Sample viewer

vx.netlux.org/Virus.DOS.Cossiga.883.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:55:43.546748903Z	26	PC: 12a5f \| Set disk transfer address
2018-12-17T22:55:43.548693991Z	71	PC: 12a68 \| Get current directory
2018-12-17T22:55:43.560333021Z	59	PC: 12a74 \| Change current directory
2018-12-17T22:55:43.565003053Z	78	PC: 12a7e \| Find first file
2018-12-17T22:55:43.571518947Z	78	PC: 12aa2 \| Find first file
2018-12-17T22:55:43.579220401Z	79	PC: 12ab1 \| Find next file
2018-12-17T22:55:43.582089617Z	79	PC: 12ab1 \| Find next file
2018-12-17T22:55:43.585178837Z	79	PC: 12ab1 \| Find next file
2018-12-17T22:55:43.589468072Z	79	PC: 12ab1 \| Find next file
2018-12-17T22:55:43.592961813Z	79	PC: 12ab1 \| Find next file
2018-12-17T22:55:43.596250538Z	79	PC: 12ab1 \| Find next file
2018-12-17T22:55:43.600307638Z	79	PC: 12ab1 \| Find next file
2018-12-17T22:55:43.603915012Z	79	PC: 12ab1 \| Find next file
2018-12-17T22:55:43.607017747Z	79	PC: 12ab1 \| Find next file
2018-12-17T22:55:43.609944872Z	42	PC: 12aba \| Get date 0x12aba: mov ax, si 0x12abc: and dl, al 0x12abe: mov bp, dx 0x12ac0: and bp, 0xff 0x12ac4: cmp bp, 0 0x12ac7: je 0x12ad5 0x12ac9: jmp 0x12a95 0x12acb: mov bp, 0 0x12ace: mov dx, 0x38e 0x12ad1: mov ah, 0x3b 0x12ad3: int 0x21 0x12ad5: mov si, 0 0x12ad8: mov cx, 0x20 0x12adb: mov dx, 0x3c0 0x12ade: mov ah, 0x4e 0x12ae0: int 0x21 0x12ae2: cmp ax, 0x12 0x12ae5: jne 0x12aeb 0x12ae7: inc bp 0x12ae8: jmp 0x12b62
2018-12-17T22:55:43.613424926Z	78	PC: 12ae2 \| Find first file
2018-12-17T22:55:43.626461083Z	79	PC: 12af4 \| Find next file
2018-12-17T22:55:43.629766009Z	78	PC: 12ae2 \| Find first file
2018-12-17T22:55:43.637375549Z	61	PC: 12b09 \| Open file (Filename = '')
2018-12-17T22:55:43.644795974Z	66	PC: 12b1e \| Move file pointer
2018-12-17T22:55:43.646708591Z	63	PC: 12b28 \| Read file or device (Read 8 bytes on handle 5)
2018-12-17T22:55:43.65482242Z	62	PC: 12b45 \| Close file
2018-12-17T22:55:43.657119961Z	78	PC: 12ae2 \| Find first file
2018-12-17T22:55:43.664078107Z	79	PC: 12af4 \| Find next file
2018-12-17T22:55:43.667911536Z	59	PC: 12c38 \| Change current directory
2018-12-17T22:55:43.67685223Z	59	PC: 12c3f \| Change current directory
2018-12-17T22:55:43.679241193Z	42	PC: 12c43 \| Get date 0x12c43: cmp cx, 0x7c7 0x12c47: jg 0x12c59 0x12c49: cmp dh, 0xa 0x12c4c: jge 0x12c51 0x12c4e: jmp 0x12c6b 0x12c50: nop 0x12c51: cmp dl, 0x11 0x12c54: jge 0x12c59 0x12c56: jmp 0x12c6b 0x12c58: nop 0x12c59: call 0x12c9a 0x12c5c: mov ax, 4 0x12c5f: int 0x10 0x12c61: mov ah, 9 0x12c63: mov dx, 0x3e2 0x12c66: int 0x21 0x12c68: jmp 0x12c96 0x12c6a: nop 0x12c6b: pop si 0x12c6c: pop bx
2018-12-17T22:55:43.689563616Z	9	PC: 12c68 \| Display string (String= '��COSSIGA ?! NO GRAZIE! By Amissi dee Panoce (c) 1991 PADOVA ')
2018-12-17T22:55:43.695977778Z	76	PC: 12c9a \| Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11982,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:31:42.293862058Z	26	PC: 12a5f \| Set disk transfer address
2018-12-25T12:31:42.295296939Z	71	PC: 12a68 \| Get current directory
2018-12-25T12:31:42.297762617Z	59	PC: 12a74 \| Change current directory
2018-12-25T12:31:42.301443542Z	78	PC: 12a7e \| Find first file
2018-12-25T12:31:42.312330293Z	78	PC: 12aa2 \| Find first file
2018-12-25T12:31:42.322631188Z	79	PC: 12ab1 \| Find next file
