Sample viewer

vx.netlux.org/Virus.DOS.Phantom.2201

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:46:18.49504568Z 53 PC: 1325f | Get interrupt vector (Interrupt = '178' AKA 'UNKNOWN!')
2018-12-17T22:46:18.496433888Z 37 PC: 13280 | Set interrupt vector (Interrupt = '178' AKA 'UNKNOWN!')
2018-12-17T22:46:18.498572234Z 53 PC: 9f347 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:46:18.499879639Z 53 PC: 9f356 | Get interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-17T22:46:18.504322854Z 53 PC: 9f365 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:46:18.517209678Z 37 PC: 9f379 | Set interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-17T22:46:18.519416973Z 37 PC: 9f381 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:46:18.521858328Z 9 PC: 13207 | Display string (String= '�^V�L�������^3��ػ��5�=I�u')
2018-12-17T22:46:18.600909918Z 44 PC: 9f6ff | Get time 0x9f6ff: ret
0x9f700: push bx
0x9f701: mov cx, 0xffff
0x9f704: mov dx, 0xfffe
0x9f707: mov al, 2
0x9f709: call 0xaf6e1
0x9f70c: mov dx, 0x999
0x9f70f: mov cx, 2
0x9f712: call 0xaf6f3
0x9f715: jb 0x9f721
0x9f717: mov bx, dx
0x9f719: mov ax, word ptr [bx - 2]
0x9f71c: xor ax, word ptr [bx]
0x9f71e: clc
0x9f71f: jne 0x9f722
0x9f721: stc
0x9f722: pop bx
0x9f723: ret
0x9f724: push dx
0x9f725: mov ax, 0x4300
2018-12-17T22:46:18.606293459Z 77 PC: 11fe0 | Get program return code
2018-12-17T22:46:18.608047674Z 72 PC: 12174 | Allocate memory
2018-12-17T22:46:18.616034965Z 72 PC: 1218d | Allocate memory
2018-12-17T22:46:18.620703654Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:46:18.622600747Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:46:18.624340133Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.626994198Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.629719546Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.631825552Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.634890889Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.637641285Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.640410776Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.643017622Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.646730635Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.650008071Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.653643599Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.658394903Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.661429763Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.663593737Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.667901948Z 62 PC: 122ab | Close file
2018-12-17T22:46:18.671366215Z 99 PC: 99b47 | Get DBCS lead byte table pointer
2018-12-17T22:46:18.673222291Z 56 PC: 94369 | Get or set country info
2018-12-17T22:46:18.686253506Z 64 PC: 99db8 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:46:18.693314657Z 25 PC: 943d2 | Get default drive
2018-12-17T22:46:18.704639817Z 71 PC: 9664d | Get current directory
2018-12-17T22:46:18.713661031Z 64 PC: 99db8 | Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:46:18.718016911Z 2 PC: 96622 | Character output (Char = '3e')
2018-12-17T22:46:18.721331847Z 93 PC: 94490 | File sharing functions
2018-12-17T22:46:18.723309942Z 93 PC: 94497 | File sharing functions
2018-12-17T22:46:18.726577369Z 10 PC: 944a9 | Buffered keyboard input
2018-12-17T22:46:33.427312075Z 0 PC: 0 | Program terminate
2018-12-17T22:46:34.782383074Z 0 PC: 0 | Program terminate
2018-12-17T22:46:34.885465497Z 64 PC: 99db8 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:46:34.893139439Z 41 PC: 9451e | Parse filename
2018-12-17T22:46:34.898003975Z 41 PC: 9459f | Parse filename
2018-12-17T22:46:34.900102878Z 41 PC: 945bc | Parse filename
2018-12-17T22:46:34.90275582Z 26 PC: 97a67 | Set disk transfer address
2018-12-17T22:46:34.905723764Z 71 PC: 97c63 | Get current directory
2018-12-17T22:46:34.914907633Z 78 PC: 97c6e | Find first file
2018-12-17T22:46:34.925149429Z 71 PC: 97adc | Get current directory
2018-12-17T22:46:34.930219651Z 73 PC: 97179 | Release memory
2018-12-17T22:46:34.935853051Z 67 PC: 9f6ff | Get or set file attributes
2018-12-17T22:46:34.94231081Z 61 PC: 9f6ff | Open file (Filename = 'A:\PRINT.COM')
2018-12-17T22:46:34.94979177Z 66 PC: 9f6ff | Move file pointer
2018-12-17T22:46:34.95184698Z 63 PC: 9f6ff | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:46:34.959272236Z 66 PC: 9f6ff | Move file pointer
2018-12-17T22:46:34.961060815Z 87 PC: 9f6ff | Get or set file date and time
2018-12-17T22:46:34.963738113Z 62 PC: 9f6ff | Close file
2018-12-17T22:46:34.977925238Z 67 PC: 9f6ff | Get or set file attributes
2018-12-17T22:46:34.988680729Z 75 PC: 11821 | Execute program
2018-12-17T22:46:35.000761478Z 9 PC: 12a47 | Display string (String= 'Hello, World! ')
2018-12-17T22:46:35.005060261Z 76 PC: 12a4b | Terminate with return code (Return code = '36')
2018-12-17T22:46:35.008524538Z 77 PC: 11fe0 | Get program return code
2018-12-17T22:46:35.010974139Z 72 PC: 12174 | Allocate memory
2018-12-17T22:46:35.01389794Z 72 PC: 1218d | Allocate memory
2018-12-17T22:46:35.016128369Z 37 PC: 123c4 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:46:35.018528046Z 37 PC: 123cb | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:46:35.020592934Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.022620112Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.024840031Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.027712015Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.029716489Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.031733859Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.034766354Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.036769456Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.040736416Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.045984964Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.048269064Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.050324484Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.052854997Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.054970239Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.056968833Z 62 PC: 122ab | Close file
2018-12-17T22:46:35.061115902Z 99 PC: 99b47 | Get DBCS lead byte table pointer
2018-12-17T22:46:35.062966728Z 56 PC: 94369 | Get or set country info
2018-12-17T22:46:35.065395369Z 64 PC: 99db8 | Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:46:35.070620523Z 25 PC: 943d2 | Get default drive
2018-12-17T22:46:35.073379475Z 71 PC: 9664d | Get current directory
2018-12-17T22:46:35.077930402Z 64 PC: 99db8 | Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:46:35.091599675Z 2 PC: 96622 | Character output (Char = '3e')
2018-12-17T22:46:35.096715823Z 93 PC: 94490 | File sharing functions
2018-12-17T22:46:35.099032625Z 93 PC: 94497 | File sharing functions
2018-12-17T22:46:35.101451889Z 10 PC: 944a9 | Buffered keyboard input