Sample viewer

vx.netlux.org/Virus.DOS.Wit.542.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:56:42.633238147Z 26 PC: 12a70 | Set disk transfer address
2018-12-17T22:56:42.634860747Z 71 PC: 12a82 | Get current directory
2018-12-17T22:56:42.639689937Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 4
0x12a8b: jne 0x12aa6
0x12a8d: cmp dl, 0xf
0x12a90: jne 0x12aa6
0x12a92: mov ax, 0x1010
0x12a95: out 0x70, ax
0x12a97: mov dx, 0x2e9
0x12a9a: mov ah, 9
0x12a9c: int 0x21
0x12a9e: mov ah, 8
0x12aa0: int 0x21
0x12aa2: mov al, 0xfe
0x12aa4: out 0x64, al
0x12aa6: mov ah, byte ptr [0x313]
0x12aaa: mov cl, 7
0x12aac: mov dx, 0x2dd
0x12aaf: int 0x21
0x12ab1: jae 0x12ab6
0x12ab3: jmp 0x12bdb
0x12ab6: mov dx, word ptr [0x30c]
2018-12-17T22:56:42.642235764Z 78 PC: 12ab1 | Find first file
2018-12-17T22:56:42.648975485Z 67 PC: 12acd | Get or set file attributes
2018-12-17T22:56:42.667534159Z 61 PC: 12ae1 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:56:42.680888518Z 63 PC: 12afd | Read file or device (Read 590 bytes on handle 5)
2018-12-17T22:56:42.695766782Z 66 PC: 12b1c | Move file pointer
2018-12-17T22:56:42.698764719Z 66 PC: 12b3d | Move file pointer
2018-12-17T22:56:42.703262626Z 64 PC: 12b58 | Write file or device (Write 407 bytes on handle 5)
2018-12-17T22:56:42.710638694Z 66 PC: 12b87 | Move file pointer
2018-12-17T22:56:42.712933458Z 64 PC: 12b98 | Write file or device (Write 590 bytes on handle 5)
2018-12-17T22:56:42.724624249Z 87 PC: 12ba9 | Get or set file date and time
2018-12-17T22:56:42.727102168Z 62 PC: 12baf | Close file
2018-12-17T22:56:42.737792859Z 67 PC: 12bc1 | Get or set file attributes
2018-12-17T22:56:42.754333338Z 79 PC: 12ab1 | Find next file
2018-12-17T22:56:42.758970517Z 67 PC: 12acd | Get or set file attributes
2018-12-17T22:56:42.77174224Z 61 PC: 12ae1 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:56:42.777737783Z 63 PC: 12afd | Read file or device (Read 590 bytes on handle 5)
2018-12-17T22:56:42.78382613Z 66 PC: 12b1c | Move file pointer
2018-12-17T22:56:42.785497643Z 66 PC: 12b3d | Move file pointer
2018-12-17T22:56:42.787795693Z 64 PC: 12b58 | Write file or device (Write 27 bytes on handle 5)
2018-12-17T22:56:42.792113301Z 66 PC: 12b87 | Move file pointer
2018-12-17T22:56:42.79344742Z 64 PC: 12b98 | Write file or device (Write 590 bytes on handle 5)
2018-12-17T22:56:42.801046057Z 87 PC: 12ba9 | Get or set file date and time
2018-12-17T22:56:42.802674529Z 62 PC: 12baf | Close file
2018-12-17T22:56:42.810230816Z 67 PC: 12bc1 | Get or set file attributes
2018-12-17T22:56:42.820850764Z 79 PC: 12ab1 | Find next file
2018-12-17T22:56:42.824053756Z 67 PC: 12acd | Get or set file attributes
2018-12-17T22:56:42.835325458Z 61 PC: 12ae1 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:56:42.842025846Z 63 PC: 12afd | Read file or device (Read 590 bytes on handle 5)
2018-12-17T22:56:42.864177215Z 66 PC: 12b1c | Move file pointer
2018-12-17T22:56:42.86622746Z 66 PC: 12b3d | Move file pointer
2018-12-17T22:56:42.868401277Z 64 PC: 12b58 | Write file or device (Write 92 bytes on handle 5)
2018-12-17T22:56:42.885913634Z 66 PC: 12b87 | Move file pointer
2018-12-17T22:56:42.887628919Z 64 PC: 12b98 | Write file or device (Write 590 bytes on handle 5)
2018-12-17T22:56:42.896613742Z 87 PC: 12ba9 | Get or set file date and time
2018-12-17T22:56:42.902492505Z 62 PC: 12baf | Close file
2018-12-17T22:56:42.913455077Z 67 PC: 12bc1 | Get or set file attributes
