Sample viewer

vx.netlux.org/Virus.DOS.Vivisex.683

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:56:29.576408673Z 42 PC: 12c1e | Get date 0x12c1e: cmp al, 3
0x12c20: je 0x12c47
0x12c22: mov dx, 0x103
0x12c25: mov ah, 0x4e
0x12c27: mov cx, 1
0x12c2a: int 0x21
0x12c2c: jae 0x12c30
0x12c2e: jmp 0x12c43
0x12c30: call 0x12c52
0x12c33: jmp 0x12c36
0x12c35: nop
0x12c36: mov dx, 0x80
0x12c39: mov ah, 0x4f
0x12c3b: int 0x21
0x12c3d: jae 0x12c41
0x12c3f: jmp 0x12c43
0x12c41: jmp 0x12c30
0x12c43: mov ah, 0x4c
0x12c45: int 0x21
0x12c47: mov dx, 0x148
2018-12-17T22:56:29.579295912Z 78 PC: 12c2c | Find first file
2018-12-17T22:56:29.586861487Z 67 PC: 12c5a | Get or set file attributes
2018-12-17T22:56:29.593480573Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:56:29.88947807Z 61 PC: 12c82 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:56:29.898446423Z 87 PC: 12c8b | Get or set file date and time
2018-12-17T22:56:29.900400768Z 64 PC: 12cb5 | Write file or device (Write 683 bytes on handle 5)
2018-12-17T22:56:29.90996947Z 87 PC: 12cda | Get or set file date and time
2018-12-17T22:56:29.912944644Z 62 PC: 12cde | Close file
2018-12-17T22:56:29.92158479Z 67 PC: 12cea | Get or set file attributes
2018-12-17T22:56:29.932559926Z 79 PC: 12c3d | Find next file
2018-12-17T22:56:29.936583451Z 67 PC: 12c5a | Get or set file attributes
2018-12-17T22:56:29.943417411Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:56:29.956846622Z 61 PC: 12c82 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:56:29.972225499Z 87 PC: 12c8b | Get or set file date and time
2018-12-17T22:56:29.974926988Z 64 PC: 12cb5 | Write file or device (Write 683 bytes on handle 5)
2018-12-17T22:56:29.995144672Z 87 PC: 12cda | Get or set file date and time
2018-12-17T22:56:29.997320323Z 62 PC: 12cde | Close file
2018-12-17T22:56:30.006919032Z 67 PC: 12cea | Get or set file attributes
2018-12-17T22:56:30.019557526Z 79 PC: 12c3d | Find next file
2018-12-17T22:56:30.022781488Z 67 PC: 12c5a | Get or set file attributes
2018-12-17T22:56:30.030262614Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:56:30.041564986Z 61 PC: 12c82 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:56:30.049459639Z 87 PC: 12c8b | Get or set file date and time
2018-12-17T22:56:30.052531837Z 64 PC: 12cb5 | Write file or device (Write 683 bytes on handle 5)
2018-12-17T22:56:30.06224534Z 87 PC: 12cda | Get or set file date and time
2018-12-17T22:56:30.064343555Z 62 PC: 12cde | Close file
2018-12-17T22:56:30.073585934Z 67 PC: 12cea | Get or set file attributes
2018-12-17T22:56:30.085098801Z 79 PC: 12c3d | Find next file
2018-12-17T22:56:30.088481942Z 67 PC: 12c5a | Get or set file attributes
2018-12-17T22:56:30.095841801Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:56:30.107245462Z 61 PC: 12c82 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:56:30.114923299Z 87 PC: 12c8b | Get or set file date and time
2018-12-17T22:56:30.117411658Z 64 PC: 12cb5 | Write file or device (Write 683 bytes on handle 5)
2018-12-17T22:56:30.12719823Z 87 PC: 12cda | Get or set file date and time
2018-12-17T22:56:30.129291475Z 62 PC: 12cde | Close file
2018-12-17T22:56:30.138135534Z 67 PC: 12cea | Get or set file attributes
2018-12-17T22:56:30.149937325Z 79 PC: 12c3d | Find next file
