Sample viewer

vx.netlux.org/Virus.DOS.Frodo.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:44:53.300315435Z	48	PC: 12b3a \| Get DOS version
2018-12-17T22:44:53.302399557Z	82	PC: 12b47 \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:44:53.303993618Z	82	PC: 12b99 \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:44:53.305714688Z	51	PC: 1391a \| Get or set Ctrl-Break
2018-12-17T22:44:53.307711674Z	51	PC: 1391a \| Get or set Ctrl-Break
2018-12-17T22:44:53.30952465Z	75	PC: 1305e \| Execute program
2018-12-17T22:44:53.312655736Z	51	PC: 1391a \| Get or set Ctrl-Break
2018-12-17T22:44:53.315240426Z	51	PC: 1391a \| Get or set Ctrl-Break
2018-12-17T22:44:53.316135064Z	51	PC: 1391a \| Get or set Ctrl-Break
2018-12-17T22:44:53.317182256Z	51	PC: 1391a \| Get or set Ctrl-Break
2018-12-17T22:44:53.318536988Z	74	PC: 12c05 \| Reallocate memory
2018-12-17T22:44:53.328407699Z	51	PC: 1391a \| Get or set Ctrl-Break
2018-12-17T22:44:53.329974179Z	51	PC: 1391a \| Get or set Ctrl-Break
2018-12-17T22:44:53.331470056Z	51	PC: 1391a \| Get or set Ctrl-Break
2018-12-17T22:44:53.348028628Z	74	PC: 12c09 \| Reallocate memory
2018-12-17T22:44:53.350236072Z	51	PC: 1391a \| Get or set Ctrl-Break
2018-12-17T22:44:53.351289291Z	51	PC: 1391a \| Get or set Ctrl-Break
2018-12-17T22:44:53.353292091Z	51	PC: 1391a \| Get or set Ctrl-Break
2018-12-17T22:44:53.354728781Z	74	PC: 12c6d \| Reallocate memory
2018-12-17T22:44:53.356880248Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.358671066Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.359894508Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.361283911Z	9	PC: 12a79 \| Display string (Could not find end pointer)
2018-12-17T22:44:53.36676499Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.368081246Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.369498482Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.371840954Z	76	PC: 12a7f \| Terminate with return code (Return code = '0')
2018-12-17T22:44:53.37552901Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.376441262Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.378503432Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.380107567Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:44:53.382101381Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.384466139Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.386528809Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.388478875Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:44:53.391601379Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.392934937Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.394510002Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.396094869Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:44:53.399185903Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.400618565Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.402315782Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.403652809Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:44:53.406088791Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.407220302Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.408544912Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.410912617Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:44:53.412826941Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.413944036Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.416638094Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.418014994Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:44:53.419846091Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.422548569Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.423915339Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.425146277Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.427460117Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.430848976Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.43206234Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.434390759Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.435764084Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.43733343Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.441386189Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.442724769Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.444193272Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.458192319Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.475240418Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.477576143Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.479248836Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.481228579Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.482920441Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.485180127Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.487440123Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.488488218Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.49141802Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.492583816Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.493869966Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.496295082Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.497350819Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.498506589Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.50077684Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.502318606Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.50464436Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.506070428Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.508850126Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.510164882Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.511658137Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.514647819Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.515820011Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.517773059Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.519390968Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.52066338Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.522742627Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.524486649Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.525658921Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.526628124Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.528644031Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.530540808Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.531462529Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.533604811Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.534454266Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.535548187Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.539229949Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.540377835Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.541646704Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.543637982Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