Sample viewer

vx.netlux.org/Virus.DOS.VCL.Kinison.734.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:44:34.409090397Z	47	PC: 12a77 \| Get disk transfer address
2018-12-17T22:44:34.411533329Z	26	PC: 12a7f \| Set disk transfer address
2018-12-17T22:44:34.413564304Z	42	PC: 12c4b \| Get date 0x12c4b: mov al, dl 0x12c4d: cwde 0x12c4e: ret 0x12c4f: mov ah, 0x2a 0x12c51: int 0x21 0x12c53: cwde 0x12c54: ret 0x12c55: inc sp 0x12c56: dec cx 0x12c57: inc bp 0x12c58: and byte ptr [bp + si + 0x49], al 0x12c5b: push sp 0x12c5c: inc bx 0x12c5d: dec ax 0x12c5e: and word ptr [bx + di], sp 0x12c60: and word ptr [bx + di], sp 0x12c62: and word ptr [bx + si], sp 0x12c64: inc cx 0x12c65: dec ax 0x12c66: dec ax
2018-12-17T22:44:34.416289593Z	71	PC: 12ae2 \| Get current directory
2018-12-17T22:44:34.420055179Z	59	PC: 12aea \| Change current directory
2018-12-17T22:44:34.424934144Z	47	PC: 12aff \| Get disk transfer address
2018-12-17T22:44:34.426492651Z	26	PC: 12b0d \| Set disk transfer address
2018-12-17T22:44:34.427999563Z	78	PC: 12b17 \| Find first file
2018-12-17T22:44:34.435708657Z	79	PC: 12b3b \| Find next file
2018-12-17T22:44:34.442958188Z	79	PC: 12b3b \| Find next file
2018-12-17T22:44:34.446151347Z	79	PC: 12b3b \| Find next file
2018-12-17T22:44:34.450155016Z	79	PC: 12b3b \| Find next file
2018-12-17T22:44:34.453029567Z	79	PC: 12b3b \| Find next file
2018-12-17T22:44:34.456459092Z	79	PC: 12b3b \| Find next file
2018-12-17T22:44:34.460935452Z	79	PC: 12b3b \| Find next file
2018-12-17T22:44:34.464214801Z	79	PC: 12b3b \| Find next file
2018-12-17T22:44:34.480870763Z	79	PC: 12b3b \| Find next file
2018-12-17T22:44:34.485141458Z	47	PC: 12b5f \| Get disk transfer address
2018-12-17T22:44:34.502647692Z	26	PC: 12b6e \| Set disk transfer address
2018-12-17T22:44:34.507914647Z	78	PC: 12b76 \| Find first file
2018-12-17T22:44:34.512783301Z	47	PC: 12b8e \| Get disk transfer address
2018-12-17T22:44:34.514344115Z	67	PC: 12b9a \| Get or set file attributes
2018-12-17T22:44:34.527540019Z	61	PC: 12b9f \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:44:34.535054845Z	63	PC: 12bab \| Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:44:34.542842605Z	66	PC: 12bcf \| Move file pointer
2018-12-17T22:44:34.54464173Z	66	PC: 12bd7 \| Move file pointer
2018-12-17T22:44:34.548283717Z	64	PC: 12bec \| Write file or device (Write 734 bytes on handle 5)
2018-12-17T22:44:34.559103413Z	66	PC: 12bf4 \| Move file pointer
2018-12-17T22:44:34.561069242Z	64	PC: 12bff \| Write file or device (Write 7 bytes on handle 5)
2018-12-17T22:44:34.572382255Z	87	PC: 12c0b \| Get or set file date and time
2018-12-17T22:44:34.579789776Z	62	PC: 12c0f \| Close file
2018-12-17T22:44:34.589379118Z	67	PC: 12c1c \| Get or set file attributes
2018-12-17T22:44:34.601840313Z	26	PC: 12b88 \| Set disk transfer address
2018-12-17T22:44:34.603818118Z	26	PC: 12b4b \| Set disk transfer address
2018-12-17T22:44:34.605836968Z	59	PC: 12af4 \| Change current directory
2018-12-17T22:44:34.608052812Z	42	PC: 12c4b \| Get date 0x12c4b: mov al, dl 0x12c4d: cwde 0x12c4e: ret 0x12c4f: mov ah, 0x2a 0x12c51: int 0x21 0x12c53: cwde 0x12c54: ret 0x12c55: inc sp 0x12c56: dec cx 0x12c57: inc bp 0x12c58: and byte ptr [bp + si + 0x49], al 0x12c5b: push sp 0x12c5c: inc bx 0x12c5d: dec ax 0x12c5e: and word ptr [bx + di], sp 0x12c60: and word ptr [bx + di], sp 0x12c62: and word ptr [bx + si], sp 0x12c64: inc cx 0x12c65: dec ax 0x12c66: dec ax
2018-12-17T22:44:34.610878077Z	26	PC: 12abe \| Set disk transfer address