2018-12-17T22:56:42.924824764Z 79 PC: 12ab1 | Find next file
2018-12-17T22:56:42.930149696Z 67 PC: 12acd | Get or set file attributes
2018-12-17T22:56:42.941101628Z 61 PC: 12ae1 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:56:42.948694775Z 63 PC: 12afd | Read file or device (Read 590 bytes on handle 5)
2018-12-17T22:56:42.957030266Z 66 PC: 12b1c | Move file pointer
2018-12-17T22:56:42.959224051Z 66 PC: 12b3d | Move file pointer
2018-12-17T22:56:42.961178135Z 64 PC: 12b58 | Write file or device (Write 29 bytes on handle 5)
2018-12-17T22:56:42.967053822Z 66 PC: 12b87 | Move file pointer
2018-12-17T22:56:43.010216707Z 64 PC: 12b98 | Write file or device (Write 590 bytes on handle 5)
2018-12-17T22:56:43.038806461Z 87 PC: 12ba9 | Get or set file date and time
2018-12-17T22:56:43.042265154Z 62 PC: 12baf | Close file
2018-12-17T22:56:43.051405229Z 67 PC: 12bc1 | Get or set file attributes
2018-12-17T22:56:43.062205735Z 79 PC: 12ab1 | Find next file
2018-12-17T22:56:43.0653673Z 67 PC: 12acd | Get or set file attributes
2018-12-17T22:56:43.076967681Z 61 PC: 12ae1 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:56:43.084716951Z 63 PC: 12afd | Read file or device (Read 590 bytes on handle 5)
2018-12-17T22:56:43.092097227Z 66 PC: 12b1c | Move file pointer
2018-12-17T22:56:43.09608732Z 66 PC: 12b3d | Move file pointer
2018-12-17T22:56:43.098192578Z 64 PC: 12b58 | Write file or device (Write 29 bytes on handle 5)
2018-12-17T22:56:43.102629339Z 66 PC: 12b87 | Move file pointer
2018-12-17T22:56:43.105840376Z 64 PC: 12b98 | Write file or device (Write 590 bytes on handle 5)
2018-12-17T22:56:43.114662514Z 87 PC: 12ba9 | Get or set file date and time
2018-12-17T22:56:43.11668673Z 62 PC: 12baf | Close file
2018-12-17T22:56:43.126601121Z 67 PC: 12bc1 | Get or set file attributes
2018-12-17T22:56:43.137885057Z 59 PC: 12be4 | Change current directory
2018-12-17T22:56:43.143116984Z 26 PC: 12c01 | Set disk transfer address
2018-12-17T22:56:43.145178038Z 59 PC: 12c0c | Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12311,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:26.837062486Z 26 PC: 12a70 | Set disk transfer address
2018-12-25T12:32:26.839455757Z 71 PC: 12a82 | Get current directory
2018-12-25T12:32:26.842979777Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 4
0x12a8b: jne 0x12aa6
0x12a8d: cmp dl, 0xf
0x12a90: jne 0x12aa6
0x12a92: mov ax, 0x1010
0x12a95: out 0x70, ax
0x12a97: mov dx, 0x2e9
0x12a9a: mov ah, 9
0x12a9c: int 0x21
0x12a9e: mov ah, 8
0x12aa0: int 0x21
0x12aa2: mov al, 0xfe
0x12aa4: out 0x64, al
0x12aa6: mov ah, byte ptr [0x313]
0x12aaa: mov cl, 7
0x12aac: mov dx, 0x2dd
0x12aaf: int 0x21
0x12ab1: jae 0x12ab6
0x12ab3: jmp 0x12bdb
0x12ab6: mov dx, word ptr [0x30c]
2018-12-25T12:32:26.846055698Z 78 PC: 12ab1 | Find first file
2018-12-25T12:32:26.852885583Z 67 PC: 12acd | Get or set file attributes
2018-12-25T12:32:26.87242199Z 61 PC: 12ae1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:32:26.878812288Z 63 PC: 12afd | Read file or device (Read 590 bytes on handle 5)
2018-12-25T12:32:26.885344467Z 66 PC: 12b1c | Move file pointer
2018-12-25T12:32:26.888036737Z 66 PC: 12b3d | Move file pointer
2018-12-25T12:32:26.889852179Z 64 PC: 12b58 | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:32:26.895494275Z 66 PC: 12b87 | Move file pointer
2018-12-25T12:32:26.897828108Z 64 PC: 12b98 | Write file or device (Write 590 bytes on handle 5)
2018-12-25T12:32:26.918316653Z 87 PC: 12ba9 | Get or set file date and time
