Sample viewer

vx.netlux.org/Virus.DOS.Spectral.601

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:56:43.736566867Z 37 PC: 12b07 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:56:43.738684429Z 71 PC: 12b12 | Get current directory
2018-12-17T22:56:43.743777454Z 42 PC: 12b2e | Get date 0x12b2e: cmp dl, 6
0x12b31: jne 0x12b3b
0x12b33: mov ah, 9
0x12b35: lea dx, word ptr [bp + 0x15f]
0x12b39: int 0x21
0x12b3b: mov ax, 0x1a00
0x12b3e: lea dx, word ptr [bp + 0x361]
0x12b42: int 0x21
0x12b44: mov byte ptr [bp + 0x194], 0
0x12b49: mov ax, 0x4e00
0x12b4c: jmp 0x12beb
0x12b4f: pop bx
0x12b50: inc bx
0x12b51: inc cx
0x12b52: push bp
0x12b53: push bx
0x12b54: push sp
0x12b55: imul ax, word ptr [bp + di + 0x20], 0x5247
0x12b5a: imul dx, word ptr [bx + si + 0x5d], 0x4220
0x12b5f: jns 0x12b81
2018-12-17T22:56:43.749063432Z 26 PC: 12b44 | Set disk transfer address
2018-12-17T22:56:43.759920606Z 78 PC: 12bf4 | Find first file
2018-12-17T22:56:43.767424204Z 67 PC: 12c01 | Get or set file attributes
2018-12-17T22:56:43.785560463Z 61 PC: 12c06 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:56:43.794849939Z 63 PC: 12c16 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:56:43.803825826Z 66 PC: 12c32 | Move file pointer
2018-12-17T22:56:43.80629068Z 66 PC: 12de3 | Move file pointer
2018-12-17T22:56:43.808215028Z 64 PC: 12e0a | Write file or device (Write 601 bytes on handle 5)
2018-12-17T22:56:43.819121865Z 66 PC: 12e23 | Move file pointer
2018-12-17T22:56:43.821014143Z 63 PC: 12e2e | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:43.828176489Z 66 PC: 12e39 | Move file pointer
2018-12-17T22:56:43.830317775Z 64 PC: 12e45 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:56:43.834324569Z 87 PC: 12ca3 | Get or set file date and time
2018-12-17T22:56:43.835941288Z 62 PC: 12bd0 | Close file
2018-12-17T22:56:43.844346833Z 67 PC: 12bdf | Get or set file attributes
2018-12-17T22:56:43.855734904Z 79 PC: 12bf4 | Find next file
2018-12-17T22:56:43.858126161Z 67 PC: 12c01 | Get or set file attributes
2018-12-17T22:56:43.866073824Z 61 PC: 12c06 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:56:43.871948579Z 63 PC: 12c16 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:56:43.876981732Z 66 PC: 12c32 | Move file pointer
2018-12-17T22:56:43.878704892Z 66 PC: 12de3 | Move file pointer
2018-12-17T22:56:43.88074615Z 64 PC: 12e0a | Write file or device (Write 601 bytes on handle 5)
2018-12-17T22:56:43.887100387Z 66 PC: 12e23 | Move file pointer
2018-12-17T22:56:43.888354074Z 63 PC: 12e2e | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:56:43.896060063Z 66 PC: 12e39 | Move file pointer
2018-12-17T22:56:43.902257155Z 64 PC: 12e45 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:56:43.909039657Z 87 PC: 12ca3 | Get or set file date and time
2018-12-17T22:56:43.911942184Z 62 PC: 12bd0 | Close file
2018-12-17T22:56:43.921408502Z 67 PC: 12bdf | Get or set file attributes
2018-12-17T22:56:43.933132716Z 59 PC: 12caf | Change current directory
2018-12-17T22:56:43.936392505Z 26 PC: 12cb7 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12321,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:28.79480578Z 37 PC: 12b07 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:32:28.796255126Z 71 PC: 12b12 | Get current directory
2018-12-25T12:32:28.79902719Z 42 PC: 12b2e | Get date 0x12b2e: cmp dl, 6
0x12b31: jne 0x12b3b
0x12b33: mov ah, 9
0x12b35: lea dx, word ptr [bp + 0x15f]
0x12b39: int 0x21
0x12b3b: mov ax, 0x1a00
0x12b3e: lea dx, word ptr [bp + 0x361]
0x12b42: int 0x21
0x12b44: mov byte ptr [bp + 0x194], 0
0x12b49: mov ax, 0x4e00
0x12b4c: jmp 0x12beb
0x12b4f: pop bx
0x12b50: inc bx
0x12b51: inc cx
0x12b52: push bp
0x12b53: push bx
0x12b54: push sp
0x12b55: imul ax, word ptr [bp + di + 0x20], 0x5247
0x12b5a: imul dx, word ptr [bx + si + 0x5d], 0x4220
0x12b5f: jns 0x12b81
2018-12-25T12:32:28.801053372Z 26 PC: 12b44 | Set disk transfer address
2018-12-25T12:32:28.802562333Z 78 PC: 12bf4 | Find first file
2018-12-25T12:32:28.808474728Z 67 PC: 12c01 | Get or set file attributes
2018-12-25T12:32:28.846307358Z 61 PC: 12c06 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:32:28.859651618Z 63 PC: 12c16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:32:28.866008453Z 66 PC: 12c32 | Move file pointer
2018-12-25T12:32:28.86789011Z 66 PC: 12de3 | Move file pointer
2018-12-25T12:32:28.870067314Z 64 PC: 12e0a | Write file or device (Write 601 bytes on handle 5)
2018-12-25T12:32:28.877772487Z 66 PC: 12e23 | Move file pointer
2018-12-25T12:32:28.879024481Z 63 PC: 12e2e | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:32:28.883951421Z 66 PC: 12e39 | Move file pointer
2018-12-25T12:32:28.885325624Z 64 PC: 12e45 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:32:28.888020856Z 87 PC: 12ca3 | Get or set file date and time
2018-12-25T12:32:28.889313259Z 62 PC: 12bd0 | Close file
2018-12-25T12:32:28.898601505Z 67 PC: 12bdf | Get or set file attributes
2018-12-25T12:32:28.908319146Z 79 PC: 12bf4 | Find next file (See above)
2018-12-25T12:32:28.91076633Z 67 PC: 12c01 | Get or set file attributes (See above)
2018-12-25T12:32:28.92206787Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:32:28.92841203Z 63 PC: 12c16 | Read file or device (See above)
2018-12-25T12:32:28.934611941Z 66 PC: 12c32 | Move file pointer (See above)
2018-12-25T12:32:28.946453087Z 66 PC: 12de3 | Move file pointer (See above)
2018-12-25T12:32:28.947903146Z 64 PC: 12e0a | Write file or device (See above)
2018-12-25T12:32:28.961131058Z 66 PC: 12e23 | Move file pointer (See above)
2018-12-25T12:32:28.963024416Z 63 PC: 12e2e | Read file or device (See above)
2018-12-25T12:32:28.967286829Z 66 PC: 12e39 | Move file pointer (See above)
2018-12-25T12:32:28.96850067Z 64 PC: 12e45 | Write file or device (See above)
2018-12-25T12:32:28.970966525Z 87 PC: 12ca3 | Get or set file date and time (See above)
2018-12-25T12:32:28.972114732Z 62 PC: 12bd0 | Close file (See above)
2018-12-25T12:32:28.977745465Z 67 PC: 12bdf | Get or set file attributes (See above)
2018-12-25T12:32:28.985072739Z 59 PC: 12caf | Change current directory
2018-12-25T12:32:28.986533546Z 26 PC: 12cb7 | Set disk transfer address

