22:32:51.950947283Z	73	PC: 96bd9 \| Release memory
2018-12-17T22:32:51.953602093Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:51.954393932Z	42	PC: 9f205 \| Get date 0x9f205: retf 2 0x9f208: push bx 0x9f209: push cx 0x9f20a: push dx 0x9f20b: mov ax, 0xfa02 0x9f20e: mov dx, 0x5945 0x9f211: mov bl, 0 0x9f213: int3 0x9f214: mov byte ptr cs:[0x7fe], cl 0x9f219: pop dx 0x9f21a: pop cx 0x9f21b: pop bx 0x9f21c: ret 0x9f21d: push bx 0x9f21e: push cx 0x9f21f: push dx 0x9f220: mov ax, 0xfa02 0x9f223: mov dx, 0x5945 0x9f226: mov bl, byte ptr cs:[0x7fe] 0x9f22b: and bl, 0xfb
2018-12-17T22:32:51.956778908Z	67	PC: 9f205 \| Get or set file attributes
2018-12-17T22:32:51.962804912Z	65	PC: 9f205 \| Delete file
2018-12-17T22:32:51.968537029Z	67	PC: 9f205 \| Get or set file attributes
2018-12-17T22:32:51.978894461Z	65	PC: 9f205 \| Delete file
2018-12-17T22:32:51.986736523Z	67	PC: 9f205 \| Get or set file attributes
2018-12-17T22:32:51.99263252Z	65	PC: 9f205 \| Delete file
2018-12-17T22:32:51.998566127Z	67	PC: 9f205 \| Get or set file attributes
2018-12-17T22:32:52.004882818Z	65	PC: 9f205 \| Delete file
2018-12-17T22:32:52.010406592Z	67	PC: 9f205 \| Get or set file attributes
2018-12-17T22:32:52.015830334Z	65	PC: 9f205 \| Delete file
2018-12-17T22:32:52.021996306Z	67	PC: 9f205 \| Get or set file attributes
2018-12-17T22:32:52.027691456Z	65	PC: 9f205 \| Delete file
2018-12-17T22:32:52.033437265Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.035280604Z	75	PC: 11821 \| Execute program
2018-12-17T22:32:52.049286062Z	9	PC: 12a47 \| Display string (String= 'Hello, World! ')
2018-12-17T22:32:52.053554616Z	76	PC: 12a4b \| Terminate with return code (Return code = '36')
2018-12-17T22:32:52.05775645Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:32:52.059070835Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:32:52.060731386Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:32:52.063223531Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:32:52.064409147Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:32:52.065570793Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:52.068421401Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.069216506Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.073009143Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.076125142Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.077398458Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.079501724Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.08157326Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.083406785Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.085531298Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.0877783Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.089839447Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.090874577Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.093693148Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.096136653Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.097357368Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.100214579Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.101578392Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.103344404Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.10582435Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.107016023Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.109036701Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.110814175Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.112385805Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.114572174Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.116366383Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.118164792Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.118905994Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.121233247Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.123046051Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.124065387Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.126815504Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.127665238Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.12919584Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.132689Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.13365051Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.135539419Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.136503505Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.138982019Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.141137314Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.142524635Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.144687185Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.145406694Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.147683519Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.149506566Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.150423332Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.153277121Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.15438933Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.155948317Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.167605123Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.168597339Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.17037695Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.173121301Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.174698165Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.180737705Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.191176095Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.194051331Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.195182371Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.198475679Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.200657564Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.201943116Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.205167199Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.206334834Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.208263294Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.211520734Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.212925728Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.215170733Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.218044407Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.219946527Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.222087153Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.223994558Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.226532711Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.227708661Z	69	PC: 9f205 \| Duplicate handle
2018-12-17T22:32:52.231236016Z	62	PC: 9f205 \| Close file
2018-12-17T22:32:52.233967188Z	250	PC: 9f205 \| UNKNOWN!
2018-12-17T22:32:52.235789692Z	62	PC: 122ab \| Close file
2018-12-17T22:32:52.239904575Z	99	PC: 995a7 \| Get DBCS lead byte table pointer
2018-12-17T22:32:52.2413308Z	56	PC: 93dc9 \| Get or set country info
2018-12-17T22:32:52.243302955Z	64	PC: 99818 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:32:52.248483351Z	25	PC: 93e32 \| Get default drive
2018-12-17T22:32:52.251177334Z	71	PC: 960ad \| Get current directory
2018-12-17T22:32:52.255128799Z	64	PC: 99818 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:32:52.260010389Z	2	PC: 96082 \| Character output (Char = '3e')
2018-12-17T22:32:52.262245113Z	93	PC: 93ef0 \| File sharing functions
2018-12-17T22:32:52.263938644Z	93	PC: 93ef7 \| File sharing functions
2018-12-17T22:32:52.266447205Z	10	PC: 93f09 \| Buffered keyboard input