Sample viewer

vx.netlux.org/Virus.DOS.Viva.752

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:15:34.291802622Z	37	PC: 13c6d \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:15:34.294400202Z	53	PC: 13c74 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:15:34.295901904Z	2	PC: 13eec \| Character output (Char = '00')
2018-12-17T23:15:34.298316379Z	2	PC: 13eec \| Character output (Char = '08')
2018-12-17T23:15:34.3010933Z	71	PC: 13eec \| Get current directory
2018-12-17T23:15:34.303948222Z	26	PC: 13eec \| Set disk transfer address
2018-12-17T23:15:34.304933383Z	53	PC: 13eec \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:15:34.306188964Z	37	PC: 13eec \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:15:34.307851007Z	78	PC: 13eec \| Find first file
2018-12-17T23:15:34.313865369Z	61	PC: 13eec \| Open file (Filename = 'TEST.EXE')
2018-12-17T23:15:34.320274364Z	63	PC: 13eec \| Read file or device (Read 24 bytes on handle 5)
2018-12-17T23:15:34.324870785Z	62	PC: 13eec \| Close file
2018-12-17T23:15:34.326599274Z	79	PC: 13eec \| Find next file
2018-12-17T23:15:34.328901413Z	59	PC: 13eec \| Change current directory
2018-12-17T23:15:34.335002118Z	59	PC: 13eec \| Change current directory
2018-12-17T23:15:34.345855668Z	44	PC: 13eec \| Get time 0x13eec: ret 0x13eed: ljmp 0x19:0x40f8 0x13ef2: adc byte ptr [bx + si], al 0x13ef4: add byte ptr [bx + si], al 0x13ef6: and byte ptr [bx + di], al 0x13ef8: add byte ptr [bx + di], al 0x13efa: lodsw ax, word ptr [si] 0x13efb: pop es 0x13efc: push si 0x13efd: pop es 0x13efe: imul ax, word ptr [bx], 0x776 0x13f02: popaw 0x13f03: pop es 0x13f04: and byte ptr [bx], al 0x13f06: dec bp 0x13f07: or al, byte ptr [di + 0xa] 0x13f0a: pop ax 0x13f0b: cmovns cx, word ptr [bx] 0x13f0e: inc bx 0x13f0f: or al, 0x4f
2018-12-17T23:15:34.347907496Z	37	PC: 13eec \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:15:34.350040761Z	59	PC: 13eec \| Change current directory
2018-12-17T23:15:34.354537896Z	26	PC: 13eec \| Set disk transfer address
2018-12-17T23:15:34.355459924Z	9	PC: 12a5c \| Display string (Could not find end pointer)
2018-12-17T23:15:34.36196221Z	76	PC: 12a61 \| Terminate with return code (Return code = '0')