.544707875Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.546679079Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.548337018Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.550220455Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.551266645Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.553551794Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.556107599Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.557540636Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.560302018Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.561663356Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.563035981Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.567199535Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.56843485Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.569882549Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.572858176Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.574518633Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.576591245Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.57810443Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.579115139Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.579849909Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.581396078Z	62	PC: 122ab \| Close file
2018-12-17T22:44:53.584777291Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.585394858Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:53.587127631Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:53.588886513Z	54	PC: 9f49a \| Get free disk space
2018-12-17T22:44:53.626292562Z	67	PC: 9f49a \| Get or set file attributes
2018-12-17T22:44:53.635398984Z	67	PC: 9f49a \| Get or set file attributes
2018-12-17T22:44:53.981170162Z	61	PC: 9f49a \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:44:53.987844025Z	67	PC: 9f49a \| Get or set file attributes
2018-12-17T22:44:53.997454093Z	50	PC: 9f49a \| Get disk parameter block for specified drive
2018-12-17T22:44:54.000273899Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.001830087Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.003809729Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.005252386Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.006675707Z	66	PC: 12372 \| Move file pointer
2018-12-17T22:44:54.009753541Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.010885302Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.012184668Z	68	PC: 9f49a \| I/O control for devices (Set for = '�mfyW�Wv W�Wj W� WcW�W�W W5W')
2018-12-17T22:44:54.01456008Z	87	PC: 9f49a \| Get or set file date and time
2018-12-17T22:44:54.016473235Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.017867634Z	63	PC: 12383 \| Read file or device (Read 44693 bytes on handle 5)
2018-12-17T22:44:54.032933583Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.034210941Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.035667156Z	81	PC: 9f49a \| Get current PSP
2018-12-17T22:44:54.038176195Z	87	PC: 9f49a \| Get or set file date and time
2018-12-17T22:44:54.039823354Z	66	PC: 9f49a \| Move file pointer
2018-12-17T22:44:54.041506642Z	63	PC: 9f49a \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:44:54.048219073Z	66	PC: 9f49a \| Move file pointer
2018-12-17T22:44:54.04974052Z	63	PC: 9f49a \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:44:54.052486145Z	66	PC: 9f49a \| Move file pointer
2018-12-17T22:44:54.054998752Z	66	PC: 9f49a \| Move file pointer
2018-12-17T22:44:54.056927817Z	64	PC: 9f49a \| Write file or device (Write 28 bytes on handle 5)
2018-12-17T22:44:54.059860263Z	66	PC: 9f49a \| Move file pointer
2018-12-17T22:44:54.062465973Z	64	PC: 9f49a \| Write file or device (Write 4085 bytes on handle 5)
2018-12-17T22:44:54.072501771Z	87	PC: 9f49a \| Get or set file date and time
2018-12-17T22:44:54.074369744Z	62	PC: 9f49a \| Close file
2018-12-17T22:44:54.082214471Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.085022423Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.086151546Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.088284671Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.089997839Z	99	PC: 98fc7 \| Get DBCS lead byte table pointer
2018-12-17T22:44:54.092026943Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.093867537Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.095184354Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.096554469Z	56	PC: 937e9 \| Get or set country info
2018-12-17T22:44:54.099929816Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.101319672Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.102560396Z	68	PC: 9f49a \| I/O control for devices (Set for = ' %1 mm-dd-yy')
2018-12-17T22:44:54.105005577Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.106203176Z	64	PC: 99238 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:44:54.111713076Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.113283212Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.114329773Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.11540107Z	25	PC: 93852 \| Get default drive
2018-12-17T22:44:54.118140127Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.119145514Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.120166623Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.122120239Z	71	PC: 95acd \| Get current directory
2018-12-17T22:44:54.12652772Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.127332379Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.131049216Z	68	PC: 9f49a \| I/O control for devices (Set for = 'A:\$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$MS DOS Version 6 (C)Copyright 1981-1994 Microsoft Corp Licensed Material - Property of Microsoft All rights reserved ')
2018-12-17T22:44:54.132469934Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.133610549Z	64	PC: 99238 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:44:54.138012959Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.139523739Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.140572876Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.143668211Z	2	PC: 95aa2 \| Character output (Char = '3e')
2018-12-17T22:44:54.146833245Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.148114207Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.150245683Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.1524124Z	93	PC: 93910 \| File sharing functions
2018-12-17T22:44:54.154815168Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.156153469Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.158377169Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.159779667Z	93	PC: 93917 \| File sharing functions
2018-12-17T22:44:54.162463528Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.164407413Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.165731332Z	51	PC: 9f49a \| Get or set Ctrl-Break
2018-12-17T22:44:54.167747234Z	10	PC: 93929 \| Buffered keyboard input