Sample viewer

vx.netlux.org/Virus.DOS.Anarchy.3153

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:42:18.875628384Z 61 PC: 12c6e | Open file (Filename = 'JANKA DYAGILEVA')
2018-12-17T22:42:18.883868641Z 53 PC: 12b47 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:42:18.885380511Z 37 PC: 12b82 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:42:18.886952613Z 67 PC: 12d0f | Get or set file attributes
2018-12-17T22:42:18.892624917Z 61 PC: 12d0f | Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:42:18.899398749Z 53 PC: 12d0f | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:18.900739738Z 37 PC: 12d0f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:18.902068574Z 68 PC: 12d0f | I/O control for devices (Set for = '�>��u�����/��')
2018-12-17T22:42:18.90428153Z 87 PC: 12d0f | Get or set file date and time
2018-12-17T22:42:18.906167742Z 66 PC: 12d0f | Move file pointer
2018-12-17T22:42:18.907945231Z 63 PC: 12d0f | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:42:18.911770756Z 66 PC: 12d0f | Move file pointer
2018-12-17T22:42:18.913709127Z 63 PC: 12d0f | Read file or device (Read 96 bytes on handle 5)
2018-12-17T22:42:18.917773551Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.921492926Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.924062673Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.926616419Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.938006071Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.940526525Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.947278656Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.950649087Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.955101659Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.958378123Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.961238606Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.964930099Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.96761938Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.970060064Z 44 PC: 12d0f | Get time 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:18.974454648Z 64 PC: 13698 | Write file or device (Write 3153 bytes on handle 5)
2018-12-17T22:42:19.32694977Z 66 PC: 12d0f | Move file pointer
2018-12-17T22:42:19.328957831Z 64 PC: 12d0f | Write file or device (Write 28 bytes on handle 5)
2018-12-17T22:42:19.333578981Z 87 PC: 12d0f | Get or set file date and time
2018-12-17T22:42:19.335722647Z 62 PC: 12d0f | Close file
2018-12-17T22:42:19.344032975Z 37 PC: 12d0f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:19.34675083Z 42 PC: 12d0f | Get date 0x12d0f: ret
0x12d10: pushf
0x12d11: cmp ax, 0xabcd
0x12d14: jne 0x12d22
0x12d16: mov ax, 0xffff
0x12d19: popf
0x12d1a: clc
0x12d1b: retf 2
0x12d1e: popf
0x12d1f: stc
0x12d20: jmp 0x12d1b
0x12d22: cmp ax, 0xcc0
0x12d25: jne 0x12d2b
0x12d27: xchg ah, al
0x12d29: popf
0x12d2a: iret
0x12d2b: cmp ax, 0x714e
0x12d2e: je 0x12d35
0x12d30: cmp ax, 0x714f
0x12d33: jne 0x12d45
2018-12-17T22:42:19.350142841Z 74 PC: 12b9b | Reallocate memory
2018-12-17T22:42:19.352832703Z 67 PC: 12d0f | Get or set file attributes
2018-12-17T22:42:19.359384038Z 61 PC: 12d0f | Open file (Filename = 'A:\TEST.COM')
2018-12-17T22:42:19.368475063Z 53 PC: 12d0f | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:19.370268371Z 37 PC: 12d0f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:19.377773888Z 68 PC: 12d0f | I/O control for devices (Set for = '�>��u�����/��')
2018-12-17T22:42:19.380625022Z 87 PC: 12d0f | Get or set file date and time
2018-12-17T22:42:19.382586095Z 66 PC: 12d0f | Move file pointer
2018-12-17T22:42:19.384465005Z 63 PC: 12d0f | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:42:19.388677616Z 66 PC: 12d0f | Move file pointer
2018-12-17T22:42:19.390325161Z 63 PC: 12d0f | Read file or device (Read 96 bytes on handle 5)
2018-12-17T22:42:19.39382778Z 87 PC: 12d0f | Get or set file date and time
2018-12-17T22:42:19.396296196Z 62 PC: 12d0f | Close file
2018-12-17T22:42:19.411640996Z 37 PC: 12d0f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:19.413431238Z 75 PC: 12bc5 | Execute program
2018-12-17T22:42:19.431924051Z 73 PC: 12bd6 | Release memory
2018-12-17T22:42:19.434805854Z 77 PC: 12bda | Get program return code
2018-12-17T22:42:19.436575457Z 76 PC: 12bde | Terminate with return code (Return code = '0')