2018-12-17T22:56:30.153279409Z 67 PC: 12c5a | Get or set file attributes
2018-12-17T22:56:30.159980619Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:56:30.174157555Z 61 PC: 12c82 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:56:30.179323779Z 87 PC: 12c8b | Get or set file date and time
2018-12-17T22:56:30.18080255Z 64 PC: 12cb5 | Write file or device (Write 683 bytes on handle 5)
2018-12-17T22:56:30.190715869Z 87 PC: 12cda | Get or set file date and time
2018-12-17T22:56:30.192607997Z 62 PC: 12cde | Close file
2018-12-17T22:56:30.20375678Z 67 PC: 12cea | Get or set file attributes
2018-12-17T22:56:30.216298542Z 79 PC: 12c3d | Find next file
2018-12-17T22:56:30.219173317Z 67 PC: 12c5a | Get or set file attributes
2018-12-17T22:56:30.22433858Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:56:30.239625393Z 61 PC: 12c82 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:56:30.249490682Z 87 PC: 12c8b | Get or set file date and time
2018-12-17T22:56:30.251037531Z 64 PC: 12cb5 | Write file or device (Write 683 bytes on handle 5)
2018-12-17T22:56:30.259941192Z 87 PC: 12cda | Get or set file date and time
2018-12-17T22:56:30.261874978Z 62 PC: 12cde | Close file
2018-12-17T22:56:30.269297525Z 67 PC: 12cea | Get or set file attributes
2018-12-17T22:56:30.277067814Z 79 PC: 12c3d | Find next file
2018-12-17T22:56:30.280342121Z 67 PC: 12c5a | Get or set file attributes
2018-12-17T22:56:30.285347613Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:56:30.300361293Z 61 PC: 12c82 | Open file (Filename = 'PAH.COM')
2018-12-17T22:56:30.309159336Z 87 PC: 12c8b | Get or set file date and time
2018-12-17T22:56:30.311300141Z 64 PC: 12cb5 | Write file or device (Write 683 bytes on handle 5)
2018-12-17T22:56:30.320575821Z 87 PC: 12cda | Get or set file date and time
2018-12-17T22:56:30.323722127Z 62 PC: 12cde | Close file
2018-12-17T22:56:30.332752807Z 67 PC: 12cea | Get or set file attributes
2018-12-17T22:56:30.344063174Z 79 PC: 12c3d | Find next file
2018-12-17T22:56:30.347832201Z 67 PC: 12c5a | Get or set file attributes
2018-12-17T22:56:30.354529494Z 67 PC: 12c65 | Get or set file attributes
2018-12-17T22:56:30.369003579Z 61 PC: 12c82 | Open file (Filename = 'TEST.COM')
2018-12-17T22:56:30.377548716Z 87 PC: 12c8b | Get or set file date and time
2018-12-17T22:56:30.379495226Z 64 PC: 12cb5 | Write file or device (Write 683 bytes on handle 5)
2018-12-17T22:56:30.388540133Z 87 PC: 12cda | Get or set file date and time
2018-12-17T22:56:30.390427642Z 62 PC: 12cde | Close file
2018-12-17T22:56:30.399491304Z 67 PC: 12cea | Get or set file attributes
2018-12-17T22:56:30.4106207Z 79 PC: 12c3d | Find next file
2018-12-17T22:56:30.413267136Z 76 PC: 12c47 | Terminate with return code (Return code = '18')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12243,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:14.261741075Z 42 PC: 12c1e | Get date 0x12c1e: cmp al, 3
0x12c20: je 0x12c47
0x12c22: mov dx, 0x103
0x12c25: mov ah, 0x4e
0x12c27: mov cx, 1
0x12c2a: int 0x21
0x12c2c: jae 0x12c30
0x12c2e: jmp 0x12c43
0x12c30: call 0x12c52
0x12c33: jmp 0x12c36
0x12c35: nop
0x12c36: mov dx, 0x80
0x12c39: mov ah, 0x4f
0x12c3b: int 0x21
0x12c3d: jae 0x12c41
0x12c3f: jmp 0x12c43
0x12c41: jmp 0x12c30
0x12c43: mov ah, 0x4c
