Sample viewer

vx.netlux.org/Virus.DOS.ZzTop.429

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:54:50.527908303Z 42 PC: 12a6b | Get date 0x12a6b: mov word ptr es:[0x83], cx
0x12a70: mov word ptr es:[0x85], dx
0x12a75: push es
0x12a76: push ds
0x12a77: pop es
0x12a78: mov si, 0x283
0x12a7b: call 0x12aab
0x12a7e: mov si, 0x189
0x12a81: call 0x12aab
0x12a84: mov ax, 0x3524
0x12a87: int 0x21
0x12a89: mov word ptr [0x191], bx
0x12a8d: mov word ptr [0x193], es
0x12a91: mov dx, 0x197
0x12a94: mov ax, 0x2524
0x12a97: int 0x21
0x12a99: pop es
0x12a9a: mov dx, 0x100
0x12a9d: mov ah, 0x1a
0x12a9f: int 0x21
2018-12-17T22:54:50.530604415Z 53 PC: 12a89 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:50.533219444Z 37 PC: 12a99 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:50.534825305Z 26 PC: 12aa1 | Set disk transfer address
2018-12-17T22:54:50.536343721Z 78 PC: 12b2b | Find first file
2018-12-17T22:54:50.544076738Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:50.55166399Z 63 PC: 12b21 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:54:50.559253527Z 62 PC: 12aff | Close file
2018-12-17T22:54:50.562281033Z 67 PC: 12b4a | Get or set file attributes
2018-12-17T22:54:50.569815987Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:50.587262266Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:50.601105166Z 64 PC: 12b69 | Write file or device (Write 836 bytes on handle 5)
2018-12-17T22:54:50.610008374Z 62 PC: 12aff | Close file
2018-12-17T22:54:50.618742955Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:50.625170617Z 79 PC: 12b83 | Find next file
2018-12-17T22:54:50.629293272Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:50.636597803Z 63 PC: 12b21 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:54:50.643845195Z 62 PC: 12aff | Close file
2018-12-17T22:54:50.646993538Z 67 PC: 12b4a | Get or set file attributes
2018-12-17T22:54:50.653544682Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:50.667365761Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:50.675728773Z 64 PC: 12b69 | Write file or device (Write 456 bytes on handle 5)
2018-12-17T22:54:50.683133292Z 62 PC: 12aff | Close file
2018-12-17T22:54:50.691600079Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:50.699004087Z 79 PC: 12b83 | Find next file
2018-12-17T22:54:50.702060546Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:50.709335812Z 63 PC: 12b21 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:54:50.717631608Z 62 PC: 12aff | Close file
2018-12-17T22:54:50.721353489Z 67 PC: 12b4a | Get or set file attributes
2018-12-17T22:54:50.728329703Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:50.739182738Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:50.747323131Z 64 PC: 12b69 | Write file or device (Write 521 bytes on handle 5)
2018-12-17T22:54:50.756298656Z 62 PC: 12aff | Close file
2018-12-17T22:54:50.765185934Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:50.772629667Z 79 PC: 12b83 | Find next file
2018-12-17T22:54:50.775643697Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:50.782867124Z 63 PC: 12b21 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:54:50.791167358Z 62 PC: 12aff | Close file
2018-12-17T22:54:50.793186226Z 67 PC: 12b4a | Get or set file attributes
2018-12-17T22:54:50.799388293Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:50.810616565Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:50.818110773Z 64 PC: 12b69 | Write file or device (Write 458 bytes on handle 5)
2018-12-17T22:54:50.82147944Z 62 PC: 12aff | Close file
2018-12-17T22:54:50.830609073Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:50.84180782Z 79 PC: 12b83 | Find next file
2018-12-17T22:54:50.844885109Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:50.858607172Z 63 PC: 12b21 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:54:50.865454713Z 62 PC: 12aff | Close file
2018-12-17T22:54:50.871015844Z 67 PC: 12b4a | Get or set file attributes
2018-12-17T22:54:50.878524178Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:50.889664204Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:50.896201832Z 64 PC: 12b69 | Write file or device (Write 458 bytes on handle 5)
2018-12-17T22:54:50.898622245Z 62 PC: 12aff | Close file
2018-12-17T22:54:50.907832712Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:50.919768314Z 79 PC: 12b83 | Find next file
2018-12-17T22:54:50.922860291Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:50.931620209Z 63 PC: 12b21 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:54:50.939035899Z 62 PC: 12aff | Close file
2018-12-17T22:54:50.94134882Z 67 PC: 12b4a | Get or set file attributes
2018-12-17T22:54:50.94867949Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:50.960203749Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:50.967607506Z 64 PC: 12b69 | Write file or device (Write 930 bytes on handle 5)
2018-12-17T22:54:50.977445272Z 62 PC: 12aff | Close file
2018-12-17T22:54:50.987426328Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:50.994055338Z 79 PC: 12b83 | Find next file
2018-12-17T22:54:50.997210283Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:51.005767881Z 63 PC: 12b21 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:54:51.013011436Z 62 PC: 12aff | Close file
2018-12-17T22:54:51.015477766Z 67 PC: 12b4a | Get or set file attributes
2018-12-17T22:54:51.022773981Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:51.034271259Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:51.047730727Z 64 PC: 12b69 | Write file or device (Write 458 bytes on handle 5)
2018-12-17T22:54:51.054554845Z 62 PC: 12aff | Close file
2018-12-17T22:54:51.063890677Z 67 PC: 12b0a | Get or set file attributes
2018-12-17T22:54:51.070542991Z 79 PC: 12b83 | Find next file
2018-12-17T22:54:51.074900147Z 61 PC: 12af3 | Open file (Filename = '�3��@�!�>��t��t����t�O�!�.���$%�!��')
2018-12-17T22:54:51.082177226Z 63 PC: 12b21 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:54:51.091325425Z 62 PC: 12aff | Close file
2018-12-17T22:54:51.094112698Z 79 PC: 12b83 | Find next file
2018-12-17T22:54:51.097733169Z 37 PC: 12b8f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:51.099492428Z 26 PC: 12b98 | Set disk transfer address
2018-12-17T22:54:51.101237922Z 42 PC: 12b9c | Get date 0x12b9c: cmp cx, word ptr [0x183]
0x12ba0: jb 0x12bb2
0x12ba2: cmp dx, word ptr [0x185]
0x12ba6: jb 0x12bb2
0x12ba8: mov si, 0x283
0x12bab: call 0x22ae0
0x12bae: xor ax, ax
0x12bb0: int 0x16
0x12bb2: mov si, 0x298
0x12bb5: mov cx, 0x2ad
0x12bb8: sub cx, si
0x12bba: xor di, di
0x12bbc: rep movsb byte ptr es:[di], byte ptr [si]
0x12bbe: xor ax, ax
0x12bc0: push es
0x12bc1: push ax
0x12bc2: retf
0x12bc3: pop es
0x12bc4: pop dx
0x12bc5: pop dx