Sample viewer

vx.netlux.org/Virus.DOS.VCL_MUT.Stupid.2563

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:55:40.434782695Z	47	PC: 12a72 \| Get disk transfer address
2018-12-17T22:55:40.435980153Z	26	PC: 12a7c \| Set disk transfer address
2018-12-17T22:55:40.438341269Z	42	PC: 12e18 \| Get date 0x12e18: mov al, dl 0x12e1a: cwde 0x12e1b: ret 0x12e1c: push bp 0x12e1d: mov bp, di 0x12e1f: lea si, word ptr [bp + 0x527] 0x12e23: xor ah, ah 0x12e25: int 0x1a 0x12e27: mov word ptr [si + 9], dx 0x12e2a: xor byte ptr [si + 1], 8 0x12e2e: xor byte ptr [si + 8], 1 0x12e32: xor word ptr [si + 0xb], 0x101 0x12e37: lea di, word ptr [bp + 0xb06] 0x12e3b: mov cx, 0x5de 0x12e3e: push si 0x12e3f: push cx 0x12e40: rep movsb byte ptr es:[di], byte ptr [si] 0x12e42: lea si, word ptr [bp + 0x522] 0x12e46: mov cx, 5 0x12e49: rep movsb byte ptr es:[di], byte ptr [si]
2018-12-17T22:55:40.440823753Z	71	PC: 12c76 \| Get current directory
2018-12-17T22:55:40.44393595Z	59	PC: 12c7e \| Change current directory
2018-12-17T22:55:40.450136403Z	47	PC: 12c93 \| Get disk transfer address
2018-12-17T22:55:40.451275505Z	26	PC: 12ca3 \| Set disk transfer address
2018-12-17T22:55:40.452355041Z	78	PC: 12cae \| Find first file
2018-12-17T22:55:40.460586927Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.464110309Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.468071678Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.472077258Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.474969181Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.478017759Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.481093648Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.484511224Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.487560639Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.490559028Z	47	PC: 12d2b \| Get disk transfer address
2018-12-17T22:55:40.493149572Z	78	PC: 12d14 \| Find first file
2018-12-17T22:55:40.499689455Z	26	PC: 12d3f \| Set disk transfer address
2018-12-17T22:55:40.500995598Z	78	PC: 12d47 \| Find first file
2018-12-17T22:55:40.507853431Z	47	PC: 12d5f \| Get disk transfer address
2018-12-17T22:55:40.509985259Z	61	PC: 12d78 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:55:40.51795455Z	63	PC: 12d84 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:40.527079982Z	66	PC: 12d8e \| Move file pointer
2018-12-17T22:55:40.529411144Z	62	PC: 12d9a \| Close file
2018-12-17T22:55:40.531873671Z	67	PC: 12dba \| Get or set file attributes
2018-12-17T22:55:40.552217287Z	61	PC: 12dbf \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:55:40.560914622Z	64	PC: 12dcb \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:40.564933999Z	66	PC: 12dd5 \| Move file pointer
2018-12-17T22:55:40.567095183Z	64	PC: 12de0 \| Write file or device (Write 2563 bytes on handle 5)
2018-12-17T22:55:40.577357936Z	87	PC: 12deb \| Get or set file date and time
2018-12-17T22:55:40.578972448Z	62	PC: 12def \| Close file
2018-12-17T22:55:40.587369529Z	67	PC: 12dfc \| Get or set file attributes
2018-12-17T22:55:40.599360475Z	26	PC: 12d59 \| Set disk transfer address
2018-12-17T22:55:40.601459347Z	26	PC: 12ce8 \| Set disk transfer address
2018-12-17T22:55:40.603068385Z	59	PC: 12c88 \| Change current directory
2018-12-17T22:55:40.60791541Z	71	PC: 12c76 \| Get current directory
2018-12-17T22:55:40.612091666Z	59	PC: 12c7e \| Change current directory