2018-12-25T12:32:26.920171999Z 62 PC: 12baf | Close file
2018-12-25T12:32:26.928722018Z 67 PC: 12bc1 | Get or set file attributes
2018-12-25T12:32:26.938423772Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:32:26.941116378Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:32:26.951662669Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:32:26.95813999Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:32:26.964123239Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:32:26.96588946Z 66 PC: 12b3d | Move file pointer (See above)
2018-12-25T12:32:26.973836961Z 64 PC: 12b58 | Write file or device (See above)
2018-12-25T12:32:26.976453363Z 66 PC: 12b87 | Move file pointer (See above)
2018-12-25T12:32:26.977950655Z 64 PC: 12b98 | Write file or device (See above)
2018-12-25T12:32:26.982764603Z 87 PC: 12ba9 | Get or set file date and time (See above)
2018-12-25T12:32:26.984146746Z 62 PC: 12baf | Close file (See above)
2018-12-25T12:32:26.989708504Z 67 PC: 12bc1 | Get or set file attributes (See above)
2018-12-25T12:32:26.995921456Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:32:26.997738153Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:32:27.003756713Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:32:27.008470572Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:32:27.014892168Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:32:27.016655222Z 66 PC: 12b3d | Move file pointer (See above)
2018-12-25T12:32:27.026771976Z 64 PC: 12b58 | Write file or device (See above)
2018-12-25T12:32:27.030499206Z 66 PC: 12b87 | Move file pointer (See above)
2018-12-25T12:32:27.031572973Z 64 PC: 12b98 | Write file or device (See above)
2018-12-25T12:32:27.037249917Z 87 PC: 12ba9 | Get or set file date and time (See above)
2018-12-25T12:32:27.038520428Z 62 PC: 12baf | Close file (See above)
2018-12-25T12:32:27.043530242Z 67 PC: 12bc1 | Get or set file attributes (See above)
2018-12-25T12:32:27.052024968Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:32:27.054178411Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:32:27.068302535Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:32:27.075518941Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:32:27.094531959Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:32:27.096371231Z 66 PC: 12b3d | Move file pointer (See above)
2018-12-25T12:32:27.098638913Z 64 PC: 12b58 | Write file or device (See above)
2018-12-25T12:32:27.103038167Z 66 PC: 12b87 | Move file pointer (See above)
2018-12-25T12:32:27.104804831Z 64 PC: 12b98 | Write file or device (See above)
2018-12-25T12:32:27.113628404Z 87 PC: 12ba9 | Get or set file date and time (See above)
2018-12-25T12:32:27.11543751Z 62 PC: 12baf | Close file (See above)
2018-12-25T12:32:27.12382087Z 67 PC: 12bc1 | Get or set file attributes (See above)
2018-12-25T12:32:27.13504275Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:32:27.138107295Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:32:27.148474362Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:32:27.155899566Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:32:27.169186904Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:32:27.170702801Z 66 PC: 12b3d | Move file pointer (See above)
2018-12-25T12:32:27.172130256Z 64 PC: 12b58 | Write file or device (See above)
2018-12-25T12:32:27.176501013Z 66 PC: 12b87 | Move file pointer (See above)