2018-12-25T12:31:42.325393062Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:42.328055351Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:42.331013108Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:42.349317731Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:42.352135967Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:42.355211648Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:42.357885042Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:42.360485361Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:42.363660583Z	42	PC: 12aba \| Get date 0x12aba: mov ax, si 0x12abc: and dl, al 0x12abe: mov bp, dx 0x12ac0: and bp, 0xff 0x12ac4: cmp bp, 0 0x12ac7: je 0x12ad5 0x12ac9: jmp 0x12a95 0x12acb: mov bp, 0 0x12ace: mov dx, 0x38e 0x12ad1: mov ah, 0x3b 0x12ad3: int 0x21 0x12ad5: mov si, 0 0x12ad8: mov cx, 0x20 0x12adb: mov dx, 0x3c0 0x12ade: mov ah, 0x4e 0x12ae0: int 0x21 0x12ae2: cmp ax, 0x12 0x12ae5: jne 0x12aeb 0x12ae7: inc bp 0x12ae8: jmp 0x12b62
2018-12-25T12:31:42.370735447Z	78	PC: 12ae2 \| Find first file
2018-12-25T12:31:42.376816904Z	79	PC: 12af4 \| Find next file
2018-12-25T12:31:42.379552124Z	78	PC: 12ae2 \| Find first file (See above)
2018-12-25T12:31:42.385181647Z	61	PC: 12b09 \| Open file (Filename = '')
2018-12-25T12:31:42.391553993Z	66	PC: 12b1e \| Move file pointer
2018-12-25T12:31:42.393614633Z	63	PC: 12b28 \| Read file or device (Read 8 bytes on handle 5)
2018-12-25T12:31:42.400753873Z	62	PC: 12b45 \| Close file
2018-12-25T12:31:42.402812434Z	78	PC: 12ae2 \| Find first file (See above)
2018-12-25T12:31:42.409805337Z	79	PC: 12af4 \| Find next file (See above)
2018-12-25T12:31:42.412004387Z	59	PC: 12c38 \| Change current directory
2018-12-25T12:31:42.416097579Z	59	PC: 12c3f \| Change current directory
2018-12-25T12:31:42.418616344Z	42	PC: 12c43 \| Get date 0x12c43: cmp cx, 0x7c7 0x12c47: jg 0x12c59 0x12c49: cmp dh, 0xa 0x12c4c: jge 0x12c51 0x12c4e: jmp 0x12c6b 0x12c50: nop 0x12c51: cmp dl, 0x11 0x12c54: jge 0x12c59 0x12c56: jmp 0x12c6b 0x12c58: nop 0x12c59: call 0x12c9a 0x12c5c: mov ax, 4 0x12c5f: int 0x10 0x12c61: mov ah, 9 0x12c63: mov dx, 0x3e2 0x12c66: int 0x21 0x12c68: jmp 0x12c96 0x12c6a: nop 0x12c6b: pop si 0x12c6c: pop bx
2018-12-25T12:31:42.420791864Z	76	PC: 12a45 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11982,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:31:43.84192399Z	26	PC: 12a5f \| Set disk transfer address
2018-12-25T12:31:43.84366831Z	71	PC: 12a68 \| Get current directory
2018-12-25T12:31:43.846420526Z	59	PC: 12a74 \| Change current directory
2018-12-25T12:31:43.850263548Z	78	PC: 12a7e \| Find first file
2018-12-25T12:31:43.864492515Z	78	PC: 12aa2 \| Find first file
2018-12-25T12:31:43.870836108Z	79	PC: 12ab1 \| Find next file
2018-12-25T12:31:43.873134493Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:43.875971267Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:43.880651527Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:43.883090047Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:43.885679688Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:43.888211256Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:43.890668027Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:43.893039962Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:43.89586448Z	42	PC: 12aba \| Get date 0x12aba: mov ax, si 0x12abc: and dl, al 0x12abe: mov bp, dx 0x12ac0: and bp, 0xff 0x12ac4: cmp bp, 0 0x12ac7: je 0x12ad5 0x12ac9: jmp 0x12a95 0x12acb: mov bp, 0 0x12ace: mov dx, 0x38e 0x12ad1: mov ah, 0x3b 0x12ad3: int 0x21 0x12ad5: mov si, 0 0x12ad8: mov cx, 0x20 0x12adb: mov dx, 0x3c0 0x12ade: mov ah, 0x4e 0x12ae0: int 0x21 0x12ae2: cmp ax, 0x12 0x12ae5: jne 0x12aeb 0x12ae7: inc bp 0x12ae8: jmp 0x12b62