2018-12-17T22:55:40.616612442Z	47	PC: 12c93 \| Get disk transfer address
2018-12-17T22:55:40.619007291Z	26	PC: 12ca3 \| Set disk transfer address
2018-12-17T22:55:40.620414718Z	78	PC: 12cae \| Find first file
2018-12-17T22:55:40.627077814Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.630687945Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.633969894Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.637165628Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.640900177Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.644374832Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.647462156Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.650802925Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.653794364Z	79	PC: 12cd6 \| Find next file
2018-12-17T22:55:40.656679081Z	47	PC: 12d2b \| Get disk transfer address
2018-12-17T22:55:40.659128958Z	78	PC: 12d14 \| Find first file
2018-12-17T22:55:40.666073181Z	26	PC: 12d3f \| Set disk transfer address
2018-12-17T22:55:40.667333873Z	78	PC: 12d47 \| Find first file
2018-12-17T22:55:40.675054409Z	47	PC: 12d5f \| Get disk transfer address
2018-12-17T22:55:40.677250622Z	61	PC: 12d78 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:55:40.684456111Z	63	PC: 12d84 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:40.691462572Z	66	PC: 12d8e \| Move file pointer
2018-12-17T22:55:40.693915683Z	62	PC: 12d9a \| Close file
2018-12-17T22:55:40.696038598Z	79	PC: 12d47 \| Find next file
2018-12-17T22:55:40.699051189Z	47	PC: 12d5f \| Get disk transfer address
2018-12-17T22:55:40.700845473Z	61	PC: 12d78 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:55:40.708060442Z	63	PC: 12d84 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:40.716021884Z	66	PC: 12d8e \| Move file pointer
2018-12-17T22:55:40.718052886Z	62	PC: 12d9a \| Close file
2018-12-17T22:55:40.72002203Z	67	PC: 12dba \| Get or set file attributes
2018-12-17T22:55:40.731053001Z	61	PC: 12dbf \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:55:40.739252921Z	64	PC: 12dcb \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:40.742382558Z	66	PC: 12dd5 \| Move file pointer
2018-12-17T22:55:40.743940567Z	64	PC: 12de0 \| Write file or device (Write 2563 bytes on handle 5)
2018-12-17T22:55:40.753607502Z	87	PC: 12deb \| Get or set file date and time
2018-12-17T22:55:40.755379271Z	62	PC: 12def \| Close file
2018-12-17T22:55:40.763643698Z	67	PC: 12dfc \| Get or set file attributes
2018-12-17T22:55:40.774911763Z	26	PC: 12d59 \| Set disk transfer address
2018-12-17T22:55:40.777790532Z	26	PC: 12ce8 \| Set disk transfer address
2018-12-17T22:55:40.779711387Z	59	PC: 12c88 \| Change current directory
2018-12-17T22:55:40.782310197Z	42	PC: 12e18 \| Get date 0x12e18: mov al, dl 0x12e1a: cwde 0x12e1b: ret 0x12e1c: push bp 0x12e1d: mov bp, di 0x12e1f: lea si, word ptr [bp + 0x527] 0x12e23: xor ah, ah 0x12e25: int 0x1a 0x12e27: mov word ptr [si + 9], dx 0x12e2a: xor byte ptr [si + 1], 8 0x12e2e: xor byte ptr [si + 8], 1 0x12e32: xor word ptr [si + 0xb], 0x101 0x12e37: lea di, word ptr [bp + 0xb06] 0x12e3b: mov cx, 0x5de 0x12e3e: push si 0x12e3f: push cx 0x12e40: rep movsb byte ptr es:[di], byte ptr [si] 0x12e42: lea si, word ptr [bp + 0x522] 0x12e46: mov cx, 5 0x12e49: rep movsb byte ptr es:[di], byte ptr [si]
2018-12-17T22:55:40.786224873Z	26	PC: 12b1c \| Set disk transfer address