Sample viewer

vx.netlux.org/Virus.DOS.Riot.Paradis.302

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:52:33.284410704Z	26	PC: 12a91 \| Set disk transfer address
2018-12-17T22:52:33.286650282Z	78	PC: 12a9a \| Find first file
2018-12-17T22:52:33.293619774Z	67	PC: 12aa7 \| Get or set file attributes
2018-12-17T22:52:33.298882321Z	61	PC: 12ab0 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:52:33.303381972Z	63	PC: 12abf \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:33.312142238Z	66	PC: 12ad1 \| Move file pointer
2018-12-17T22:52:33.31478087Z	64	PC: 12a69 \| Write file or device (Write 302 bytes on handle 5)
2018-12-17T22:52:33.330533714Z	66	PC: 12ae8 \| Move file pointer
2018-12-17T22:52:33.335407311Z	64	PC: 12af4 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:33.340187026Z	62	PC: 12afa \| Close file
2018-12-17T22:52:33.345973629Z	79	PC: 12a9a \| Find next file
2018-12-17T22:52:33.349719522Z	67	PC: 12aa7 \| Get or set file attributes
2018-12-17T22:52:33.353059845Z	61	PC: 12ab0 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:52:33.358228499Z	63	PC: 12abf \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:33.366524334Z	66	PC: 12ad1 \| Move file pointer
2018-12-17T22:52:33.368378546Z	64	PC: 12a69 \| Write file or device (Write 302 bytes on handle 5)
2018-12-17T22:52:33.37155943Z	66	PC: 12ae8 \| Move file pointer
2018-12-17T22:52:33.375523099Z	64	PC: 12af4 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:33.379203934Z	62	PC: 12afa \| Close file
2018-12-17T22:52:33.38784122Z	79	PC: 12a9a \| Find next file
2018-12-17T22:52:33.391334625Z	67	PC: 12aa7 \| Get or set file attributes
2018-12-17T22:52:33.396490149Z	61	PC: 12ab0 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:52:33.403501668Z	63	PC: 12abf \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:33.410618208Z	66	PC: 12ad1 \| Move file pointer
2018-12-17T22:52:33.412538721Z	64	PC: 12a69 \| Write file or device (Write 302 bytes on handle 5)
2018-12-17T22:52:33.415753418Z	66	PC: 12ae8 \| Move file pointer
2018-12-17T22:52:33.417714271Z	64	PC: 12af4 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:33.421618682Z	62	PC: 12afa \| Close file
2018-12-17T22:52:33.430415252Z	79	PC: 12a9a \| Find next file
2018-12-17T22:52:33.433725304Z	67	PC: 12aa7 \| Get or set file attributes
2018-12-17T22:52:33.439613963Z	61	PC: 12ab0 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:52:33.447066244Z	63	PC: 12abf \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:33.451498577Z	66	PC: 12ad1 \| Move file pointer
2018-12-17T22:52:33.453911265Z	64	PC: 12a69 \| Write file or device (Write 302 bytes on handle 5)
2018-12-17T22:52:33.457054618Z	66	PC: 12ae8 \| Move file pointer
2018-12-17T22:52:33.458730495Z	64	PC: 12af4 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:33.462449551Z	62	PC: 12afa \| Close file
2018-12-17T22:52:33.471627203Z	79	PC: 12a9a \| Find next file
2018-12-17T22:52:33.474619522Z	67	PC: 12aa7 \| Get or set file attributes
2018-12-17T22:52:33.48046521Z	61	PC: 12ab0 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:52:33.488102643Z	63	PC: 12abf \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:33.49564169Z	66	PC: 12ad1 \| Move file pointer
2018-12-17T22:52:33.498746566Z	64	PC: 12a69 \| Write file or device (Write 302 bytes on handle 5)
2018-12-17T22:52:33.502001677Z	66	PC: 12ae8 \| Move file pointer
2018-12-17T22:52:33.503756921Z	64	PC: 12af4 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:33.507922199Z	62	PC: 12afa \| Close file
2018-12-17T22:52:33.5171575Z	79	PC: 12a9a \| Find next file
2018-12-17T22:52:33.520496758Z	67	PC: 12aa7 \| Get or set file attributes
2018-12-17T22:52:33.52589036Z	61	PC: 12ab0 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:52:33.533536092Z	63	PC: 12abf \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:33.541052994Z	66	PC: 12ad1 \| Move file pointer
2018-12-17T22:52:33.543184911Z	64	PC: 12a69 \| Write file or device (Write 302 bytes on handle 5)
2018-12-17T22:52:33.557773392Z	66	PC: 12ae8 \| Move file pointer
2018-12-17T22:52:33.559848847Z	64	PC: 12af4 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:33.567486101Z	62	PC: 12afa \| Close file
2018-12-17T22:52:33.579942022Z	79	PC: 12a9a \| Find next file
2018-12-17T22:52:33.582942997Z	67	PC: 12aa7 \| Get or set file attributes
2018-12-17T22:52:33.587819821Z	61	PC: 12ab0 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:52:33.595889697Z	63	PC: 12abf \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:33.603344072Z	66	PC: 12ad1 \| Move file pointer
2018-12-17T22:52:33.605584081Z	64	PC: 12a69 \| Write file or device (Write 302 bytes on handle 5)
2018-12-17T22:52:33.609829823Z	66	PC: 12ae8 \| Move file pointer
2018-12-17T22:52:33.612127878Z	64	PC: 12af4 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:33.61550328Z	62	PC: 12afa \| Close file
2018-12-17T22:52:33.625351458Z	79	PC: 12a9a \| Find next file
2018-12-17T22:52:33.628269548Z	67	PC: 12aa7 \| Get or set file attributes
2018-12-17T22:52:33.638791257Z	61	PC: 12ab0 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:52:33.647623635Z	63	PC: 12abf \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:33.650821609Z	79	PC: 12a9a \| Find next file
2018-12-17T22:52:33.65427006Z	44	PC: 12b02 \| Get time 0x12b02: cmp dl, 5 0x12b05: ja 0x12b2a 0x12b07: jmp 0x12b09 0x12b09: mov ah, 0x2c 0x12b0b: int 0x21 0x12b0d: cmp dl, 0x50 0x12b10: ja 0x12b14 0x12b12: jmp 0x12b1f 0x12b14: cli 0x12b15: mov ah, 2 0x12b17: cdq 0x12b18: mov cx, 0x100 0x12b1b: int 0x26 0x12b1d: jmp 0x12b2a 0x12b1f: cli 0x12b20: mov ah, 3 0x12b22: cdq 0x12b23: mov cx, 0x100 0x12b26: int 0x26 0x12b28: jmp 0x12b2a