2018-12-25T12:32:27.178275896Z 64 PC: 12b98 | Write file or device (See above)
2018-12-25T12:32:27.185634905Z 87 PC: 12ba9 | Get or set file date and time (See above)
2018-12-25T12:32:27.187727309Z 62 PC: 12baf | Close file (See above)
2018-12-25T12:32:27.195629077Z 67 PC: 12bc1 | Get or set file attributes (See above)
2018-12-25T12:32:27.215855576Z 59 PC: 12be4 | Change current directory
2018-12-25T12:32:27.220725814Z 26 PC: 12c01 | Set disk transfer address
2018-12-25T12:32:27.235292501Z 59 PC: 12c0c | Change current directory

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12311,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:26.878124327Z 26 PC: 12a70 | Set disk transfer address
2018-12-25T12:32:26.879383547Z 71 PC: 12a82 | Get current directory
2018-12-25T12:32:26.882848667Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 4
0x12a8b: jne 0x12aa6
0x12a8d: cmp dl, 0xf
0x12a90: jne 0x12aa6
0x12a92: mov ax, 0x1010
0x12a95: out 0x70, ax
0x12a97: mov dx, 0x2e9
0x12a9a: mov ah, 9
0x12a9c: int 0x21
0x12a9e: mov ah, 8
0x12aa0: int 0x21
0x12aa2: mov al, 0xfe
0x12aa4: out 0x64, al
0x12aa6: mov ah, byte ptr [0x313]
0x12aaa: mov cl, 7
0x12aac: mov dx, 0x2dd
0x12aaf: int 0x21
0x12ab1: jae 0x12ab6
0x12ab3: jmp 0x12bdb
0x12ab6: mov dx, word ptr [0x30c]
2018-12-25T12:32:26.885101021Z 78 PC: 12ab1 | Find first file
2018-12-25T12:32:26.891558672Z 67 PC: 12acd | Get or set file attributes
2018-12-25T12:32:26.908299614Z 61 PC: 12ae1 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:32:26.915849793Z 63 PC: 12afd | Read file or device (Read 590 bytes on handle 5)
2018-12-25T12:32:26.923230149Z 66 PC: 12b1c | Move file pointer
2018-12-25T12:32:26.925793528Z 66 PC: 12b3d | Move file pointer
2018-12-25T12:32:26.927319975Z 64 PC: 12b58 | Write file or device (Write 407 bytes on handle 5)
2018-12-25T12:32:26.932487797Z 66 PC: 12b87 | Move file pointer
2018-12-25T12:32:26.935179103Z 64 PC: 12b98 | Write file or device (Write 590 bytes on handle 5)
2018-12-25T12:32:26.955108232Z 87 PC: 12ba9 | Get or set file date and time
2018-12-25T12:32:26.957291575Z 62 PC: 12baf | Close file
2018-12-25T12:32:26.966593956Z 67 PC: 12bc1 | Get or set file attributes
2018-12-25T12:32:26.977730118Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:32:26.981040904Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:32:26.998179318Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:32:27.007745199Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:32:27.014462164Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:32:27.015851144Z 66 PC: 12b3d | Move file pointer (See above)
2018-12-25T12:32:27.017533215Z 64 PC: 12b58 | Write file or device (See above)
2018-12-25T12:32:27.021856684Z 66 PC: 12b87 | Move file pointer (See above)
2018-12-25T12:32:27.023281854Z 64 PC: 12b98 | Write file or device (See above)
2018-12-25T12:32:27.031443586Z 87 PC: 12ba9 | Get or set file date and time (See above)
2018-12-25T12:32:27.032970516Z 62 PC: 12baf | Close file (See above)
2018-12-25T12:32:27.041018302Z 67 PC: 12bc1 | Get or set file attributes (See above)
2018-12-25T12:32:27.05191275Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:32:27.054666861Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:32:27.066116294Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:32:27.073667091Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:32:27.078217451Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:32:27.079539268Z 66 PC: 12b3d | Move file pointer (See above)
