Sample viewer

vx.netlux.org/Virus.DOS.Marawi.2719

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:39:10.374032826Z 48 PC: 18618 | Get DOS version
2018-12-17T22:39:10.377033319Z 53 PC: 12c3a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:39:10.378707869Z 37 PC: 12c4c | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:39:10.380730086Z 53 PC: 12c51 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:39:10.386474138Z 37 PC: 12c63 | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:39:10.387984295Z 49 PC: 12cb2 | Terminate and stay resident (Return code = '0' | Memory size = '186')
2018-12-17T22:39:10.390630956Z 75 PC: 12d08 | Execute program
2018-12-17T22:39:10.434549702Z 48 PC: 12d38 | Get DOS version
2018-12-17T22:39:10.436512127Z 48 PC: 15026 | Get DOS version
2018-12-17T22:39:10.438426111Z 74 PC: 1509b | Reallocate memory
2018-12-17T22:39:10.442329034Z 48 PC: 15444 | Get DOS version
2018-12-17T22:39:10.444381605Z 53 PC: 15111 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:39:10.446205447Z 37 PC: 15123 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:39:10.462284206Z 68 PC: 151b8 | I/O control for devices (Set for = '�b�G *��U��V�b�w���')
2018-12-17T22:39:10.464436774Z 68 PC: 151b8 | I/O control for devices (Set for = '� 8')
2018-12-17T22:39:10.466489975Z 68 PC: 151b8 | I/O control for devices
2018-12-17T22:39:10.469132636Z 68 PC: 151b8 | I/O control for devices
2018-12-17T22:39:10.471157957Z 68 PC: 151b8 | I/O control for devices
2018-12-17T22:39:10.473382126Z 25 PC: 17889 | Get default drive
2018-12-17T22:39:10.476055417Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.484184307Z 233 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.485511571Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.488485128Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.491380755Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.492771193Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.495006936Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.496990795Z 222 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.498344464Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.499983686Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.510054471Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.511546302Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.513217521Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.516026089Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.517529475Z 242 PC: 178d8 | UNKNOWN!
2018-12-17T22:39:10.519278038Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.521167711Z 242 PC: 178d8 | UNKNOWN!
2018-12-17T22:39:10.522478169Z 241 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.523366309Z 241 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.527425731Z 64 PC: 15fe6 | Write file or device (Write 45 bytes on handle 1)
2018-12-17T22:39:10.533972784Z 64 PC: 16040 | Write file or device (Write 14 bytes on handle 1)
2018-12-17T22:39:10.541150603Z 64 PC: 16040 | Write file or device (Write 21 bytes on handle 1)
2018-12-17T22:39:10.547396166Z 64 PC: 15fe6 | Write file or device (Write 12 bytes on handle 1)
2018-12-17T22:39:10.553461716Z 64 PC: 16040 | Write file or device (Write 14 bytes on handle 1)
2018-12-17T22:39:10.558823301Z 64 PC: 16040 | Write file or device (Write 19 bytes on handle 1)
2018-12-17T22:39:10.566064415Z 64 PC: 15fe6 | Write file or device (Write 13 bytes on handle 1)
2018-12-17T22:39:10.572479868Z 64 PC: 15fe6 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:39:10.578848559Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.58438371Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.585686555Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.586837625Z 222 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.5880085Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.590293063Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.591376841Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.592532301Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.594357777Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.595597152Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.596706996Z 242 PC: 178d8 | UNKNOWN!
2018-12-17T22:39:10.59865809Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.600068691Z 242 PC: 178d8 | UNKNOWN!
2018-12-17T22:39:10.60131736Z 241 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.602723403Z 241 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.605234152Z 64 PC: 15fe6 | Write file or device (Write 63 bytes on handle 1)
2018-12-17T22:39:10.618161473Z 64 PC: 16040 | Write file or device (Write 14 bytes on handle 1)
2018-12-17T22:39:10.631945606Z 64 PC: 16040 | Write file or device (Write 21 bytes on handle 1)
2018-12-17T22:39:10.643843871Z 64 PC: 15fe6 | Write file or device (Write 12 bytes on handle 1)
2018-12-17T22:39:10.66296947Z 64 PC: 16040 | Write file or device (Write 14 bytes on handle 1)
2018-12-17T22:39:10.668473655Z 64 PC: 16040 | Write file or device (Write 19 bytes on handle 1)
2018-12-17T22:39:10.682906875Z 64 PC: 15fe6 | Write file or device (Write 13 bytes on handle 1)
2018-12-17T22:39:10.689864411Z 64 PC: 15fe6 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:39:10.695340326Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.697758105Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.699041265Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.70036509Z 222 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.702223296Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.703592132Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.70491428Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.706622049Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.708116641Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.709670494Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.711924174Z 242 PC: 178d8 | UNKNOWN!
2018-12-17T22:39:10.713919733Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.720391857Z 242 PC: 178d8 | UNKNOWN!
