Sample viewer

vx.netlux.org/Virus.DOS.Unknown.1111

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:43:28.64176591Z	37	PC: 151a2 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:43:28.644087691Z	81	PC: 1540f \| Get current PSP
2018-12-17T22:43:28.645597286Z	26	PC: 1541c \| Set disk transfer address
2018-12-17T22:43:28.647073028Z	78	PC: 1542c \| Find first file
2018-12-17T22:43:28.661459447Z	79	PC: 15434 \| Find next file
2018-12-17T22:43:28.665666169Z	79	PC: 15434 \| Find next file
2018-12-17T22:43:28.669161754Z	67	PC: 15276 \| Get or set file attributes
2018-12-17T22:43:29.01780271Z	61	PC: 15463 \| Open file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T22:43:29.02665704Z	63	PC: 1554b \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:43:29.03279587Z	66	PC: 15551 \| Move file pointer
2018-12-17T22:43:29.035428745Z	64	PC: 1553b \| Write file or device (Write 1153 bytes on handle 5)
2018-12-17T22:43:29.052162965Z	66	PC: 15544 \| Move file pointer
2018-12-17T22:43:29.05400811Z	64	PC: 152b4 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:43:29.057391254Z	87	PC: 152c6 \| Get or set file date and time
2018-12-17T22:43:29.068684585Z	62	PC: 152c9 \| Close file
2018-12-17T22:43:29.076885698Z	67	PC: 152d6 \| Get or set file attributes
2018-12-17T22:43:29.08339816Z	81	PC: 1540f \| Get current PSP
2018-12-17T22:43:29.08549633Z	26	PC: 1541c \| Set disk transfer address
2018-12-17T22:43:29.08732762Z	78	PC: 1542c \| Find first file
2018-12-17T22:43:29.095015278Z	79	PC: 15434 \| Find next file
2018-12-17T22:43:29.098538425Z	79	PC: 15434 \| Find next file
2018-12-17T22:43:29.102718015Z	79	PC: 15434 \| Find next file
2018-12-17T22:43:29.106063759Z	67	PC: 15276 \| Get or set file attributes
2018-12-17T22:43:29.116324571Z	61	PC: 15463 \| Open file (Filename = 'C:\DOS\EXPAND.EXE')
2018-12-17T22:43:29.124497151Z	63	PC: 1554b \| Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:43:29.130600624Z	66	PC: 15551 \| Move file pointer
2018-12-17T22:43:29.133089388Z	64	PC: 1553b \| Write file or device (Write 1150 bytes on handle 5)
2018-12-17T22:43:29.143070875Z	66	PC: 15544 \| Move file pointer
2018-12-17T22:43:29.1449372Z	64	PC: 15396 \| Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:43:29.148334321Z	87	PC: 152c6 \| Get or set file date and time
2018-12-17T22:43:29.150913505Z	62	PC: 152c9 \| Close file
2018-12-17T22:43:29.159127842Z	67	PC: 152d6 \| Get or set file attributes
2018-12-17T22:43:29.167734367Z	81	PC: 1540f \| Get current PSP
2018-12-17T22:43:29.173880391Z	26	PC: 1541c \| Set disk transfer address
2018-12-17T22:43:29.175689228Z	78	PC: 1542c \| Find first file
2018-12-17T22:43:29.182317577Z	79	PC: 15434 \| Find next file
2018-12-17T22:43:29.185802121Z	79	PC: 15434 \| Find next file
2018-12-17T22:43:29.190165306Z	79	PC: 15434 \| Find next file
2018-12-17T22:43:29.193240522Z	79	PC: 15434 \| Find next file
2018-12-17T22:43:29.196406578Z	79	PC: 15434 \| Find next file
2018-12-17T22:43:29.200340086Z	67	PC: 15276 \| Get or set file attributes
2018-12-17T22:43:29.210891514Z	61	PC: 15463 \| Open file (Filename = 'C:\DOS\MEM.EXE')
2018-12-17T22:43:29.218170675Z	63	PC: 1554b \| Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:43:29.231908807Z	66	PC: 15551 \| Move file pointer
2018-12-17T22:43:29.234605723Z	64	PC: 1553b \| Write file or device (Write 1156 bytes on handle 5)
2018-12-17T22:43:29.244386422Z	66	PC: 15544 \| Move file pointer
2018-12-17T22:43:29.246649793Z	64	PC: 15396 \| Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:43:29.249486241Z	87	PC: 152c6 \| Get or set file date and time
2018-12-17T22:43:29.250941534Z	62	PC: 152c9 \| Close file
2018-12-17T22:43:29.25893655Z	67	PC: 152d6 \| Get or set file attributes
2018-12-17T22:43:29.263891506Z	9	PC: 12a51 \| Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-17T22:43:29.265824878Z	76	PC: 12a56 \| Terminate with return code (Return code = '0')