Sample viewer

vx.netlux.org/Virus.DOS.Caterpillar.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:46:00.595988007Z	53	PC: 130b6 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:00.597724869Z	61	PC: 12d05 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:46:00.605508518Z	37	PC: 12d14 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:00.607136545Z	66	PC: 12d23 \| Move file pointer
2018-12-17T22:46:00.609075988Z	63	PC: 12d31 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:46:00.613547807Z	62	PC: 12d35 \| Close file
2018-12-17T22:46:00.615786652Z	37	PC: 12d44 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:00.619591347Z	61	PC: 12d84 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:46:00.627459305Z	63	PC: 12d98 \| Read file or device (Read 12 bytes on handle 5)
2018-12-17T22:46:00.631195011Z	66	PC: 12da1 \| Move file pointer
2018-12-17T22:46:00.633343185Z	64	PC: 12dcb \| Write file or device (Write 1586 bytes on handle 5)
2018-12-17T22:46:00.987684909Z	66	PC: 12dd4 \| Move file pointer
2018-12-17T22:46:00.989997422Z	64	PC: 12de2 \| Write file or device (Write 12 bytes on handle 5)
2018-12-17T22:46:00.993858644Z	62	PC: 12dea \| Close file
2018-12-17T22:46:01.003698956Z	41	PC: 1401f \| Parse filename
2018-12-17T22:46:01.00593772Z	41	PC: 1403c \| Parse filename
2018-12-17T22:46:01.009098136Z	26	PC: 174e7 \| Set disk transfer address
2018-12-17T22:46:01.012479396Z	64	PC: 19838 \| Write file or device (Write 6 bytes on handle 2)
2018-12-17T22:46:01.016950835Z	64	PC: 19838 \| Write file or device (Write 2 bytes on handle 2)
2018-12-17T22:46:01.020008127Z	100	PC: 19d8b \| Set wait for external event flag
2018-12-17T22:46:01.021220984Z	46	PC: 13d69 \| Set verify flag
2018-12-17T22:46:01.024194549Z	46	PC: 9f64 \| Set verify flag