Sample viewer

vx.netlux.org/Virus.DOS.Ruts.3474

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:51:17.285504477Z 87 PC: 12c70 | Get or set file date and time
2018-12-17T21:51:17.288663526Z 42 PC: 12de8 | Get date 0x12de8: xchg cx, dx
0x12dea: mov ax, 0x16d
0x12ded: mul dx
0x12def: push dx
0x12df0: push ax
0x12df1: mov ah, ch
0x12df3: mov al, 0x1e
0x12df5: mul ah
0x12df7: xor ch, ch
0x12df9: add ax, cx
0x12dfb: cdq
0x12dfc: pop cx
0x12dfd: add ax, cx
0x12dff: pop cx
0x12e00: adc dx, cx
0x12e02: pop cx
0x12e03: ret
0x12e04: push bp
0x12e05: mov bp, sp
0x12e07: sub sp, 0x120
2018-12-17T21:51:17.292169277Z 53 PC: 12e53 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:51:17.294293041Z 37 PC: 12e5e | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:51:17.296821356Z 61 PC: 12e80 | Open file (Filename = 'C:\CONFIG.SYS')
2018-12-17T21:51:17.303998835Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.309693096Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.312208619Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.314845876Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.317535833Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.320181114Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.324120575Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.326918659Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.329699036Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.33343331Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.336311584Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.338864139Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.342318661Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.344052469Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.345710703Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.348179422Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.349969619Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.351826712Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.354415865Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.35617731Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.35822802Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.367522775Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.369549752Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.371271227Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.373854657Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.375662678Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.377415669Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.379829027Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.381630087Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.383357959Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.385297172Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.387670858Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.389584741Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.391421922Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.393669533Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.395482836Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.397542619Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.399905772Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.401986635Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.404317996Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.406927461Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.40968434Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.412074725Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.414524879Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.416659504Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.418676846Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.421830011Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.42377149Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.425575119Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.428185574Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.430347565Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.433085611Z 95 PC: 12e26 | Network redirection functions
2018-12-17T21:51:17.434911053Z 53 PC: 132c8 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:51:17.436832509Z 37 PC: 132d3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:51:17.438443173Z 67 PC: 132e2 | Get or set file attributes
2018-12-17T21:51:17.447201068Z 86 PC: 13315 | Rename file
2018-12-17T21:51:17.792499935Z 61 PC: 13333 | Open file (Filename = 'C:\WINDOWS\HIMEM')
2018-12-17T21:51:17.800016929Z 87 PC: 12f36 | Get or set file date and time
2018-12-17T21:51:17.803102093Z 66 PC: 12f55 | Move file pointer
2018-12-17T21:51:17.804828845Z 63 PC: 12f6e | Read file or device (Read 24 bytes on handle 6)
2018-12-17T21:51:17.810549938Z 66 PC: 12f89 | Move file pointer
2018-12-17T21:51:17.813748132Z 64 PC: 13d95 | Write file or device (Write 3474 bytes on handle 6)
2018-12-17T21:51:17.829585685Z 66 PC: 12ff2 | Move file pointer
2018-12-17T21:51:17.831482171Z 64 PC: 13009 | Write file or device (Write 24 bytes on handle 6)
2018-12-17T21:51:17.835768647Z 87 PC: 13026 | Get or set file date and time
2018-12-17T21:51:17.838122754Z 62 PC: 13340 | Close file
2018-12-17T21:51:17.845972855Z 86 PC: 1335b | Rename file
2018-12-17T21:51:17.857898428Z 37 PC: 13362 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:51:17.859422249Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.862718874Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.866235211Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.869367903Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.872115482Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.875625404Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.879271795Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.882021563Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.884766251Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.888547802Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.891301038Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.894786708Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.898594433Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.901332746Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.903832394Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.907534756Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.910356593Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.913116055Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.916765531Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.919880892Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.922617489Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.9261681Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.929249399Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.931964032Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.935496867Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.938608688Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.9413717Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.944634351Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.947783352Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.950566727Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.953699216Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.957874525Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.960646155Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.963423854Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.967308716Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.970788884Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.973562854Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.97713735Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.979858406Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.98275358Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.986736467Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.989496496Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.992249096Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.995844261Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:17.998954573Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.001693974Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.005233458Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.008176009Z 95 PC: 12e26 | Network redirection functions
2018-12-17T21:51:18.010074671Z 53 PC: 132c8 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:51:18.011956974Z 37 PC: 132d3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:51:18.013745867Z 67 PC: 132e2 | Get or set file attributes
2018-12-17T21:51:18.020210308Z 86 PC: 13315 | Rename file
2018-12-17T21:51:18.032327047Z 61 PC: 13333 | Open file (Filename = 'C:\WINDOWS\SMARTDRV')
2018-12-17T21:51:18.039772727Z 87 PC: 12f36 | Get or set file date and time
2018-12-17T21:51:18.042210712Z 66 PC: 12f55 | Move file pointer
2018-12-17T21:51:18.044110991Z 63 PC: 12f6e | Read file or device (Read 24 bytes on handle 6)
2018-12-17T21:51:18.050741095Z 66 PC: 12f89 | Move file pointer
2018-12-17T21:51:18.053229337Z 64 PC: 13d95 | Write file or device (Write 3474 bytes on handle 6)
2018-12-17T21:51:18.06384673Z 66 PC: 12ff2 | Move file pointer
2018-12-17T21:51:18.066477972Z 64 PC: 13009 | Write file or device (Write 24 bytes on handle 6)
2018-12-17T21:51:18.069306431Z 87 PC: 13026 | Get or set file date and time
2018-12-17T21:51:18.071059916Z 62 PC: 13340 | Close file
2018-12-17T21:51:18.079350481Z 86 PC: 1335b | Rename file
2018-12-17T21:51:18.090542081Z 37 PC: 13362 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:51:18.091984472Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.095918613Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.098633119Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.101349111Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.104942471Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.10820073Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.111146827Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.115950853Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.118726349Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.121273283Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.12490779Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.127991561Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.131017302Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.135222455Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.138981708Z 63 PC: 12e93 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T21:51:18.141429764Z 62 PC: 12f12 | Close file
2018-12-17T21:51:18.144424609Z 61 PC: 12e80 | Open file (Filename = 'D:\CONFIG.SYS')
2018-12-17T21:51:18.147953795Z 61 PC: 12e80 | Open file (Filename = 'E:\CONFIG.SYS')
2018-12-17T21:51:18.150967468Z 61 PC: 12e80 | Open file (Filename = 'F:\CONFIG.SYS')
2018-12-17T21:51:18.155387734Z 61 PC: 12e80 | Open file (Filename = 'G:\CONFIG.SYS')
2018-12-17T21:51:18.158440022Z 61 PC: 12e80 | Open file (Filename = 'H:\CONFIG.SYS')
2018-12-17T21:51:18.161353675Z 61 PC: 12e80 | Open file (Filename = 'I:\CONFIG.SYS')
2018-12-17T21:51:18.165230119Z 61 PC: 12e80 | Open file (Filename = 'J:\CONFIG.SYS')
2018-12-17T21:51:18.167863374Z 61 PC: 12e80 | Open file (Filename = 'K:\CONFIG.SYS')
2018-12-17T21:51:18.170620784Z 61 PC: 12e80 | Open file (Filename = 'L:\CONFIG.SYS')
2018-12-17T21:51:18.17342765Z 61 PC: 12e80 | Open file (Filename = 'M:\CONFIG.SYS')
2018-12-17T21:51:18.177263959Z 61 PC: 12e80 | Open file (Filename = 'N:\CONFIG.SYS')
2018-12-17T21:51:18.179977769Z 61 PC: 12e80 | Open file (Filename = 'O:\CONFIG.SYS')
2018-12-17T21:51:18.182875608Z 61 PC: 12e80 | Open file (Filename = 'P:\CONFIG.SYS')
2018-12-17T21:51:18.186761859Z 61 PC: 12e80 | Open file (Filename = 'Q:\CONFIG.SYS')
2018-12-17T21:51:18.189420621Z 61 PC: 12e80 | Open file (Filename = 'R:\CONFIG.SYS')
2018-12-17T21:51:18.192017575Z 61 PC: 12e80 | Open file (Filename = 'S:\CONFIG.SYS')
2018-12-17T21:51:18.196556404Z 61 PC: 12e80 | Open file (Filename = 'T:\CONFIG.SYS')
2018-12-17T21:51:18.19922759Z 61 PC: 12e80 | Open file (Filename = 'U:\CONFIG.SYS')
2018-12-17T21:51:18.201930788Z 61 PC: 12e80 | Open file (Filename = 'V:\CONFIG.SYS')
2018-12-17T21:51:18.205481419Z 61 PC: 12e80 | Open file (Filename = 'W:\CONFIG.SYS')
2018-12-17T21:51:18.208925516Z 61 PC: 12e80 | Open file (Filename = 'X:\CONFIG.SYS')
2018-12-17T21:51:18.211576123Z 61 PC: 12e80 | Open file (Filename = 'Y:\CONFIG.SYS')
2018-12-17T21:51:18.215112416Z 61 PC: 12e80 | Open file (Filename = 'Z:\CONFIG.SYS')
2018-12-17T21:51:18.218523646Z 37 PC: 12f1f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')