Sample viewer

vx.netlux.org/Virus.DOS.Morgot.1017

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:34:52.423339305Z	243	PC: 12aa6 \| UNKNOWN!
2018-12-17T22:34:52.424924517Z	128	PC: 12b52 \| UNKNOWN!
2018-12-17T22:34:52.42826641Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:34:52.429509014Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:34:52.431913243Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:34:52.434617215Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:34:52.436655738Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:34:52.439091841Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:34:52.440480161Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.442491848Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.444665607Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.446805282Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.448719452Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.451071355Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.452713998Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.454310731Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.456086209Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.460208235Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.462745993Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.464797441Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.467499307Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.470796756Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.472595663Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.475892684Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.477660259Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.479647299Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.483449264Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.485419751Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.48719786Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.489763325Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.498085643Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.499884677Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.503011265Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.504966007Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.506717631Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.517321812Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.519433931Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:34:52.521100083Z	62	PC: 122ab \| Close file
2018-12-17T22:34:52.52486816Z	99	PC: 99987 \| Get DBCS lead byte table pointer
2018-12-17T22:34:52.526296679Z	56	PC: 941a9 \| Get or set country info
2018-12-17T22:34:52.528941674Z	64	PC: 99bf8 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:34:52.53370318Z	25	PC: 94212 \| Get default drive
2018-12-17T22:34:52.536146766Z	71	PC: 9648d \| Get current directory
2018-12-17T22:34:52.540412167Z	64	PC: 99bf8 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:34:52.545213213Z	2	PC: 96462 \| Character output (Char = '3e')
2018-12-17T22:34:52.548389609Z	93	PC: 942d0 \| File sharing functions
2018-12-17T22:34:52.550431339Z	93	PC: 942d7 \| File sharing functions
2018-12-17T22:34:52.552564042Z	10	PC: 942e9 \| Buffered keyboard input
2018-12-17T22:35:07.411090043Z	0	PC: 0 \| Program terminate
2018-12-17T22:35:08.765714787Z	0	PC: 0 \| Program terminate
2018-12-17T22:35:08.868484318Z	64	PC: 99bf8 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:35:08.874617506Z	41	PC: 9435e \| Parse filename
2018-12-17T22:35:08.878051409Z	41	PC: 943df \| Parse filename
2018-12-17T22:35:08.880138371Z	41	PC: 943fc \| Parse filename
2018-12-17T22:35:08.883852409Z	26	PC: 978a7 \| Set disk transfer address
2018-12-17T22:35:08.89255996Z	71	PC: 97aa3 \| Get current directory
2018-12-17T22:35:08.901537953Z	78	PC: 97aae \| Find first file
2018-12-17T22:35:08.913185013Z	71	PC: 9791c \| Get current directory
2018-12-17T22:35:08.916346522Z	73	PC: 96fb9 \| Release memory
2018-12-17T22:35:08.919036672Z	67	PC: 9f1f1 \| Get or set file attributes
2018-12-17T22:35:08.924735904Z	67	PC: 9f1f1 \| Get or set file attributes
2018-12-17T22:35:08.941493526Z	61	PC: 9f1f1 \| Open file (Filename = 'A:\PRINT.COM')
2018-12-17T22:35:08.948922102Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:08.950559485Z	66	PC: 9f1f1 \| Move file pointer
2018-12-17T22:35:08.952138809Z	63	PC: 9f1f1 \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:35:08.959376635Z	62	PC: 9f1f1 \| Close file
2018-12-17T22:35:08.961634857Z	67	PC: 9f1f1 \| Get or set file attributes
2018-12-17T22:35:08.973907023Z	75	PC: 11821 \| Execute program
2018-12-17T22:35:08.99053884Z	9	PC: 12a47 \| Display string (String= 'Hello, World! ')
2018-12-17T22:35:08.994427247Z	76	PC: 12a4b \| Terminate with return code (Return code = '36')
2018-12-17T22:35:08.997803815Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:35:08.999400524Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:35:09.001604875Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:35:09.003766867Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:35:09.006245994Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:35:09.007640772Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:35:09.009201388Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.011258474Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.013247774Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.01487752Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.016292437Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.018050075Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.02318499Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.024732345Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.027223629Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.028746716Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.030325926Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.033171856Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.034684944Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.03624561Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.038578935Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.040321829Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.042070137Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.044271757Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.04578371Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.047214522Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.049622254Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.051461041Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.053267862Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.055940926Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.057530809Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.059352559Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.061695271Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.063258328Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.065152097Z	87	PC: 9f1f1 \| Get or set file date and time
2018-12-17T22:35:09.06786152Z	62	PC: 122ab \| Close file
2018-12-17T22:35:09.071348493Z	99	PC: 99987 \| Get DBCS lead byte table pointer
2018-12-17T22:35:09.072555394Z	56	PC: 941a9 \| Get or set country info
2018-12-17T22:35:09.075172618Z	64	PC: 99bf8 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:35:09.077850084Z	25	PC: 94212 \| Get default drive
2018-12-17T22:35:09.078925066Z	71	PC: 9648d \| Get current directory
2018-12-17T22:35:09.082048964Z	64	PC: 99bf8 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:35:09.084128419Z	2	PC: 96462 \| Character output (Char = '3e')
2018-12-17T22:35:09.085908076Z	93	PC: 942d0 \| File sharing functions
2018-12-17T22:35:09.087698689Z	93	PC: 942d7 \| File sharing functions
2018-12-17T22:35:09.089010748Z	10	PC: 942e9 \| Buffered keyboard input