Sample viewer

vx.netlux.org/Virus.DOS.Pempe.1811

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:47:51.177335574Z 222 PC: 14b44 | UNKNOWN!
2018-12-17T22:47:51.179746489Z 128 PC: 12cc3 | UNKNOWN!
2018-12-17T22:47:51.182009359Z 49 PC: 12dba | Terminate and stay resident (Return code = '0' | Memory size = '191')
2018-12-17T22:47:51.184559959Z 47 PC: 12f7c | Get disk transfer address
2018-12-17T22:47:51.185864844Z 26 PC: 12f8d | Set disk transfer address
2018-12-17T22:47:51.187611703Z 78 PC: 12f97 | Find first file
2018-12-17T22:47:51.1952714Z 67 PC: 1310e | Get or set file attributes
2018-12-17T22:47:51.214599373Z 61 PC: 12fca | Open file (Filename = 'TEST.EXE')
2018-12-17T22:47:51.222909085Z 66 PC: 13104 | Move file pointer
2018-12-17T22:47:51.224647527Z 63 PC: 12fdd | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:47:51.227680969Z 62 PC: 13011 | Close file
2018-12-17T22:47:51.230623099Z 67 PC: 1310e | Get or set file attributes
2018-12-17T22:47:51.242219129Z 79 PC: 12fa6 | Find next file
2018-12-17T22:47:51.245394377Z 26 PC: 130f9 | Set disk transfer address
2018-12-17T22:47:51.247933707Z 75 PC: 12df9 | Execute program
2018-12-17T22:47:51.280207626Z 222 PC: 12e18 | UNKNOWN!
2018-12-17T22:47:51.282077865Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:51.284024212Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:47:51.285765969Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:47:51.28723167Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:47:51.288736966Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:51.290961996Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:51.292526749Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:47:51.294120533Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:47:51.297177372Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:47:51.299121595Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:47:51.301015815Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:47:51.303946337Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:47:51.305821406Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:47:51.307654295Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:47:51.310069715Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:47:51.316684704Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:47:51.318301263Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:47:51.320974713Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:51.322884024Z 53 PC: 140a2 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:47:51.324736074Z 37 PC: 140b7 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:51.327542133Z 37 PC: 140bf | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:51.329460075Z 37 PC: 140c7 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:51.331435676Z 37 PC: 140cf | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:51.334107508Z 68 PC: 1443f | I/O control for devices (Set for = '')
2018-12-17T22:47:51.402621625Z 37 PC: 13ac5 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:47:51.408224263Z 58 PC: 14f4a | Remove subdirectory
2018-12-17T22:47:51.419870387Z 25 PC: 14e83 | Get default drive
2018-12-17T22:47:51.423063037Z 71 PC: 14e96 | Get current directory
2018-12-17T22:47:51.427297061Z 47 PC: 12f7c | Get disk transfer address
2018-12-17T22:47:51.42918838Z 26 PC: 12f8d | Set disk transfer address
2018-12-17T22:47:51.432008319Z 78 PC: 12f97 | Find first file
2018-12-17T22:47:51.438815538Z 67 PC: 1310e | Get or set file attributes
2018-12-17T22:47:51.450128165Z 61 PC: 12fca | Open file (Filename = 'I<t'<t#<t7<tF< tO< r�;�t�&�C�')
2018-12-17T22:47:51.458486587Z 66 PC: 13104 | Move file pointer
2018-12-17T22:47:51.460801716Z 63 PC: 12fdd | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:47:51.46746483Z 62 PC: 13011 | Close file
2018-12-17T22:47:51.470418161Z 67 PC: 1310e | Get or set file attributes
2018-12-17T22:47:51.483232451Z 79 PC: 12fa6 | Find next file
2018-12-17T22:47:51.486306473Z 26 PC: 130f9 | Set disk transfer address
2018-12-17T22:47:51.488324969Z 59 PC: 14f4a | Change current directory
2018-12-17T22:47:51.496172983Z 14 PC: 14edc | Set default drive (Drive = 'A')
2018-12-17T22:47:51.498076814Z 25 PC: 14ee0 | Get default drive
2018-12-17T22:47:51.499980187Z 47 PC: 12f7c | Get disk transfer address
2018-12-17T22:47:51.502610967Z 26 PC: 12f8d | Set disk transfer address
2018-12-17T22:47:51.504241302Z 78 PC: 12f97 | Find first file
2018-12-17T22:47:51.510968818Z 67 PC: 1310e | Get or set file attributes
2018-12-17T22:47:51.522885924Z 61 PC: 12fca | Open file (Filename = 'I<t'<t#<t7<tF< tO< r�;�t�&�C�')
2018-12-17T22:47:51.530897485Z 66 PC: 13104 | Move file pointer
2018-12-17T22:47:51.532814451Z 63 PC: 12fdd | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:47:51.536725739Z 62 PC: 13011 | Close file
2018-12-17T22:47:51.539370013Z 67 PC: 1310e | Get or set file attributes
2018-12-17T22:47:51.553598364Z 79 PC: 12fa6 | Find next file
2018-12-17T22:47:51.556819096Z 26 PC: 130f9 | Set disk transfer address
2018-12-17T22:47:51.559792917Z 59 PC: 14f4a | Change current directory
2018-12-17T22:47:51.788845029Z 54 PC: 139ba | Get free disk space
2018-12-17T22:47:51.80055334Z 67 PC: 13a1a | Get or set file attributes
2018-12-17T22:47:51.80851787Z 47 PC: 12f7c | Get disk transfer address
2018-12-17T22:47:51.810198322Z 26 PC: 12f8d | Set disk transfer address
2018-12-17T22:47:51.81181668Z 78 PC: 12f97 | Find first file
2018-12-17T22:47:51.819731964Z 67 PC: 1310e | Get or set file attributes
2018-12-17T22:47:51.831208812Z 61 PC: 12fca | Open file (Filename = 'I<t'<t#<t7<tF< tO< r�;�t�&�C�')
2018-12-17T22:47:51.839925398Z 66 PC: 13104 | Move file pointer
2018-12-17T22:47:51.842627689Z 63 PC: 12fdd | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:47:51.850469856Z 62 PC: 13011 | Close file
2018-12-17T22:47:51.85286659Z 67 PC: 1310e | Get or set file attributes
2018-12-17T22:47:51.864493675Z 79 PC: 12fa6 | Find next file
2018-12-17T22:47:51.868398331Z 26 PC: 130f9 | Set disk transfer address
2018-12-17T22:47:51.8701793Z 60 PC: 14cca | Create or truncate file
2018-12-17T22:47:52.216613717Z 62 PC: 14d1a | Close file
2018-12-17T22:47:52.220470597Z 65 PC: 14e13 | Delete file (Filename = 'C:\mempatch.exe')
2018-12-17T22:47:52.232349174Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:47:52.234231066Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:47:52.236927438Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:47:52.239092428Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:47:52.240957554Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:47:52.243556497Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:52.245732656Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:47:52.247541118Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:47:52.249551326Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:47:52.252210071Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:47:52.254076538Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:47:52.255890029Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:47:52.258737611Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:47:52.260561266Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:47:52.262385787Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:47:52.264996242Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:47:52.267135311Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:47:52.268946024Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:47:52.271520089Z 37 PC: 141b6 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:47:52.273647962Z 76 PC: 141f5 | Terminate with return code (Return code = '0')