0x12c45: int 0x21
0x12c47: mov dx, 0x148
2018-12-25T12:32:14.264978432Z 78 PC: 12c2c | Find first file
2018-12-25T12:32:14.271808857Z 67 PC: 12c5a | Get or set file attributes
2018-12-25T12:32:14.277667832Z 67 PC: 12c65 | Get or set file attributes
2018-12-25T12:32:14.294682092Z 61 PC: 12c82 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:32:14.301592258Z 87 PC: 12c8b | Get or set file date and time
2018-12-25T12:32:14.30297974Z 64 PC: 12cb5 | Write file or device (Write 683 bytes on handle 5)
2018-12-25T12:32:14.311381179Z 87 PC: 12cda | Get or set file date and time
2018-12-25T12:32:14.313978792Z 62 PC: 12cde | Close file
2018-12-25T12:32:14.325914011Z 67 PC: 12cea | Get or set file attributes
2018-12-25T12:32:14.342071629Z 79 PC: 12c3d | Find next file
2018-12-25T12:32:14.345566608Z 67 PC: 12c5a | Get or set file attributes (See above)
2018-12-25T12:32:14.352200234Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:32:14.362079056Z 61 PC: 12c82 | Open file (See above)
2018-12-25T12:32:14.370114581Z 87 PC: 12c8b | Get or set file date and time (See above)
2018-12-25T12:32:14.371749279Z 64 PC: 12cb5 | Write file or device (See above)
2018-12-25T12:32:14.380029396Z 87 PC: 12cda | Get or set file date and time (See above)
2018-12-25T12:32:14.382856924Z 62 PC: 12cde | Close file (See above)
2018-12-25T12:32:14.390450849Z 67 PC: 12cea | Get or set file attributes (See above)
2018-12-25T12:32:14.400328124Z 79 PC: 12c3d | Find next file (See above)
2018-12-25T12:32:14.403595773Z 67 PC: 12c5a | Get or set file attributes (See above)
2018-12-25T12:32:14.411151241Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:32:14.420696165Z 61 PC: 12c82 | Open file (See above)
2018-12-25T12:32:14.428320664Z 87 PC: 12c8b | Get or set file date and time (See above)
2018-12-25T12:32:14.429755729Z 64 PC: 12cb5 | Write file or device (See above)
2018-12-25T12:32:14.437554262Z 87 PC: 12cda | Get or set file date and time (See above)
2018-12-25T12:32:14.439642708Z 62 PC: 12cde | Close file (See above)
2018-12-25T12:32:14.447785906Z 67 PC: 12cea | Get or set file attributes (See above)
2018-12-25T12:32:14.45745233Z 79 PC: 12c3d | Find next file (See above)
2018-12-25T12:32:14.463944467Z 67 PC: 12c5a | Get or set file attributes (See above)
2018-12-25T12:32:14.469721Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:32:14.48231648Z 61 PC: 12c82 | Open file (See above)
2018-12-25T12:32:14.489867105Z 87 PC: 12c8b | Get or set file date and time (See above)
2018-12-25T12:32:14.492009045Z 64 PC: 12cb5 | Write file or device (See above)
2018-12-25T12:32:14.500170355Z 87 PC: 12cda | Get or set file date and time (See above)
2018-12-25T12:32:14.501718272Z 62 PC: 12cde | Close file (See above)
2018-12-25T12:32:14.510113742Z 67 PC: 12cea | Get or set file attributes (See above)
2018-12-25T12:32:14.519753222Z 79 PC: 12c3d | Find next file (See above)
2018-12-25T12:32:14.52235311Z 67 PC: 12c5a | Get or set file attributes (See above)
2018-12-25T12:32:14.528749455Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:32:14.54157975Z 61 PC: 12c82 | Open file (See above)
2018-12-25T12:32:14.548277665Z 87 PC: 12c8b | Get or set file date and time (See above)
2018-12-25T12:32:14.550699859Z 64 PC: 12cb5 | Write file or device (See above)
