Sample viewer

vx.netlux.org/Virus.DOS.Monday.499

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:52:12.417779802Z	26	PC: 12aef \| Set disk transfer address
2018-12-17T22:52:12.419928854Z	78	PC: 12af8 \| Find first file
2018-12-17T22:52:12.428873446Z	67	PC: 12b2d \| Get or set file attributes
2018-12-17T22:52:12.434546581Z	67	PC: 12b35 \| Get or set file attributes
2018-12-17T22:52:12.780143668Z	61	PC: 12b3c \| Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-17T22:52:12.787175715Z	63	PC: 12b50 \| Read file or device (Read 499 bytes on handle 5)
2018-12-17T22:52:12.792459953Z	64	PC: 12b73 \| Write file or device (Write 86 bytes on handle 5)
2018-12-17T22:52:12.795107846Z	66	PC: 12b7c \| Move file pointer
2018-12-17T22:52:12.796587409Z	87	PC: 12b8c \| Get or set file date and time
2018-12-17T22:52:12.797877616Z	64	PC: 12b97 \| Write file or device (Write 499 bytes on handle 5)
2018-12-17T22:52:12.804393406Z	66	PC: 12ba0 \| Move file pointer
2018-12-17T22:52:12.805660552Z	64	PC: 12bac \| Write file or device (Write 497 bytes on handle 5)
2018-12-17T22:52:12.811077011Z	64	PC: 12bb6 \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:52:12.813664232Z	87	PC: 12bbd \| Get or set file date and time
2018-12-17T22:52:12.81532478Z	62	PC: 12bc7 \| Close file
2018-12-17T22:52:12.822410192Z	67	PC: 12bce \| Get or set file attributes
2018-12-17T22:52:12.828353455Z	67	PC: 12bd6 \| Get or set file attributes
2018-12-17T22:52:12.838638117Z	26	PC: 12b21 \| Set disk transfer address
2018-12-17T22:52:12.839514974Z	26	PC: 12aef \| Set disk transfer address
2018-12-17T22:52:12.840518216Z	78	PC: 12af8 \| Find first file
2018-12-17T22:52:12.845222133Z	67	PC: 12b2d \| Get or set file attributes
2018-12-17T22:52:12.851309676Z	67	PC: 12b35 \| Get or set file attributes
2018-12-17T22:52:12.866835471Z	61	PC: 12b3c \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:52:12.874197365Z	63	PC: 12b50 \| Read file or device (Read 499 bytes on handle 5)
2018-12-17T22:52:12.880600388Z	64	PC: 12b73 \| Write file or device (Write 92 bytes on handle 5)
2018-12-17T22:52:12.883280404Z	66	PC: 12b7c \| Move file pointer
2018-12-17T22:52:12.885415972Z	87	PC: 12b8c \| Get or set file date and time
2018-12-17T22:52:12.886727207Z	64	PC: 12b97 \| Write file or device (Write 499 bytes on handle 5)
2018-12-17T22:52:12.895243075Z	66	PC: 12ba0 \| Move file pointer
2018-12-17T22:52:12.897612537Z	64	PC: 12bac \| Write file or device (Write 497 bytes on handle 5)
2018-12-17T22:52:12.904366626Z	64	PC: 12bb6 \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:52:12.907251813Z	87	PC: 12bbd \| Get or set file date and time
2018-12-17T22:52:12.909712614Z	62	PC: 12bc7 \| Close file
2018-12-17T22:52:12.917550136Z	67	PC: 12bce \| Get or set file attributes
2018-12-17T22:52:12.923377112Z	67	PC: 12bd6 \| Get or set file attributes
2018-12-17T22:52:12.934218268Z	26	PC: 12b21 \| Set disk transfer address
2018-12-17T22:52:12.935362295Z	42	PC: 12bdb \| Get date 0x12bdb: cmp al, 1 0x12bdd: jne 0x12c12 0x12bdf: mov dx, 0x2d3 0x12be2: mov ah, 9 0x12be4: int 0x21 0x12be6: mov ax, ds 0x12be8: add ax, 0x1000 0x12beb: mov es, ax 0x12bed: xor di, di 0x12bef: xor ax, ax 0x12bf1: mov cx, 0x17 0x12bf4: inc ah 0x12bf6: stosw word ptr es:[di], ax 0x12bf7: loop 0x12bf4 0x12bf9: xor cx, cx 0x12bfb: push cx 0x12bfc: xor bx, bx 0x12bfe: mov dx, 0x80 0x12c01: mov ax, 0x501 0x12c04: int 0x13
2018-12-17T22:52:12.937871933Z	9	PC: 12be6 \| Display string (String= 'I don't like mondays ...')
