Sample viewer

vx.netlux.org/Virus.DOS.SillyC.281.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:54:42.953357306Z	42	PC: 12a4b \| Get date 0x12a4b: cmp dh, 3 0x12a4e: jne 0x12a67 0x12a50: sti 0x12a51: mov ax, cs 0x12a53: mov es, ax 0x12a55: mov bx, 0x219 0x12a58: mov ah, 3 0x12a5a: mov al, 2 0x12a5c: mov ch, 0 0x12a5e: mov cl, 1 0x12a60: mov dh, 0 0x12a62: mov dl, 0x80 0x12a64: int 0x13 0x12a66: cli 0x12a67: popf 0x12a68: popaw 0x12a69: sti 0x12a6a: mov ax, cs 0x12a6c: add ah, 0x10 0x12a6f: mov es, ax
2018-12-17T22:54:42.956067167Z	25	PC: 12a7e \| Get default drive
2018-12-17T22:54:42.95760118Z	71	PC: 12a8c \| Get current directory
2018-12-17T22:54:42.960676488Z	14	PC: 12a94 \| Set default drive (Drive = 'C')
2018-12-17T22:54:42.962540304Z	59	PC: 12a9b \| Change current directory
2018-12-17T22:54:42.967011804Z	26	PC: 12aa2 \| Set disk transfer address
2018-12-17T22:54:42.968398345Z	78	PC: 12ab3 \| Find first file
2018-12-17T22:54:42.973897008Z	61	PC: 12abf \| Open file (Filename = '')
2018-12-17T22:54:42.982326071Z	63	PC: 12ac8 \| Read file or device (Read 65054 bytes on handle 5)
2018-12-17T22:54:43.008087495Z	87	PC: 12ad7 \| Get or set file date and time
2018-12-17T22:54:43.009969751Z	66	PC: 12aeb \| Move file pointer
2018-12-17T22:54:43.014920258Z	64	PC: 12af0 \| Write file or device (Write 54926 bytes on handle 5)
2018-12-17T22:54:43.693460658Z	87	PC: 12b01 \| Get or set file date and time
2018-12-17T22:54:43.695281957Z	62	PC: 12b06 \| Close file
2018-12-17T22:54:43.702914168Z	14	PC: 12b11 \| Set default drive (Drive = 'A')
2018-12-17T22:54:43.70452164Z	59	PC: 12b18 \| Change current directory
2018-12-17T22:54:43.709267818Z	42	PC: 12a4b \| Get date 0x12a4b: cmp dh, 3 0x12a4e: jne 0x12a67 0x12a50: sti 0x12a51: mov ax, cs 0x12a53: mov es, ax 0x12a55: mov bx, 0x219 0x12a58: mov ah, 3 0x12a5a: mov al, 2 0x12a5c: mov ch, 0 0x12a5e: mov cl, 1 0x12a60: mov dh, 0 0x12a62: mov dl, 0x80 0x12a64: int 0x13 0x12a66: cli 0x12a67: popf 0x12a68: popaw 0x12a69: sti 0x12a6a: mov ax, cs 0x12a6c: add ah, 0x10 0x12a6f: mov es, ax
2018-12-17T22:54:43.712052459Z	25	PC: 12a7e \| Get default drive
2018-12-17T22:54:43.713882061Z	71	PC: 12a8c \| Get current directory
2018-12-17T22:54:43.717059452Z	14	PC: 12a94 \| Set default drive (Drive = 'C')
2018-12-17T22:54:43.718640357Z	59	PC: 12a9b \| Change current directory
2018-12-17T22:54:43.723526294Z	26	PC: 12aa2 \| Set disk transfer address
2018-12-17T22:54:43.724983543Z	78	PC: 12ab3 \| Find first file
2018-12-17T22:54:43.730635123Z	61	PC: 12abf \| Open file (Filename = 'COMMAND.COM')
2018-12-17T22:54:43.738578621Z	63	PC: 12ac8 \| Read file or device (Read 65054 bytes on handle 5)
2018-12-17T22:54:43.752801638Z	62	PC: 12aad \| Close file
2018-12-17T22:54:43.75461475Z	79	PC: 12ab3 \| Find next file
