Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.Popov.777

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:00:24.738333742Z	44	PC: 12b38 \| Get time 0x12b38: cmp byte ptr [0x107], 0 0x12b3d: je 0x12b44 0x12b3f: cmp dh, 0xf 0x12b42: jg 0x12b4d 0x12b44: cmp dl, 0 0x12b47: je 0x12b34 0x12b49: mov byte ptr [0x107], dl 0x12b4d: mov byte ptr [0x1e9], 0 0x12b52: mov byte ptr [0x1ea], 4 0x12b57: mov byte ptr [0x1f3], 0 0x12b5c: mov cx, 0x27 0x12b5f: mov dx, 0x134 0x12b62: mov ah, 0x4e 0x12b64: int 0x21 0x12b66: cmp ax, 0x12 0x12b69: je 0x12b6e 0x12b6b: call 0x12b90 0x12b6e: mov cx, 0x27 0x12b71: mov dx, 0x13a 0x12b74: mov ah, 0x4e
2018-12-17T22:00:24.740806531Z	78	PC: 12b66 \| Find first file
2018-12-17T22:00:24.746334587Z	78	PC: 12b78 \| Find first file
2018-12-17T22:00:24.75177567Z	67	PC: 12bb1 \| Get or set file attributes
2018-12-17T22:00:24.768098897Z	61	PC: 12bb7 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:00:24.774968797Z	63	PC: 12bc6 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:00:24.781255908Z	62	PC: 12bfa \| Close file
2018-12-17T22:00:24.783855388Z	61	PC: 12c03 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:00:24.790736486Z	64	PC: 12a5c \| Write file or device (Write 777 bytes on handle 5)
2018-12-17T22:00:24.79894674Z	87	PC: 12c2b \| Get or set file date and time
2018-12-17T22:00:24.800736067Z	62	PC: 12c33 \| Close file
2018-12-17T22:00:24.808907285Z	67	PC: 12c40 \| Get or set file attributes
2018-12-17T22:00:24.814185667Z	79	PC: 12bea \| Find next file
2018-12-17T22:00:24.816930731Z	67	PC: 12bb1 \| Get or set file attributes
2018-12-17T22:00:24.827035561Z	61	PC: 12bb7 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:00:24.833330662Z	63	PC: 12bc6 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:00:24.83985019Z	62	PC: 12bfa \| Close file
2018-12-17T22:00:24.841956549Z	61	PC: 12c03 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:00:24.848771932Z	64	PC: 12a5c \| Write file or device (Write 777 bytes on handle 5)
2018-12-17T22:00:24.856788266Z	87	PC: 12c2b \| Get or set file date and time
2018-12-17T22:00:24.865331016Z	62	PC: 12c33 \| Close file
2018-12-17T22:00:24.873420166Z	67	PC: 12c40 \| Get or set file attributes
2018-12-17T22:00:24.878639308Z	79	PC: 12bea \| Find next file
2018-12-17T22:00:24.881490089Z	67	PC: 12bb1 \| Get or set file attributes
2018-12-17T22:00:24.891015539Z	61	PC: 12bb7 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:00:24.895620268Z	63	PC: 12bc6 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:00:24.900969113Z	62	PC: 12bfa \| Close file
2018-12-17T22:00:24.902331751Z	61	PC: 12c03 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:00:24.909205371Z	64	PC: 12a5c \| Write file or device (Write 777 bytes on handle 5)
2018-12-17T22:00:24.918139987Z	87	PC: 12c2b \| Get or set file date and time
2018-12-17T22:00:24.91954193Z	62	PC: 12c33 \| Close file
2018-12-17T22:00:24.927310129Z	67	PC: 12c40 \| Get or set file attributes
2018-12-17T22:00:24.9323313Z	79	PC: 12bea \| Find next file
2018-12-17T22:00:24.935015462Z	67	PC: 12bb1 \| Get or set file attributes
2018-12-17T22:00:24.947326042Z	61	PC: 12bb7 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:00:24.954302659Z	63	PC: 12bc6 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:00:24.960730892Z	62	PC: 12bfa \| Close file
2018-12-17T22:00:24.962370501Z	61	PC: 12c03 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:00:24.969972474Z	64	PC: 12a5c \| Write file or device (Write 777 bytes on handle 5)
2018-12-17T22:00:24.979071174Z	87	PC: 12c2b \| Get or set file date and time
2018-12-17T22:00:24.980458742Z	62	PC: 12c33 \| Close file
2018-12-17T22:00:24.988169161Z	67	PC: 12c40 \| Get or set file attributes
2018-12-17T22:00:24.992970939Z	9	PC: 12c6e \| Display string (String= ' Privet iz Khanti-Mansiyska')
2018-12-17T22:00:24.997636635Z	76	PC: 12c72 \| Terminate with return code (Return code = '36')