2018-12-17T22:52:12.946410876Z	9	PC: 12e26 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10812,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:29:19.973026802Z	26	PC: 12aef \| Set disk transfer address
2018-12-25T12:29:19.975805478Z	78	PC: 12af8 \| Find first file
2018-12-25T12:29:19.981632045Z	67	PC: 12b2d \| Get or set file attributes
2018-12-25T12:29:19.98768202Z	67	PC: 12b35 \| Get or set file attributes
2018-12-25T12:29:20.004253683Z	61	PC: 12b3c \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:29:20.012304821Z	63	PC: 12b50 \| Read file or device (Read 499 bytes on handle 5)
2018-12-25T12:29:20.018818148Z	64	PC: 12b73 \| Write file or device (Write 92 bytes on handle 5)
2018-12-25T12:29:20.022255676Z	66	PC: 12b7c \| Move file pointer
2018-12-25T12:29:20.023654134Z	87	PC: 12b8c \| Get or set file date and time
2018-12-25T12:29:20.024922897Z	64	PC: 12b97 \| Write file or device (Write 499 bytes on handle 5)
2018-12-25T12:29:20.037605982Z	66	PC: 12ba0 \| Move file pointer
2018-12-25T12:29:20.039258895Z	64	PC: 12bac \| Write file or device (Write 497 bytes on handle 5)
2018-12-25T12:29:20.045471665Z	64	PC: 12bb6 \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T12:29:20.048161107Z	87	PC: 12bbd \| Get or set file date and time
2018-12-25T12:29:20.049958543Z	62	PC: 12bc7 \| Close file
2018-12-25T12:29:20.057793521Z	67	PC: 12bce \| Get or set file attributes
2018-12-25T12:29:20.063574339Z	67	PC: 12bd6 \| Get or set file attributes
2018-12-25T12:29:20.073574695Z	26	PC: 12b21 \| Set disk transfer address
2018-12-25T12:29:20.07481791Z	26	PC: 12aef \| Set disk transfer address (See above)
2018-12-25T12:29:20.075874215Z	78	PC: 12af8 \| Find first file (See above)
2018-12-25T12:29:20.090154854Z	67	PC: 12b2d \| Get or set file attributes (See above)
2018-12-25T12:29:20.096265807Z	67	PC: 12b35 \| Get or set file attributes (See above)
2018-12-25T12:29:20.420814361Z	61	PC: 12b3c \| Open file (See above)
2018-12-25T12:29:20.428900643Z	63	PC: 12b50 \| Read file or device (See above)
2018-12-25T12:29:20.434333783Z	64	PC: 12b73 \| Write file or device (See above)
2018-12-25T12:29:20.437756241Z	66	PC: 12b7c \| Move file pointer (See above)
2018-12-25T12:29:20.440140244Z	87	PC: 12b8c \| Get or set file date and time (See above)
2018-12-25T12:29:20.441887989Z	64	PC: 12b97 \| Write file or device (See above)
2018-12-25T12:29:20.755940828Z	66	PC: 12ba0 \| Move file pointer (See above)
2018-12-25T12:29:20.758021094Z	64	PC: 12bac \| Write file or device (See above)
2018-12-25T12:29:20.763653165Z	64	PC: 12bb6 \| Write file or device (See above)
2018-12-25T12:29:20.767115582Z	87	PC: 12bbd \| Get or set file date and time (See above)
2018-12-25T12:29:20.769595854Z	62	PC: 12bc7 \| Close file (See above)
2018-12-25T12:29:20.942997348Z	67	PC: 12bce \| Get or set file attributes (See above)
2018-12-25T12:29:20.949390283Z	67	PC: 12bd6 \| Get or set file attributes (See above)
2018-12-25T12:29:21.082756824Z	26	PC: 12b21 \| Set disk transfer address (See above)
2018-12-25T12:29:21.084464756Z	42	PC: 12bdb \| Get date 0x12bdb: cmp al, 1 0x12bdd: jne 0x12c12 0x12bdf: mov dx, 0x2d3 0x12be2: mov ah, 9 0x12be4: int 0x21 0x12be6: mov ax, ds 0x12be8: add ax, 0x1000 0x12beb: mov es, ax 0x12bed: xor di, di 0x12bef: xor ax, ax 0x12bf1: mov cx, 0x17 0x12bf4: inc ah 0x12bf6: stosw word ptr es:[di], ax 0x12bf7: loop 0x12bf4 0x12bf9: xor cx, cx 0x12bfb: push cx 0x12bfc: xor bx, bx 0x12bfe: mov dx, 0x80 0x12c01: mov ax, 0x501 0x12c04: int 0x13
2018-12-25T12:29:21.08714526Z	9	PC: 12e26 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10812,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T13:07:16.559476435Z	26	PC: 12aef \| Set disk transfer address
2018-12-25T13:07:16.560611251Z	78	PC: 12af8 \| Find first file
2018-12-25T13:07:16.571301203Z	67	PC: 12b2d \| Get or set file attributes