2018-12-17T22:39:10.723784123Z 241 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.724734625Z 241 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.727267369Z 64 PC: 15fe6 | Write file or device (Write 83 bytes on handle 1)
2018-12-17T22:39:10.736383255Z 64 PC: 16040 | Write file or device (Write 14 bytes on handle 1)
2018-12-17T22:39:10.741861053Z 64 PC: 16040 | Write file or device (Write 21 bytes on handle 1)
2018-12-17T22:39:10.748500039Z 64 PC: 15fe6 | Write file or device (Write 12 bytes on handle 1)
2018-12-17T22:39:10.754685141Z 64 PC: 16040 | Write file or device (Write 14 bytes on handle 1)
2018-12-17T22:39:10.762155773Z 64 PC: 16040 | Write file or device (Write 19 bytes on handle 1)
2018-12-17T22:39:10.767960956Z 64 PC: 15fe6 | Write file or device (Write 13 bytes on handle 1)
2018-12-17T22:39:10.774180041Z 64 PC: 15fe6 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:39:10.78673061Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.788246124Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.789510005Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.791432527Z 222 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.792374253Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.793454746Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.794927223Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.79636212Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.797823158Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.799937808Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.801219415Z 242 PC: 178d8 | UNKNOWN!
2018-12-17T22:39:10.802741083Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.807980105Z 242 PC: 178d8 | UNKNOWN!
2018-12-17T22:39:10.809737729Z 241 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.811062869Z 241 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.814747097Z 64 PC: 15fe6 | Write file or device (Write 44 bytes on handle 1)
2018-12-17T22:39:10.822439131Z 64 PC: 16040 | Write file or device (Write 14 bytes on handle 1)
2018-12-17T22:39:10.827585095Z 64 PC: 16040 | Write file or device (Write 21 bytes on handle 1)
2018-12-17T22:39:10.833787994Z 64 PC: 15fe6 | Write file or device (Write 12 bytes on handle 1)
2018-12-17T22:39:10.8474576Z 64 PC: 16040 | Write file or device (Write 14 bytes on handle 1)
2018-12-17T22:39:10.854047059Z 64 PC: 16040 | Write file or device (Write 19 bytes on handle 1)
2018-12-17T22:39:10.87306206Z 64 PC: 15fe6 | Write file or device (Write 13 bytes on handle 1)
2018-12-17T22:39:10.879259613Z 64 PC: 15fe6 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:39:10.884523799Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.886389067Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.887664657Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.88887102Z 222 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.891596132Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.893177439Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.894480785Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.903113788Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.913988201Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.915622721Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.917479685Z 242 PC: 178d8 | UNKNOWN!
2018-12-17T22:39:10.918836918Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.919972534Z 242 PC: 178d8 | UNKNOWN!
2018-12-17T22:39:10.922020845Z 241 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.923352016Z 241 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.926149728Z 64 PC: 15fe6 | Write file or device (Write 44 bytes on handle 1)
2018-12-17T22:39:10.934057822Z 64 PC: 16040 | Write file or device (Write 14 bytes on handle 1)
2018-12-17T22:39:10.940802846Z 64 PC: 16040 | Write file or device (Write 21 bytes on handle 1)
2018-12-17T22:39:10.946570512Z 64 PC: 15fe6 | Write file or device (Write 12 bytes on handle 1)
2018-12-17T22:39:10.954129921Z 64 PC: 16040 | Write file or device (Write 14 bytes on handle 1)
2018-12-17T22:39:10.960306749Z 64 PC: 16040 | Write file or device (Write 19 bytes on handle 1)
2018-12-17T22:39:10.965635704Z 64 PC: 15fe6 | Write file or device (Write 13 bytes on handle 1)
2018-12-17T22:39:10.971939774Z 64 PC: 15fe6 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:39:10.978471873Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.980042869Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.981348008Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.9835832Z 222 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.984880265Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.986321244Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.988401255Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.990073495Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.99161774Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:10.993913468Z 25 PC: 17889 | Get default drive
2018-12-17T22:39:10.995268219Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:10.99638842Z 233 PC: 17889 | UNKNOWN!
2018-12-17T22:39:10.998248446Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:11.00129165Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:11.002773671Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:11.004806421Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:11.008895722Z 239 PC: 17896 | UNKNOWN!
2018-12-17T22:39:11.010164486Z 222 PC: 17889 | UNKNOWN!
2018-12-17T22:39:11.012124374Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:11.013669395Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:11.014764503Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:11.031438711Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:11.034404952Z 227 PC: 178b0 | UNKNOWN!
2018-12-17T22:39:11.036699658Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:11.038843019Z 242 PC: 178d8 | UNKNOWN!
2018-12-17T22:39:11.040594537Z 240 PC: 17889 | UNKNOWN!
2018-12-17T22:39:11.042188917Z 242 PC: 178d8 | UNKNOWN!
2018-12-17T22:39:11.044876443Z 241 PC: 17889 | UNKNOWN!
2018-12-17T22:39:11.046233767Z 241 PC: 17889 | UNKNOWN!
2018-12-17T22:39:11.048033531Z 64 PC: 156a1 | Write file or device (Write 2 bytes on handle 2)
2018-12-17T22:39:11.05369402Z 64 PC: 156a1 | Write file or device (Write 15 bytes on handle 2)
2018-12-17T22:39:11.059455294Z 64 PC: 156a1 | Write file or device (Write 25 bytes on handle 2)
2018-12-17T22:39:11.066279241Z 37 PC: 15272 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:39:11.067700823Z 76 PC: 15257 | Terminate with return code (Return code = '255')