2018-12-17T22:54:43.766716926Z	14	PC: 12b11 \| Set default drive (Drive = 'A')
2018-12-17T22:54:43.774658959Z	59	PC: 12b18 \| Change current directory
2018-12-17T22:54:43.780270952Z	9	PC: 12aa2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11648,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:30:59.551091877Z	42	PC: 12a4b \| Get date 0x12a4b: cmp dh, 3 0x12a4e: jne 0x12a67 0x12a50: sti 0x12a51: mov ax, cs 0x12a53: mov es, ax 0x12a55: mov bx, 0x219 0x12a58: mov ah, 3 0x12a5a: mov al, 2 0x12a5c: mov ch, 0 0x12a5e: mov cl, 1 0x12a60: mov dh, 0 0x12a62: mov dl, 0x80 0x12a64: int 0x13 0x12a66: cli 0x12a67: popf 0x12a68: popaw 0x12a69: sti 0x12a6a: mov ax, cs 0x12a6c: add ah, 0x10 0x12a6f: mov es, ax
2018-12-25T12:30:59.567556707Z	25	PC: 12a7e \| Get default drive
2018-12-25T12:30:59.569697014Z	71	PC: 12a8c \| Get current directory
2018-12-25T12:30:59.573483195Z	14	PC: 12a94 \| Set default drive (Drive = 'C')
2018-12-25T12:30:59.575873199Z	59	PC: 12a9b \| Change current directory
2018-12-25T12:30:59.579657281Z	26	PC: 12aa2 \| Set disk transfer address
2018-12-25T12:30:59.580921616Z	78	PC: 12ab3 \| Find first file
2018-12-25T12:30:59.589156376Z	61	PC: 12abf \| Open file (Filename = '')
2018-12-25T12:30:59.606376717Z	63	PC: 12ac8 \| Read file or device (Read 65054 bytes on handle 5)
2018-12-25T12:30:59.640364285Z	87	PC: 12ad7 \| Get or set file date and time
2018-12-25T12:30:59.642824031Z	66	PC: 12aeb \| Move file pointer
2018-12-25T12:30:59.644490479Z	64	PC: 12af0 \| Write file or device (Write 54926 bytes on handle 5)
2018-12-25T12:30:59.995460243Z	87	PC: 12b01 \| Get or set file date and time
2018-12-25T12:30:59.998177148Z	62	PC: 12b06 \| Close file
2018-12-25T12:31:00.017577077Z	14	PC: 12b11 \| Set default drive (Drive = 'A')
2018-12-25T12:31:00.019673182Z	59	PC: 12b18 \| Change current directory
2018-12-25T12:31:00.023862735Z	42	PC: 12a4b \| Get date (See above)
2018-12-25T12:31:00.027274051Z	25	PC: 12a7e \| Get default drive (See above)
2018-12-25T12:31:00.028591077Z	71	PC: 12a8c \| Get current directory (See above)
2018-12-25T12:31:00.031957608Z	14	PC: 12a94 \| Set default drive (See above)
2018-12-25T12:31:00.034425123Z	59	PC: 12a9b \| Change current directory (See above)
2018-12-25T12:31:00.038399836Z	26	PC: 12aa2 \| Set disk transfer address (See above)
2018-12-25T12:31:00.039648166Z	78	PC: 12ab3 \| Find first file (See above)
2018-12-25T12:31:00.057199113Z	61	PC: 12abf \| Open file (See above)
2018-12-25T12:31:00.071440711Z	63	PC: 12ac8 \| Read file or device (See above)
2018-12-25T12:31:00.085417603Z	62	PC: 12aad \| Close file
2018-12-25T12:31:00.087833165Z	79	PC: 12ab3 \| Find next file (See above)
2018-12-25T12:31:00.090097893Z	14	PC: 12b11 \| Set default drive (See above)
2018-12-25T12:31:00.092026883Z	59	PC: 12b18 \| Change current directory (See above)