2018-12-25T12:32:27.081614451Z 64 PC: 12b58 | Write file or device (See above)
2018-12-25T12:32:27.084437182Z 66 PC: 12b87 | Move file pointer (See above)
2018-12-25T12:32:27.085783804Z 64 PC: 12b98 | Write file or device (See above)
2018-12-25T12:32:27.092657698Z 87 PC: 12ba9 | Get or set file date and time (See above)
2018-12-25T12:32:27.093919016Z 62 PC: 12baf | Close file (See above)
2018-12-25T12:32:27.099547184Z 67 PC: 12bc1 | Get or set file attributes (See above)
2018-12-25T12:32:27.106668974Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:32:27.109511357Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:32:27.118793469Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:32:27.123685483Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:32:27.128624547Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:32:27.130358328Z 66 PC: 12b3d | Move file pointer (See above)
2018-12-25T12:32:27.132582454Z 64 PC: 12b58 | Write file or device (See above)
2018-12-25T12:32:27.137796295Z 66 PC: 12b87 | Move file pointer (See above)
2018-12-25T12:32:27.139276646Z 64 PC: 12b98 | Write file or device (See above)
2018-12-25T12:32:27.147157859Z 87 PC: 12ba9 | Get or set file date and time (See above)
2018-12-25T12:32:27.149491878Z 62 PC: 12baf | Close file (See above)
2018-12-25T12:32:27.157788461Z 67 PC: 12bc1 | Get or set file attributes (See above)
2018-12-25T12:32:27.181473865Z 79 PC: 12ab1 | Find next file (See above)
2018-12-25T12:32:27.185800121Z 67 PC: 12acd | Get or set file attributes (See above)
2018-12-25T12:32:27.196174723Z 61 PC: 12ae1 | Open file (See above)
2018-12-25T12:32:27.203230333Z 63 PC: 12afd | Read file or device (See above)
2018-12-25T12:32:27.210010015Z 66 PC: 12b1c | Move file pointer (See above)
2018-12-25T12:32:27.211691309Z 66 PC: 12b3d | Move file pointer (See above)
2018-12-25T12:32:27.213248043Z 64 PC: 12b58 | Write file or device (See above)
2018-12-25T12:32:27.217615094Z 66 PC: 12b87 | Move file pointer (See above)
2018-12-25T12:32:27.219503861Z 64 PC: 12b98 | Write file or device (See above)
2018-12-25T12:32:27.227312002Z 87 PC: 12ba9 | Get or set file date and time (See above)
2018-12-25T12:32:27.228952823Z 62 PC: 12baf | Close file (See above)
2018-12-25T12:32:27.237763016Z 67 PC: 12bc1 | Get or set file attributes (See above)
2018-12-25T12:32:27.2492141Z 59 PC: 12be4 | Change current directory
2018-12-25T12:32:27.254039247Z 26 PC: 12c01 | Set disk transfer address
2018-12-25T12:32:27.256316353Z 59 PC: 12c0c | Change current directory

{"DateBased":true,"Day":15,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12311,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:26.923465977Z 26 PC: 12a70 | Set disk transfer address
2018-12-25T12:32:26.925363636Z 71 PC: 12a82 | Get current directory
2018-12-25T12:32:26.928604086Z 42 PC: 12a88 | Get date 0x12a88: cmp dh, 4
0x12a8b: jne 0x12aa6
0x12a8d: cmp dl, 0xf
0x12a90: jne 0x12aa6
0x12a92: mov ax, 0x1010
0x12a95: out 0x70, ax
0x12a97: mov dx, 0x2e9
0x12a9a: mov ah, 9
0x12a9c: int 0x21
0x12a9e: mov ah, 8
0x12aa0: int 0x21
0x12aa2: mov al, 0xfe
0x12aa4: out 0x64, al
0x12aa6: mov ah, byte ptr [0x313]
0x12aaa: mov cl, 7
0x12aac: mov dx, 0x2dd
0x12aaf: int 0x21
0x12ab1: jae 0x12ab6
0x12ab3: jmp 0x12bdb
0x12ab6: mov dx, word ptr [0x30c]
2018-12-25T12:32:26.930809454Z 9 PC: 12a9e | Display string (String= '��ࠡ���� - rulez forever ! ')
2018-12-25T12:32:26.935214997Z 8 PC: 12aa2 | Console input without echo