Sample viewer

vx.netlux.org/Virus.DOS.ByteSV.SoulSick.1064

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:47:49.730654418Z	47	PC: 14fbc \| Get disk transfer address
2018-12-17T22:47:49.733225162Z	26	PC: 14fc6 \| Set disk transfer address
2018-12-17T22:47:49.734541574Z	71	PC: 14fcf \| Get current directory
2018-12-17T22:47:49.737691109Z	78	PC: 14ff8 \| Find first file
2018-12-17T22:47:49.744589391Z	67	PC: 150f3 \| Get or set file attributes
2018-12-17T22:47:49.762558685Z	61	PC: 150fc \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:47:49.770245394Z	63	PC: 1510a \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:47:49.780457126Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:49.782934243Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:49.785035316Z	64	PC: 15149 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:49.788600268Z	66	PC: 15153 \| Move file pointer
2018-12-17T22:47:49.791579955Z	64	PC: 1515e \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:47:49.795066358Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:49.797942316Z	64	PC: 1546d \| Write file or device (Write 1064 bytes on handle 5)
2018-12-17T22:47:49.809967963Z	87	PC: 15173 \| Get or set file date and time
2018-12-17T22:47:49.812075454Z	62	PC: 15177 \| Close file
2018-12-17T22:47:49.820949845Z	67	PC: 15186 \| Get or set file attributes
2018-12-17T22:47:49.832763492Z	79	PC: 14ff8 \| Find next file
2018-12-17T22:47:49.83631435Z	79	PC: 14ff8 \| Find next file
2018-12-17T22:47:49.840187376Z	67	PC: 150f3 \| Get or set file attributes
2018-12-17T22:47:49.855673152Z	61	PC: 150fc \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:47:49.873444455Z	63	PC: 1510a \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:47:49.881079985Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:49.882877619Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:49.885552185Z	64	PC: 15149 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:49.889017353Z	66	PC: 15153 \| Move file pointer
2018-12-17T22:47:49.891028399Z	64	PC: 1515e \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:47:49.897516207Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:49.900836622Z	64	PC: 1546d \| Write file or device (Write 1064 bytes on handle 5)
2018-12-17T22:47:49.910938056Z	87	PC: 15173 \| Get or set file date and time
2018-12-17T22:47:49.913419236Z	62	PC: 15177 \| Close file
2018-12-17T22:47:49.921887434Z	67	PC: 15186 \| Get or set file attributes
2018-12-17T22:47:49.933422489Z	79	PC: 14ff8 \| Find next file
2018-12-17T22:47:49.938032578Z	67	PC: 150f3 \| Get or set file attributes
2018-12-17T22:47:49.949938469Z	61	PC: 150fc \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:47:49.958310263Z	63	PC: 1510a \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:47:49.967009991Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:49.969206639Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:49.971331786Z	64	PC: 15149 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:49.975248635Z	66	PC: 15153 \| Move file pointer
2018-12-17T22:47:49.977373935Z	64	PC: 1515e \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:47:49.980975807Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:49.984350293Z	64	PC: 1546d \| Write file or device (Write 1064 bytes on handle 5)
2018-12-17T22:47:49.995058157Z	87	PC: 15173 \| Get or set file date and time
2018-12-17T22:47:49.997918076Z	62	PC: 15177 \| Close file
2018-12-17T22:47:50.00716492Z	67	PC: 15186 \| Get or set file attributes
2018-12-17T22:47:50.019413979Z	79	PC: 14ff8 \| Find next file
2018-12-17T22:47:50.022669931Z	67	PC: 150f3 \| Get or set file attributes
2018-12-17T22:47:50.033483986Z	61	PC: 150fc \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:47:50.042144191Z	63	PC: 1510a \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:47:50.049708633Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:50.051690383Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:50.054467078Z	64	PC: 15149 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:50.057760122Z	66	PC: 15153 \| Move file pointer
2018-12-17T22:47:50.059333237Z	64	PC: 1515e \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:47:50.063093524Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:50.065531538Z	64	PC: 1546d \| Write file or device (Write 1064 bytes on handle 5)
2018-12-17T22:47:50.075836339Z	87	PC: 15173 \| Get or set file date and time
2018-12-17T22:47:50.078602574Z	62	PC: 15177 \| Close file
2018-12-17T22:47:50.088008912Z	67	PC: 15186 \| Get or set file attributes
2018-12-17T22:47:50.10040623Z	79	PC: 14ff8 \| Find next file
2018-12-17T22:47:50.105061858Z	67	PC: 150f3 \| Get or set file attributes
2018-12-17T22:47:50.117150052Z	61	PC: 150fc \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:47:50.12562753Z	63	PC: 1510a \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:47:50.133259344Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:50.136562469Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:50.138677558Z	64	PC: 15149 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:50.142064197Z	66	PC: 15153 \| Move file pointer
2018-12-17T22:47:50.145231114Z	64	PC: 1515e \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:47:50.149534245Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:50.152450135Z	64	PC: 1546d \| Write file or device (Write 1064 bytes on handle 5)
2018-12-17T22:47:50.163926269Z	87	PC: 15173 \| Get or set file date and time
2018-12-17T22:47:50.165745131Z	62	PC: 15177 \| Close file
2018-12-17T22:47:50.174248962Z	67	PC: 15186 \| Get or set file attributes
2018-12-17T22:47:50.185911024Z	79	PC: 14ff8 \| Find next file
2018-12-17T22:47:50.188866881Z	67	PC: 150f3 \| Get or set file attributes
2018-12-17T22:47:50.199415505Z	61	PC: 150fc \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:47:50.207201346Z	63	PC: 1510a \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:47:50.215006304Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:50.216565414Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:50.218155168Z	64	PC: 15149 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:50.222349779Z	66	PC: 15153 \| Move file pointer