2018-12-25T12:32:14.558590287Z 87 PC: 12cda | Get or set file date and time (See above)
2018-12-25T12:32:14.560080681Z 62 PC: 12cde | Close file (See above)
2018-12-25T12:32:14.56821919Z 67 PC: 12cea | Get or set file attributes (See above)
2018-12-25T12:32:14.577715577Z 79 PC: 12c3d | Find next file (See above)
2018-12-25T12:32:14.580151689Z 67 PC: 12c5a | Get or set file attributes (See above)
2018-12-25T12:32:14.585854001Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:32:14.596805884Z 61 PC: 12c82 | Open file (See above)
2018-12-25T12:32:14.608075787Z 87 PC: 12c8b | Get or set file date and time (See above)
2018-12-25T12:32:14.610105201Z 64 PC: 12cb5 | Write file or device (See above)
2018-12-25T12:32:14.618219639Z 87 PC: 12cda | Get or set file date and time (See above)
2018-12-25T12:32:14.619489179Z 62 PC: 12cde | Close file (See above)
2018-12-25T12:32:14.627558414Z 67 PC: 12cea | Get or set file attributes (See above)
2018-12-25T12:32:14.636927088Z 79 PC: 12c3d | Find next file (See above)
2018-12-25T12:32:14.639262833Z 67 PC: 12c5a | Get or set file attributes (See above)
2018-12-25T12:32:14.644525827Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:32:14.653998848Z 61 PC: 12c82 | Open file (See above)
2018-12-25T12:32:14.665756164Z 87 PC: 12c8b | Get or set file date and time (See above)
2018-12-25T12:32:14.666939896Z 64 PC: 12cb5 | Write file or device (See above)
2018-12-25T12:32:14.675167379Z 87 PC: 12cda | Get or set file date and time (See above)
2018-12-25T12:32:14.676557224Z 62 PC: 12cde | Close file (See above)
2018-12-25T12:32:14.683833178Z 67 PC: 12cea | Get or set file attributes (See above)
2018-12-25T12:32:14.693207433Z 79 PC: 12c3d | Find next file (See above)
2018-12-25T12:32:14.695709337Z 67 PC: 12c5a | Get or set file attributes (See above)
2018-12-25T12:32:14.701318043Z 67 PC: 12c65 | Get or set file attributes (See above)
2018-12-25T12:32:14.711302986Z 61 PC: 12c82 | Open file (See above)
2018-12-25T12:32:14.722727903Z 87 PC: 12c8b | Get or set file date and time (See above)
2018-12-25T12:32:14.724300043Z 64 PC: 12cb5 | Write file or device (See above)
2018-12-25T12:32:14.733858047Z 87 PC: 12cda | Get or set file date and time (See above)
2018-12-25T12:32:14.735556911Z 62 PC: 12cde | Close file (See above)
2018-12-25T12:32:14.743111446Z 67 PC: 12cea | Get or set file attributes (See above)
2018-12-25T12:32:14.753703476Z 79 PC: 12c3d | Find next file (See above)
2018-12-25T12:32:14.756088418Z 76 PC: 12c47 | Terminate with return code (Return code = '18')

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12243,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:15.667141351Z 42 PC: 12c1e | Get date 0x12c1e: cmp al, 3
0x12c20: je 0x12c47
0x12c22: mov dx, 0x103
0x12c25: mov ah, 0x4e
0x12c27: mov cx, 1
0x12c2a: int 0x21
0x12c2c: jae 0x12c30
0x12c2e: jmp 0x12c43
0x12c30: call 0x12c52
0x12c33: jmp 0x12c36
0x12c35: nop
0x12c36: mov dx, 0x80
0x12c39: mov ah, 0x4f
0x12c3b: int 0x21
0x12c3d: jae 0x12c41
0x12c3f: jmp 0x12c43
0x12c41: jmp 0x12c30
0x12c43: mov ah, 0x4c
0x12c45: int 0x21
0x12c47: mov dx, 0x148
2018-12-25T12:32:15.669484899Z 9 PC: 12c4e | Display string (Could not find end pointer)
2018-12-25T12:32:15.688423487Z 76 PC: 12c52 | Terminate with return code (Return code = '36')