Sample viewer

vx.netlux.org/Virus.DOS.Trivial.278

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:43:31.80171817Z	37	PC: 12ad8 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:43:31.807171002Z	37	PC: 12ae0 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:43:31.808352461Z	78	PC: 12aea \| Find first file
2018-12-17T22:43:31.813025247Z	61	PC: 12af4 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:43:31.81988986Z	64	PC: 12aff \| Write file or device (Write 278 bytes on handle 5)
2018-12-17T22:43:31.828167286Z	62	PC: 12b03 \| Close file
2018-12-17T22:43:31.846539112Z	79	PC: 12aea \| Find next file
2018-12-17T22:43:31.84993544Z	61	PC: 12af4 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:43:31.858372006Z	64	PC: 12aff \| Write file or device (Write 278 bytes on handle 5)
2018-12-17T22:43:31.86659492Z	62	PC: 12b03 \| Close file
2018-12-17T22:43:31.876936413Z	79	PC: 12aea \| Find next file
2018-12-17T22:43:31.883403018Z	61	PC: 12af4 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:43:31.891436707Z	64	PC: 12aff \| Write file or device (Write 278 bytes on handle 5)
2018-12-17T22:43:31.899093548Z	62	PC: 12b03 \| Close file
2018-12-17T22:43:31.909079994Z	79	PC: 12aea \| Find next file
2018-12-17T22:43:31.912798849Z	61	PC: 12af4 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:43:31.92032291Z	64	PC: 12aff \| Write file or device (Write 278 bytes on handle 5)
2018-12-17T22:43:31.92773947Z	62	PC: 12b03 \| Close file
2018-12-17T22:43:31.939023523Z	79	PC: 12aea \| Find next file
2018-12-17T22:43:31.945296435Z	61	PC: 12af4 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:43:31.952518809Z	64	PC: 12aff \| Write file or device (Write 278 bytes on handle 5)
2018-12-17T22:43:31.96096877Z	62	PC: 12b03 \| Close file
2018-12-17T22:43:31.969464226Z	79	PC: 12aea \| Find next file
2018-12-17T22:43:31.972307797Z	61	PC: 12af4 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:43:31.980893101Z	64	PC: 12aff \| Write file or device (Write 278 bytes on handle 5)
2018-12-17T22:43:31.98801681Z	62	PC: 12b03 \| Close file
2018-12-17T22:43:31.996847336Z	79	PC: 12aea \| Find next file
2018-12-17T22:43:32.001213827Z	61	PC: 12af4 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:43:32.008953483Z	64	PC: 12aff \| Write file or device (Write 278 bytes on handle 5)
2018-12-17T22:43:32.015995569Z	62	PC: 12b03 \| Close file
2018-12-17T22:43:32.024523647Z	79	PC: 12aea \| Find next file
2018-12-17T22:43:32.028361966Z	61	PC: 12af4 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:43:32.035231838Z	64	PC: 12aff \| Write file or device (Write 278 bytes on handle 5)
2018-12-17T22:43:32.038285573Z	62	PC: 12b03 \| Close file
2018-12-17T22:43:32.054585748Z	79	PC: 12aea \| Find next file
2018-12-17T22:43:32.065017711Z	53	PC: 12b16 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:43:32.072227663Z	53	PC: 12b22 \| Get interrupt vector (Interrupt = '47' AKA 'Get disk transfer address')
2018-12-17T22:43:32.075204674Z	37	PC: 12b32 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:43:32.077087551Z	37	PC: 12b39 \| Set interrupt vector (Interrupt = '47' AKA 'Get disk transfer address')
2018-12-17T22:43:32.078934189Z	73	PC: 12b41 \| Release memory
2018-12-17T22:43:32.081499577Z	49	PC: 12b49 \| Terminate and stay resident (Return code = '0' \| Memory size = '21')