Sample viewer

vx.netlux.org/Virus.DOS.VCL.526

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:33:22.119304611Z	47	PC: 12b30 \| Get disk transfer address
2018-12-17T22:33:22.120982938Z	26	PC: 12b3f \| Set disk transfer address
2018-12-17T22:33:22.122015596Z	78	PC: 12b47 \| Find first file
2018-12-17T22:33:22.127832993Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.130714523Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.133682569Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.134873174Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.13822395Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.139485499Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.141878884Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.143601474Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.146702811Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.148040927Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.151795965Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.153125524Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.155796155Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.157882215Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.160393357Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.161403683Z	61	PC: 12b82 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:33:22.167748635Z	63	PC: 12b8d \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:33:22.170852976Z	62	PC: 12b91 \| Close file
2018-12-17T22:33:22.173544749Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.176044923Z	26	PC: 12b59 \| Set disk transfer address
2018-12-17T22:33:22.178225643Z	47	PC: 12b30 \| Get disk transfer address
2018-12-17T22:33:22.1795294Z	26	PC: 12b3f \| Set disk transfer address
2018-12-17T22:33:22.180591018Z	78	PC: 12b47 \| Find first file
2018-12-17T22:33:22.18727017Z	26	PC: 12b59 \| Set disk transfer address
2018-12-17T22:33:22.188554658Z	47	PC: 12b30 \| Get disk transfer address
2018-12-17T22:33:22.18985863Z	26	PC: 12b3f \| Set disk transfer address
2018-12-17T22:33:22.192523671Z	78	PC: 12b47 \| Find first file
2018-12-17T22:33:22.198341881Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.199598979Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.209720563Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.211531194Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.214683645Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.21723599Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.219803661Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.221013942Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.224630348Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.226163346Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.229048308Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.241257797Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.244207565Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.245841476Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.24893762Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:33:22.252141745Z	61	PC: 12b82 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:33:22.259196415Z	63	PC: 12b8d \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:33:22.262186162Z	62	PC: 12b91 \| Close file
2018-12-17T22:33:22.265118959Z	79	PC: 12b47 \| Find next file
2018-12-17T22:33:22.267848891Z	26	PC: 12b59 \| Set disk transfer address
2018-12-17T22:33:22.269318243Z	47	PC: 12b30 \| Get disk transfer address
2018-12-17T22:33:22.271726878Z	26	PC: 12b3f \| Set disk transfer address
2018-12-17T22:33:22.27311277Z	78	PC: 12b47 \| Find first file
2018-12-17T22:33:22.27970404Z	26	PC: 12b59 \| Set disk transfer address
2018-12-17T22:33:22.281951266Z	42	PC: 12be5 \| Get date 0x12be5: mov al, dl 0x12be7: cwde 0x12be8: ret 0x12be9: mov ah, 0x30 0x12beb: int 0x21 0x12bed: mov bx, ax 0x12bef: xor bl, bl 0x12bf1: xchg bl, bh 0x12bf3: cwde 0x12bf4: mov cl, 0x64 0x12bf6: mul cl 0x12bf8: add ax, bx 0x12bfa: ret 0x12bfb: sub ch, byte ptr [0x5b2a] 0x12bff: push si 0x12c00: inc bx 0x12c01: dec sp 0x12c02: pop bp 0x12c03: add byte ptr [bp + 0x2ff], bh 0x12c07: xor ah, ah
2018-12-17T22:33:22.284623513Z	48	PC: 12bed \| Get DOS version
2018-12-17T22:33:22.286071725Z	47	PC: 12a90 \| Get disk transfer address
2018-12-17T22:33:22.288135193Z	78	PC: 12a99 \| Find first file
2018-12-17T22:33:22.2929054Z	76	PC: 12b10 \| Terminate with return code (Return code = '0')