Sample viewer

vx.netlux.org/Virus.DOS.Rape.Paradis.306.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:55:20.556207001Z	26	PC: 12a92 \| Set disk transfer address
2018-12-17T22:55:20.557829068Z	78	PC: 12a9b \| Find first file
2018-12-17T22:55:20.565671551Z	67	PC: 12aa8 \| Get or set file attributes
2018-12-17T22:55:20.571027385Z	61	PC: 12ab1 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:55:20.578331662Z	63	PC: 12ac0 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:55:20.58970725Z	66	PC: 12ad2 \| Move file pointer
2018-12-17T22:55:20.606783536Z	64	PC: 12a6a \| Write file or device (Write 306 bytes on handle 5)
2018-12-17T22:55:20.622584531Z	66	PC: 12ae9 \| Move file pointer
2018-12-17T22:55:20.625223518Z	64	PC: 12af5 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:55:20.647107685Z	62	PC: 12afb \| Close file
2018-12-17T22:55:20.666065802Z	79	PC: 12a9b \| Find next file
2018-12-17T22:55:20.670415193Z	67	PC: 12aa8 \| Get or set file attributes
2018-12-17T22:55:20.6764131Z	61	PC: 12ab1 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:55:20.683759331Z	63	PC: 12ac0 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:55:20.691521931Z	66	PC: 12ad2 \| Move file pointer
2018-12-17T22:55:20.694464149Z	64	PC: 12a6a \| Write file or device (Write 306 bytes on handle 5)
2018-12-17T22:55:20.698038773Z	66	PC: 12ae9 \| Move file pointer
2018-12-17T22:55:20.699942184Z	64	PC: 12af5 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:55:20.703658945Z	62	PC: 12afb \| Close file
2018-12-17T22:55:20.712441647Z	79	PC: 12a9b \| Find next file
2018-12-17T22:55:20.715774045Z	67	PC: 12aa8 \| Get or set file attributes
2018-12-17T22:55:20.726716168Z	61	PC: 12ab1 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:55:20.741552086Z	63	PC: 12ac0 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:55:20.749146509Z	66	PC: 12ad2 \| Move file pointer
2018-12-17T22:55:20.751255845Z	64	PC: 12a6a \| Write file or device (Write 306 bytes on handle 5)
2018-12-17T22:55:20.755672549Z	66	PC: 12ae9 \| Move file pointer
2018-12-17T22:55:20.757725308Z	64	PC: 12af5 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:55:20.761146991Z	62	PC: 12afb \| Close file
2018-12-17T22:55:20.78236699Z	79	PC: 12a9b \| Find next file
2018-12-17T22:55:20.785116496Z	67	PC: 12aa8 \| Get or set file attributes
2018-12-17T22:55:20.790690054Z	61	PC: 12ab1 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:55:20.799521797Z	63	PC: 12ac0 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:55:20.807042885Z	66	PC: 12ad2 \| Move file pointer
2018-12-17T22:55:20.808896675Z	64	PC: 12a6a \| Write file or device (Write 306 bytes on handle 5)
2018-12-17T22:55:20.814295543Z	66	PC: 12ae9 \| Move file pointer
2018-12-17T22:55:20.816319957Z	64	PC: 12af5 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:55:20.819687991Z	62	PC: 12afb \| Close file
2018-12-17T22:55:20.82983098Z	79	PC: 12a9b \| Find next file
2018-12-17T22:55:20.8333224Z	67	PC: 12aa8 \| Get or set file attributes
2018-12-17T22:55:20.838569219Z	61	PC: 12ab1 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:55:20.85311566Z	63	PC: 12ac0 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:55:20.860480094Z	66	PC: 12ad2 \| Move file pointer
2018-12-17T22:55:20.862347213Z	64	PC: 12a6a \| Write file or device (Write 306 bytes on handle 5)
2018-12-17T22:55:20.86600376Z	66	PC: 12ae9 \| Move file pointer
2018-12-17T22:55:20.868358671Z	64	PC: 12af5 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:55:20.871675345Z	62	PC: 12afb \| Close file
2018-12-17T22:55:20.880451283Z	79	PC: 12a9b \| Find next file
2018-12-17T22:55:20.884315511Z	67	PC: 12aa8 \| Get or set file attributes
2018-12-17T22:55:20.889482241Z	61	PC: 12ab1 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:55:20.896931638Z	63	PC: 12ac0 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:55:20.904971649Z	66	PC: 12ad2 \| Move file pointer
2018-12-17T22:55:20.906883818Z	64	PC: 12a6a \| Write file or device (Write 306 bytes on handle 5)
2018-12-17T22:55:20.916814966Z	66	PC: 12ae9 \| Move file pointer
2018-12-17T22:55:20.920228658Z	64	PC: 12af5 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:55:20.928031519Z	62	PC: 12afb \| Close file
2018-12-17T22:55:20.937871183Z	79	PC: 12a9b \| Find next file
2018-12-17T22:55:20.942155481Z	67	PC: 12aa8 \| Get or set file attributes
2018-12-17T22:55:20.947482398Z	61	PC: 12ab1 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:55:20.95506748Z	63	PC: 12ac0 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:55:20.962646353Z	66	PC: 12ad2 \| Move file pointer
2018-12-17T22:55:20.96605067Z	64	PC: 12a6a \| Write file or device (Write 306 bytes on handle 5)
2018-12-17T22:55:20.969796723Z	66	PC: 12ae9 \| Move file pointer
2018-12-17T22:55:20.971982938Z	64	PC: 12af5 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:55:20.976527882Z	62	PC: 12afb \| Close file
2018-12-17T22:55:20.986317665Z	79	PC: 12a9b \| Find next file
2018-12-17T22:55:20.989889797Z	67	PC: 12aa8 \| Get or set file attributes
2018-12-17T22:55:20.996455485Z	61	PC: 12ab1 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:55:21.004021708Z	63	PC: 12ac0 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:55:21.011519781Z	79	PC: 12a9b \| Find next file
2018-12-17T22:55:21.015704664Z	44	PC: 12b03 \| Get time 0x12b03: cmp dl, 5 0x12b06: ja 0x12b2f 0x12b08: jmp 0x12b0b 0x12b0a: nop 0x12b0b: mov ah, 0x2c 0x12b0d: int 0x21 0x12b0f: cmp dl, 0x50 0x12b12: ja 0x12b17 0x12b14: jmp 0x12b23 0x12b16: nop 0x12b17: cli 0x12b18: mov ah, 2 0x12b1a: cdq 0x12b1b: mov cx, 0x100 0x12b1e: int 0x26 0x12b20: jmp 0x12b2f 0x12b22: nop 0x12b23: cli 0x12b24: mov ah, 3 0x12b26: cdq