Sample viewer

vx.netlux.org/Virus.DOS.Ash.270.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:43:42.168804985Z	48	PC: 1935c \| Get DOS version
2018-12-17T22:43:42.181209002Z	74	PC: 193ac \| Reallocate memory
2018-12-17T22:43:42.183859999Z	48	PC: 19410 \| Get DOS version
2018-12-17T22:43:42.185784627Z	53	PC: 19418 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:43:42.189639922Z	37	PC: 1942a \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:43:42.191193008Z	53	PC: 1c072 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:43:42.192403956Z	37	PC: 1c082 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:43:42.194566373Z	53	PC: 1c087 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:43:42.19587142Z	37	PC: 1c097 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:43:42.197366814Z	53	PC: 19dc6 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:43:42.21216364Z	53	PC: 19dc6 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:43:42.214078829Z	53	PC: 19dc6 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:43:42.215880914Z	53	PC: 19dc6 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:43:42.218272314Z	53	PC: 19dc6 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:43:42.225265514Z	53	PC: 19dc6 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:43:42.226561854Z	53	PC: 19dc6 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:43:42.234558867Z	53	PC: 19dc6 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:43:42.235748019Z	53	PC: 19dc6 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:43:42.236874813Z	53	PC: 19dc6 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:43:42.238800245Z	53	PC: 19dc6 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:43:42.239982326Z	37	PC: 19df5 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:43:42.24151956Z	37	PC: 19df5 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:43:42.243588445Z	37	PC: 19df5 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:43:42.245608372Z	37	PC: 19df5 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:43:42.246996825Z	37	PC: 19df5 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:43:42.24947732Z	37	PC: 19df5 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:43:42.252203532Z	37	PC: 19df5 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:43:42.254031165Z	37	PC: 19df5 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:43:42.256415769Z	37	PC: 19dfc \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:43:42.257858523Z	37	PC: 19e01 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:43:42.259280375Z	68	PC: 194bb \| I/O control for devices (Set for = '��Z�>�V��4��L�SQR�6��\�D�u� t�S��z��')
2018-12-17T22:43:42.261392661Z	68	PC: 194bb \| I/O control for devices (Set for = '')
2018-12-17T22:43:42.263592593Z	68	PC: 194bb \| I/O control for devices (Set for = '��t.��l�H')
2018-12-17T22:43:42.26558472Z	68	PC: 194bb \| I/O control for devices (Set for = '�l�H')
2018-12-17T22:43:42.267469838Z	68	PC: 194bb \| I/O control for devices (Set for = '�l�H')
2018-12-17T22:43:42.268865083Z	53	PC: 16628 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:43:42.269848651Z	53	PC: 16635 \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:43:42.271366395Z	53	PC: 16642 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:43:42.272717379Z	37	PC: 16657 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:43:42.273986984Z	37	PC: 1665f \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:43:42.275348485Z	37	PC: 16667 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:43:42.276966207Z	53	PC: 170e6 \| Get interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:43:42.278060659Z	53	PC: 170f3 \| Get interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:43:42.279359975Z	53	PC: 17102 \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:43:42.289232227Z	37	PC: 1710f \| Set interrupt vector (Interrupt = '239' AKA 'UNKNOWN!')
2018-12-17T22:43:42.290401324Z	53	PC: 17116 \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:43:42.292024653Z	37	PC: 17123 \| Set interrupt vector (Interrupt = '240' AKA 'UNKNOWN!')
2018-12-17T22:43:42.293458196Z	53	PC: 1712f \| Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:43:42.296203515Z	48	PC: 171f1 \| Get DOS version
2018-12-17T22:43:42.297458278Z	74	PC: 152f3 \| Reallocate memory
2018-12-17T22:43:42.299903237Z	74	PC: 152f3 \| Reallocate memory
2018-12-17T22:43:42.301786269Z	68	PC: 1659e \| I/O control for devices (Set for = '1...')
2018-12-17T22:43:42.304578493Z	68	PC: 1659e \| I/O control for devices (Set for = '')
2018-12-17T22:43:42.30592221Z	51	PC: 165bc \| Get or set Ctrl-Break
2018-12-17T22:43:42.307638128Z	51	PC: 165c8 \| Get or set Ctrl-Break