2018-12-17T22:47:50.22386384Z	64	PC: 1515e \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:47:50.22686553Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:50.230036576Z	64	PC: 1546d \| Write file or device (Write 1064 bytes on handle 5)
2018-12-17T22:47:50.24024884Z	87	PC: 15173 \| Get or set file date and time
2018-12-17T22:47:50.241953869Z	62	PC: 15177 \| Close file
2018-12-17T22:47:50.251346412Z	67	PC: 15186 \| Get or set file attributes
2018-12-17T22:47:50.262405088Z	79	PC: 14ff8 \| Find next file
2018-12-17T22:47:50.265723164Z	67	PC: 150f3 \| Get or set file attributes
2018-12-17T22:47:50.282333928Z	61	PC: 150fc \| Open file (Filename = 'PAH.COM')
2018-12-17T22:47:50.290497657Z	63	PC: 1510a \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:47:50.298066888Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:50.300333373Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:50.302794509Z	64	PC: 15149 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:50.306167469Z	66	PC: 15153 \| Move file pointer
2018-12-17T22:47:50.308017319Z	64	PC: 1515e \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:47:50.31234579Z	66	PC: 15342 \| Move file pointer
2018-12-17T22:47:50.31507766Z	64	PC: 1546d \| Write file or device (Write 1064 bytes on handle 5)
2018-12-17T22:47:50.325987194Z	87	PC: 15173 \| Get or set file date and time
2018-12-17T22:47:50.328621597Z	62	PC: 15177 \| Close file
2018-12-17T22:47:50.337361589Z	67	PC: 15186 \| Get or set file attributes
2018-12-17T22:47:50.349719405Z	79	PC: 14ff8 \| Find next file
2018-12-17T22:47:50.354560167Z	67	PC: 150f3 \| Get or set file attributes
2018-12-17T22:47:50.362480727Z	61	PC: 150fc \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:47:50.367935414Z	63	PC: 1510a \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:47:50.371009734Z	87	PC: 15173 \| Get or set file date and time
2018-12-17T22:47:50.372582579Z	62	PC: 15177 \| Close file
2018-12-17T22:47:50.380275324Z	67	PC: 15186 \| Get or set file attributes
2018-12-17T22:47:50.39136162Z	79	PC: 14ff8 \| Find next file
2018-12-17T22:47:50.394435393Z	78	PC: 15027 \| Find first file
2018-12-17T22:47:50.407060392Z	79	PC: 15027 \| Find next file
2018-12-17T22:47:50.410261919Z	79	PC: 15027 \| Find next file
2018-12-17T22:47:50.414108588Z	79	PC: 15027 \| Find next file
2018-12-17T22:47:50.417222552Z	79	PC: 15027 \| Find next file
2018-12-17T22:47:50.420370694Z	79	PC: 15027 \| Find next file
2018-12-17T22:47:50.42429594Z	79	PC: 15027 \| Find next file
2018-12-17T22:47:50.427103205Z	79	PC: 15027 \| Find next file
2018-12-17T22:47:50.430664099Z	79	PC: 15027 \| Find next file
2018-12-17T22:47:50.434835238Z	79	PC: 15027 \| Find next file
2018-12-17T22:47:50.437921443Z	59	PC: 15095 \| Change current directory
2018-12-17T22:47:50.442757567Z	26	PC: 150a5 \| Set disk transfer address
2018-12-17T22:47:50.448058564Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:50.449379881Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:47:50.450640815Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:47:50.452703369Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:50.453903136Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:50.455070968Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:47:50.456823583Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:47:50.458019423Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:47:50.459327597Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:47:50.461123871Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:47:50.462577606Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:47:50.464353739Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:47:50.478135924Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:47:50.47960805Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:47:50.48109032Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:47:50.483907625Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:47:50.485502949Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:50.487001224Z	53	PC: 14ea6 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:47:50.488720395Z	37	PC: 14ebb \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:50.490927657Z	37	PC: 14ec3 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:50.49243175Z	37	PC: 14ecb \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:50.493936627Z	37	PC: 14ed3 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:50.496317669Z	68	PC: 157bb \| I/O control for devices (Set for = '')
2018-12-17T22:47:50.563151684Z	37	PC: 14867 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:47:50.602792693Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:50.604702308Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:47:50.606049141Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:47:50.607744601Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:50.609781173Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:50.611175618Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:47:50.613489069Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:47:50.615696181Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:47:50.617227669Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:47:50.618742098Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:47:50.621446897Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:47:50.62339452Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:47:50.625346824Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:47:50.627369567Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:47:50.629060961Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:47:50.631312233Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:47:50.633229674Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:50.634897245Z	37	PC: 14fb5 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:47:50.63678927Z	76	PC: 14ff4 \| Terminate with return code (Return code = '1')