Sample viewer

vx.netlux.org/Virus.DOS.Headcrash.1067

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:49:27.904648588Z	53	PC: 15168 \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:49:27.906621943Z	37	PC: 1517b \| Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:49:27.907721759Z	42	PC: 15192 \| Get date 0x15192: test dl, 1 0x15195: jne 0x1519a 0x15197: jmp 0x1526b 0x1519a: mov ah, 0x30 0x1519c: int 0x21 0x1519e: cmp al, 0 0x151a0: je 0x15197 0x151a2: mov ax, 0x58cc 0x151a5: mov dx, word ptr [si + 6] 0x151a8: int 0x21 0x151aa: jae 0x15197 0x151ac: mov ax, 0x5801 0x151af: mov bx, 1 0x151b2: int 0x21 0x151b4: mov ah, 0x4a 0x151b6: mov bx, 0x1000 0x151b9: int 0x21 0x151bb: mov ah, 0x48 0x151bd: int 0x21 0x151bf: jae 0x151c4
2018-12-17T22:49:27.910021109Z	48	PC: 1519e \| Get DOS version
2018-12-17T22:49:27.911951607Z	88	PC: 151aa \| case 0xGet or set allocation strateg:
2018-12-17T22:49:27.913477754Z	88	PC: 151b4 \| case 0xGet or set allocation strateg:
2018-12-17T22:49:27.914599706Z	74	PC: 151bb \| Reallocate memory
2018-12-17T22:49:27.916299319Z	72	PC: 151bf \| Allocate memory
2018-12-17T22:49:27.918840375Z	38	PC: 151e5 \| Create PSP
2018-12-17T22:49:27.919933464Z	49	PC: 15214 \| Terminate and stay resident (Return code = '212' \| Memory size = '113')
2018-12-17T22:49:27.921575013Z	38	PC: 15235 \| Create PSP
2018-12-17T22:49:27.928203632Z	53	PC: 1524c \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:49:27.929220253Z	37	PC: 1525f \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:49:27.930162818Z	74	PC: 15267 \| Reallocate memory
2018-12-17T22:49:27.931888813Z	74	PC: 1526b \| Reallocate memory
2018-12-17T22:49:27.932952664Z	37	PC: 15290 \| Set interrupt vector (Interrupt = '9' AKA 'Display string')