2018-12-25T12:31:43.897974636Z	78	PC: 12ae2 \| Find first file
2018-12-25T12:31:43.903672906Z	79	PC: 12af4 \| Find next file
2018-12-25T12:31:43.906716887Z	78	PC: 12ae2 \| Find first file (See above)
2018-12-25T12:31:43.912719108Z	61	PC: 12b09 \| Open file (Filename = '')
2018-12-25T12:31:43.91899143Z	66	PC: 12b1e \| Move file pointer
2018-12-25T12:31:43.920610632Z	63	PC: 12b28 \| Read file or device (Read 8 bytes on handle 5)
2018-12-25T12:31:43.927119399Z	62	PC: 12b45 \| Close file
2018-12-25T12:31:43.9287337Z	78	PC: 12ae2 \| Find first file (See above)
2018-12-25T12:31:43.936091601Z	79	PC: 12af4 \| Find next file (See above)
2018-12-25T12:31:43.941895979Z	59	PC: 12c38 \| Change current directory
2018-12-25T12:31:43.946405108Z	59	PC: 12c3f \| Change current directory
2018-12-25T12:31:43.948886382Z	42	PC: 12c43 \| Get date 0x12c43: cmp cx, 0x7c7 0x12c47: jg 0x12c59 0x12c49: cmp dh, 0xa 0x12c4c: jge 0x12c51 0x12c4e: jmp 0x12c6b 0x12c50: nop 0x12c51: cmp dl, 0x11 0x12c54: jge 0x12c59 0x12c56: jmp 0x12c6b 0x12c58: nop 0x12c59: call 0x12c9a 0x12c5c: mov ax, 4 0x12c5f: int 0x10 0x12c61: mov ah, 9 0x12c63: mov dx, 0x3e2 0x12c66: int 0x21 0x12c68: jmp 0x12c96 0x12c6a: nop 0x12c6b: pop si 0x12c6c: pop bx
2018-12-25T12:31:43.951413323Z	76	PC: 12a45 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":17,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11982,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:31:44.285939598Z	26	PC: 12a5f \| Set disk transfer address
2018-12-25T12:31:44.287950085Z	71	PC: 12a68 \| Get current directory
2018-12-25T12:31:44.292422213Z	59	PC: 12a74 \| Change current directory
2018-12-25T12:31:44.297089281Z	78	PC: 12a7e \| Find first file
2018-12-25T12:31:44.304590803Z	78	PC: 12aa2 \| Find first file
2018-12-25T12:31:44.311499957Z	79	PC: 12ab1 \| Find next file
2018-12-25T12:31:44.31476354Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.31781834Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.321473595Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.324744372Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.327965319Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.332180587Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.335111564Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.337998853Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.341328927Z	42	PC: 12aba \| Get date 0x12aba: mov ax, si 0x12abc: and dl, al 0x12abe: mov bp, dx 0x12ac0: and bp, 0xff 0x12ac4: cmp bp, 0 0x12ac7: je 0x12ad5 0x12ac9: jmp 0x12a95 0x12acb: mov bp, 0 0x12ace: mov dx, 0x38e 0x12ad1: mov ah, 0x3b 0x12ad3: int 0x21 0x12ad5: mov si, 0 0x12ad8: mov cx, 0x20 0x12adb: mov dx, 0x3c0 0x12ade: mov ah, 0x4e 0x12ae0: int 0x21 0x12ae2: cmp ax, 0x12 0x12ae5: jne 0x12aeb 0x12ae7: inc bp 0x12ae8: jmp 0x12b62
2018-12-25T12:31:44.343957316Z	78	PC: 12ae2 \| Find first file
2018-12-25T12:31:44.359077171Z	79	PC: 12af4 \| Find next file
2018-12-25T12:31:44.362906843Z	78	PC: 12ae2 \| Find first file (See above)
2018-12-25T12:31:44.369933261Z	61	PC: 12b09 \| Open file (Filename = '')
2018-12-25T12:31:44.377659557Z	66	PC: 12b1e \| Move file pointer
2018-12-25T12:31:44.38097868Z	63	PC: 12b28 \| Read file or device (Read 8 bytes on handle 5)
2018-12-25T12:31:44.389030561Z	62	PC: 12b45 \| Close file
2018-12-25T12:31:44.391526631Z	78	PC: 12ae2 \| Find first file (See above)
2018-12-25T12:31:44.398977752Z	79	PC: 12af4 \| Find next file (See above)
2018-12-25T12:31:44.402611248Z	59	PC: 12c38 \| Change current directory
2018-12-25T12:31:44.40748447Z	59	PC: 12c3f \| Change current directory