2018-12-25T12:31:00.100628794Z	9	PC: 12aa2 \| Display string (See above)

{"DateBased":true,"Day":1,"Month":3,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11648,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:31:00.830503589Z	42	PC: 12a4b \| Get date 0x12a4b: cmp dh, 3 0x12a4e: jne 0x12a67 0x12a50: sti 0x12a51: mov ax, cs 0x12a53: mov es, ax 0x12a55: mov bx, 0x219 0x12a58: mov ah, 3 0x12a5a: mov al, 2 0x12a5c: mov ch, 0 0x12a5e: mov cl, 1 0x12a60: mov dh, 0 0x12a62: mov dl, 0x80 0x12a64: int 0x13 0x12a66: cli 0x12a67: popf 0x12a68: popaw 0x12a69: sti 0x12a6a: mov ax, cs 0x12a6c: add ah, 0x10 0x12a6f: mov es, ax
2018-12-25T12:31:01.182456024Z	25	PC: 12a7e \| Get default drive
2018-12-25T12:31:01.197613409Z	71	PC: 12a8c \| Get current directory
2018-12-25T12:31:01.201539921Z	14	PC: 12a94 \| Set default drive (Drive = 'C')
2018-12-25T12:31:01.204339189Z	59	PC: 12a9b \| Change current directory
2018-12-25T12:31:01.209689396Z	26	PC: 12aa2 \| Set disk transfer address
2018-12-25T12:31:01.212219376Z	78	PC: 12ab3 \| Find first file
2018-12-25T12:31:01.224747991Z	61	PC: 12abf \| Open file (Filename = '')
2018-12-25T12:31:01.236381777Z	63	PC: 12ac8 \| Read file or device (Read 65054 bytes on handle 5)
2018-12-25T12:31:01.268564446Z	87	PC: 12ad7 \| Get or set file date and time
2018-12-25T12:31:01.270328097Z	66	PC: 12aeb \| Move file pointer
2018-12-25T12:31:01.275671624Z	64	PC: 12af0 \| Write file or device (Write 54926 bytes on handle 5)
2018-12-25T12:31:01.29333341Z	87	PC: 12b01 \| Get or set file date and time
2018-12-25T12:31:01.309933659Z	62	PC: 12b06 \| Close file
2018-12-25T12:31:01.318338951Z	14	PC: 12b11 \| Set default drive (Drive = 'A')
2018-12-25T12:31:01.319813618Z	59	PC: 12b18 \| Change current directory
2018-12-25T12:31:01.326095713Z	42	PC: 12a4b \| Get date (See above)
2018-12-25T12:31:01.332424447Z	25	PC: 12a7e \| Get default drive (See above)
2018-12-25T12:31:01.335222324Z	71	PC: 12a8c \| Get current directory (See above)
2018-12-25T12:31:01.34041753Z	14	PC: 12a94 \| Set default drive (See above)
2018-12-25T12:31:01.342051247Z	59	PC: 12a9b \| Change current directory (See above)
2018-12-25T12:31:01.346894239Z	26	PC: 12aa2 \| Set disk transfer address (See above)
2018-12-25T12:31:01.348311977Z	78	PC: 12ab3 \| Find first file (See above)
2018-12-25T12:31:01.352867351Z	61	PC: 12abf \| Open file (See above)
2018-12-25T12:31:01.361115096Z	63	PC: 12ac8 \| Read file or device (See above)
2018-12-25T12:31:01.376596788Z	62	PC: 12aad \| Close file
2018-12-25T12:31:01.37945151Z	79	PC: 12ab3 \| Find next file (See above)
2018-12-25T12:31:01.383648424Z	14	PC: 12b11 \| Set default drive (See above)
2018-12-25T12:31:01.385462153Z	59	PC: 12b18 \| Change current directory (See above)
2018-12-25T12:31:01.391954817Z	9	PC: 12aa2 \| Display string (See above)