Sample viewer

vx.netlux.org/Virus.DOS.Search.308

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:46:52.376594901Z	53	PC: 13dd7 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:46:52.378225279Z	37	PC: 13ded \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:46:52.384208331Z	37	PC: 13e3a \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:46:52.385136645Z	26	PC: 13e57 \| Set disk transfer address
2018-12-17T22:46:52.397550164Z	78	PC: 13e64 \| Find first file
2018-12-17T22:46:52.401737043Z	61	PC: 13e9e \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:46:52.405765719Z	63	PC: 13eab \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:52.409894473Z	66	PC: 13ec9 \| Move file pointer
2018-12-17T22:46:52.411309427Z	64	PC: 13ed6 \| Write file or device (Write 308 bytes on handle 5)
2018-12-17T22:46:52.428971645Z	66	PC: 13edf \| Move file pointer
2018-12-17T22:46:52.430572297Z	64	PC: 13efa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:46:52.437466092Z	62	PC: 13eb7 \| Close file
2018-12-17T22:46:52.445005636Z	79	PC: 13e64 \| Find next file
2018-12-17T22:46:52.446785399Z	61	PC: 13e9e \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:46:52.451344968Z	63	PC: 13eab \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:52.457383352Z	66	PC: 13ec9 \| Move file pointer
2018-12-17T22:46:52.460075626Z	64	PC: 13ed6 \| Write file or device (Write 308 bytes on handle 5)
2018-12-17T22:46:52.463949559Z	66	PC: 13edf \| Move file pointer
2018-12-17T22:46:52.465803987Z	64	PC: 13efa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:46:52.469038745Z	62	PC: 13eb7 \| Close file
2018-12-17T22:46:52.482641917Z	79	PC: 13e64 \| Find next file
2018-12-17T22:46:52.48549976Z	61	PC: 13e9e \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:46:52.492197447Z	63	PC: 13eab \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:52.499935492Z	66	PC: 13ec9 \| Move file pointer
2018-12-17T22:46:52.501798304Z	64	PC: 13ed6 \| Write file or device (Write 308 bytes on handle 5)
2018-12-17T22:46:52.504612143Z	66	PC: 13edf \| Move file pointer
2018-12-17T22:46:52.506647604Z	64	PC: 13efa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:46:52.514125307Z	62	PC: 13eb7 \| Close file
2018-12-17T22:46:52.522163931Z	79	PC: 13e64 \| Find next file
2018-12-17T22:46:52.525930133Z	61	PC: 13e9e \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:46:52.532472236Z	63	PC: 13eab \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:52.539276758Z	66	PC: 13ec9 \| Move file pointer
2018-12-17T22:46:52.54116338Z	64	PC: 13ed6 \| Write file or device (Write 308 bytes on handle 5)
2018-12-17T22:46:52.543937074Z	66	PC: 13edf \| Move file pointer
2018-12-17T22:46:52.545391117Z	64	PC: 13efa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:46:52.548992982Z	62	PC: 13eb7 \| Close file
2018-12-17T22:46:52.556794154Z	79	PC: 13e64 \| Find next file
2018-12-17T22:46:52.559447597Z	61	PC: 13e9e \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:46:52.567100669Z	63	PC: 13eab \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:52.573557282Z	66	PC: 13ec9 \| Move file pointer
2018-12-17T22:46:52.575174262Z	64	PC: 13ed6 \| Write file or device (Write 308 bytes on handle 5)
2018-12-17T22:46:52.577979585Z	66	PC: 13edf \| Move file pointer
2018-12-17T22:46:52.579992535Z	64	PC: 13efa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:46:52.582674623Z	62	PC: 13eb7 \| Close file
2018-12-17T22:46:52.590226308Z	79	PC: 13e64 \| Find next file
2018-12-17T22:46:52.593955587Z	61	PC: 13e9e \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:46:52.600515164Z	63	PC: 13eab \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:52.607329814Z	66	PC: 13ec9 \| Move file pointer
2018-12-17T22:46:52.609970726Z	64	PC: 13ed6 \| Write file or device (Write 308 bytes on handle 5)
2018-12-17T22:46:52.618642569Z	66	PC: 13edf \| Move file pointer
2018-12-17T22:46:52.620658504Z	64	PC: 13efa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:46:52.628403296Z	62	PC: 13eb7 \| Close file
2018-12-17T22:46:52.647016903Z	79	PC: 13e64 \| Find next file
2018-12-17T22:46:52.649761211Z	61	PC: 13e9e \| Open file (Filename = 'PAH.COM')
2018-12-17T22:46:52.657482031Z	63	PC: 13eab \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:52.664412889Z	66	PC: 13ec9 \| Move file pointer
2018-12-17T22:46:52.666313578Z	64	PC: 13ed6 \| Write file or device (Write 308 bytes on handle 5)
2018-12-17T22:46:52.669616228Z	66	PC: 13edf \| Move file pointer
2018-12-17T22:46:52.671639064Z	64	PC: 13efa \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:46:52.674642938Z	62	PC: 13eb7 \| Close file
2018-12-17T22:46:52.683185917Z	79	PC: 13e64 \| Find next file
2018-12-17T22:46:52.687093352Z	61	PC: 13e9e \| Open file (Filename = 'TEST.COM')
2018-12-17T22:46:52.693717785Z	63	PC: 13eab \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:52.697904936Z	62	PC: 13eb7 \| Close file
2018-12-17T22:46:52.699782408Z	79	PC: 13e64 \| Find next file
2018-12-17T22:46:52.702340101Z	26	PC: 13e7f \| Set disk transfer address
2018-12-17T22:46:52.71577257Z	76	PC: 13dc8 \| Terminate with return code (Return code = '0')