2018-12-25T13:07:16.578571848Z	67	PC: 12b35 \| Get or set file attributes
2018-12-25T13:07:16.932856697Z	61	PC: 12b3c \| Open file (Filename = 'C:\DOS\EDIT.COM')
2018-12-25T13:07:16.944105859Z	63	PC: 12b50 \| Read file or device (Read 499 bytes on handle 5)
2018-12-25T13:07:16.952621296Z	64	PC: 12b73 \| Write file or device (Write 86 bytes on handle 5)
2018-12-25T13:07:16.956446892Z	66	PC: 12b7c \| Move file pointer
2018-12-25T13:07:16.959690034Z	87	PC: 12b8c \| Get or set file date and time
2018-12-25T13:07:16.961750991Z	64	PC: 12b97 \| Write file or device (Write 499 bytes on handle 5)
2018-12-25T13:07:16.969801991Z	66	PC: 12ba0 \| Move file pointer
2018-12-25T13:07:16.972044937Z	64	PC: 12bac \| Write file or device (Write 497 bytes on handle 5)
2018-12-25T13:07:16.979544805Z	64	PC: 12bb6 \| Write file or device (Write 2 bytes on handle 5)
2018-12-25T13:07:16.983227609Z	87	PC: 12bbd \| Get or set file date and time
2018-12-25T13:07:16.985691682Z	62	PC: 12bc7 \| Close file
2018-12-25T13:07:17.008843557Z	67	PC: 12bce \| Get or set file attributes
2018-12-25T13:07:17.024673816Z	67	PC: 12bd6 \| Get or set file attributes
2018-12-25T13:07:17.036906851Z	26	PC: 12b21 \| Set disk transfer address
2018-12-25T13:07:17.039164023Z	26	PC: 12aef \| Set disk transfer address (See above)
2018-12-25T13:07:17.040536483Z	78	PC: 12af8 \| Find first file (See above)
2018-12-25T13:07:17.04751347Z	67	PC: 12b2d \| Get or set file attributes (See above)
2018-12-25T13:07:17.055674551Z	67	PC: 12b35 \| Get or set file attributes (See above)
2018-12-25T13:07:17.068665747Z	61	PC: 12b3c \| Open file (See above)
2018-12-25T13:07:17.080311165Z	63	PC: 12b50 \| Read file or device (See above)
2018-12-25T13:07:17.084108575Z	62	PC: 12bc7 \| Close file (See above)
2018-12-25T13:07:17.086367522Z	67	PC: 12bce \| Get or set file attributes (See above)
2018-12-25T13:07:17.093183237Z	67	PC: 12bd6 \| Get or set file attributes (See above)
2018-12-25T13:07:17.107088397Z	79	PC: 12b18 \| Find next file
2018-12-25T13:07:17.110760217Z	67	PC: 12b2d \| Get or set file attributes (See above)
2018-12-25T13:07:17.117687414Z	67	PC: 12b35 \| Get or set file attributes (See above)
2018-12-25T13:07:17.129154409Z	61	PC: 12b3c \| Open file (See above)
2018-12-25T13:07:17.137666425Z	63	PC: 12b50 \| Read file or device (See above)
2018-12-25T13:07:17.145008207Z	66	PC: 12b7c \| Move file pointer (See above)
2018-12-25T13:07:17.147008224Z	87	PC: 12b8c \| Get or set file date and time (See above)
2018-12-25T13:07:17.14982527Z	64	PC: 12b97 \| Write file or device (See above)
2018-12-25T13:07:17.158507464Z	66	PC: 12ba0 \| Move file pointer (See above)
2018-12-25T13:07:17.160807513Z	64	PC: 12bac \| Write file or device (See above)
2018-12-25T13:07:17.165597793Z	64	PC: 12bb6 \| Write file or device (See above)
2018-12-25T13:07:17.169836673Z	87	PC: 12bbd \| Get or set file date and time (See above)
2018-12-25T13:07:17.17190337Z	62	PC: 12bc7 \| Close file (See above)
2018-12-25T13:07:17.180920097Z	67	PC: 12bce \| Get or set file attributes (See above)
2018-12-25T13:07:17.187826287Z	67	PC: 12bd6 \| Get or set file attributes (See above)
2018-12-25T13:07:17.198693854Z	26	PC: 12b21 \| Set disk transfer address (See above)
2018-12-25T13:07:17.200857124Z	42	PC: 12bdb \| Get date 0x12bdb: cmp al, 1 0x12bdd: jne 0x12c12 0x12bdf: mov dx, 0x2d3 0x12be2: mov ah, 9 0x12be4: int 0x21 0x12be6: mov ax, ds 0x12be8: add ax, 0x1000 0x12beb: mov es, ax 0x12bed: xor di, di 0x12bef: xor ax, ax 0x12bf1: mov cx, 0x17 0x12bf4: inc ah 0x12bf6: stosw word ptr es:[di], ax 0x12bf7: loop 0x12bf4 0x12bf9: xor cx, cx 0x12bfb: push cx 0x12bfc: xor bx, bx 0x12bfe: mov dx, 0x80 0x12c01: mov ax, 0x501 0x12c04: int 0x13
2018-12-25T13:07:17.203737228Z	9	PC: 12be6 \| Display string (String= 'I don't like mondays ...')
2018-12-25T13:07:17.213046227Z	9	PC: 12e26 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')