2018-12-25T12:31:44.409824399Z	42	PC: 12c43 \| Get date 0x12c43: cmp cx, 0x7c7 0x12c47: jg 0x12c59 0x12c49: cmp dh, 0xa 0x12c4c: jge 0x12c51 0x12c4e: jmp 0x12c6b 0x12c50: nop 0x12c51: cmp dl, 0x11 0x12c54: jge 0x12c59 0x12c56: jmp 0x12c6b 0x12c58: nop 0x12c59: call 0x12c9a 0x12c5c: mov ax, 4 0x12c5f: int 0x10 0x12c61: mov ah, 9 0x12c63: mov dx, 0x3e2 0x12c66: int 0x21 0x12c68: jmp 0x12c96 0x12c6a: nop 0x12c6b: pop si 0x12c6c: pop bx
2018-12-25T12:31:44.420592302Z	9	PC: 12c68 \| Display string (String= '��COSSIGA ?! NO GRAZIE! By Amissi dee Panoce (c) 1991 PADOVA ')
2018-12-25T12:31:44.429032647Z	76	PC: 12c9a \| Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11982,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:31:44.613490023Z	26	PC: 12a5f \| Set disk transfer address
2018-12-25T12:31:44.615074515Z	71	PC: 12a68 \| Get current directory
2018-12-25T12:31:44.618934626Z	59	PC: 12a74 \| Change current directory
2018-12-25T12:31:44.623383435Z	78	PC: 12a7e \| Find first file
2018-12-25T12:31:44.636450201Z	78	PC: 12aa2 \| Find first file
2018-12-25T12:31:44.649918823Z	79	PC: 12ab1 \| Find next file
2018-12-25T12:31:44.652874857Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.656150611Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.66040435Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.663592234Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.666772231Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.670391583Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.673898558Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.67706269Z	79	PC: 12ab1 \| Find next file (See above)
2018-12-25T12:31:44.684709964Z	42	PC: 12aba \| Get date 0x12aba: mov ax, si 0x12abc: and dl, al 0x12abe: mov bp, dx 0x12ac0: and bp, 0xff 0x12ac4: cmp bp, 0 0x12ac7: je 0x12ad5 0x12ac9: jmp 0x12a95 0x12acb: mov bp, 0 0x12ace: mov dx, 0x38e 0x12ad1: mov ah, 0x3b 0x12ad3: int 0x21 0x12ad5: mov si, 0 0x12ad8: mov cx, 0x20 0x12adb: mov dx, 0x3c0 0x12ade: mov ah, 0x4e 0x12ae0: int 0x21 0x12ae2: cmp ax, 0x12 0x12ae5: jne 0x12aeb 0x12ae7: inc bp 0x12ae8: jmp 0x12b62
2018-12-25T12:31:44.68733789Z	78	PC: 12ae2 \| Find first file
2018-12-25T12:31:44.700744342Z	79	PC: 12af4 \| Find next file
2018-12-25T12:31:44.70407153Z	78	PC: 12ae2 \| Find first file (See above)
2018-12-25T12:31:44.715670654Z	61	PC: 12b09 \| Open file (Filename = '')
2018-12-25T12:31:44.724067807Z	66	PC: 12b1e \| Move file pointer
2018-12-25T12:31:44.726072986Z	63	PC: 12b28 \| Read file or device (Read 8 bytes on handle 5)
2018-12-25T12:31:44.734439802Z	62	PC: 12b45 \| Close file
2018-12-25T12:31:44.736825097Z	78	PC: 12ae2 \| Find first file (See above)
2018-12-25T12:31:44.743953241Z	79	PC: 12af4 \| Find next file (See above)
2018-12-25T12:31:44.74751959Z	59	PC: 12c38 \| Change current directory
2018-12-25T12:31:44.752511823Z	59	PC: 12c3f \| Change current directory
2018-12-25T12:31:44.754887491Z	42	PC: 12c43 \| Get date 0x12c43: cmp cx, 0x7c7 0x12c47: jg 0x12c59 0x12c49: cmp dh, 0xa 0x12c4c: jge 0x12c51 0x12c4e: jmp 0x12c6b 0x12c50: nop 0x12c51: cmp dl, 0x11 0x12c54: jge 0x12c59 0x12c56: jmp 0x12c6b 0x12c58: nop 0x12c59: call 0x12c9a 0x12c5c: mov ax, 4 0x12c5f: int 0x10 0x12c61: mov ah, 9 0x12c63: mov dx, 0x3e2 0x12c66: int 0x21 0x12c68: jmp 0x12c96 0x12c6a: nop 0x12c6b: pop si 0x12c6c: pop bx
2018-12-25T12:31:44.765143668Z	9	PC: 12c68 \| Display string (String= '��COSSIGA ?! NO GRAZIE! By Amissi dee Panoce (c) 1991 PADOVA ')
2018-12-25T12:31:44.771446972Z	76	PC: 12c9a \| Terminate with return code (Return code = '36')