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12321,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:28.822965559Z 37 PC: 12b07 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:32:28.824406959Z 71 PC: 12b12 | Get current directory
2018-12-25T12:32:28.82713735Z 42 PC: 12b2e | Get date 0x12b2e: cmp dl, 6
0x12b31: jne 0x12b3b
0x12b33: mov ah, 9
0x12b35: lea dx, word ptr [bp + 0x15f]
0x12b39: int 0x21
0x12b3b: mov ax, 0x1a00
0x12b3e: lea dx, word ptr [bp + 0x361]
0x12b42: int 0x21
0x12b44: mov byte ptr [bp + 0x194], 0
0x12b49: mov ax, 0x4e00
0x12b4c: jmp 0x12beb
0x12b4f: pop bx
0x12b50: inc bx
0x12b51: inc cx
0x12b52: push bp
0x12b53: push bx
0x12b54: push sp
0x12b55: imul ax, word ptr [bp + di + 0x20], 0x5247
0x12b5a: imul dx, word ptr [bx + si + 0x5d], 0x4220
0x12b5f: jns 0x12b81
2018-12-25T12:32:28.829027658Z 9 PC: 12b3b | Display string (String= '[CAUSTiC GRiP] By Spectral Shadow (c) 1994 ')
2018-12-25T12:32:28.832818424Z 26 PC: 12b44 | Set disk transfer address
2018-12-25T12:32:28.833750683Z 78 PC: 12bf4 | Find first file
2018-12-25T12:32:28.839373833Z 67 PC: 12c01 | Get or set file attributes
2018-12-25T12:32:28.855715992Z 61 PC: 12c06 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:32:28.862733665Z 63 PC: 12c16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:32:28.869225516Z 66 PC: 12c32 | Move file pointer
2018-12-25T12:32:28.871195485Z 66 PC: 12de3 | Move file pointer
2018-12-25T12:32:28.872604709Z 64 PC: 12e0a | Write file or device (Write 601 bytes on handle 5)
2018-12-25T12:32:28.881787952Z 66 PC: 12e23 | Move file pointer
2018-12-25T12:32:28.883374597Z 63 PC: 12e2e | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:32:28.890250405Z 66 PC: 12e39 | Move file pointer
2018-12-25T12:32:28.891567242Z 64 PC: 12e45 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:32:28.894362759Z 87 PC: 12ca3 | Get or set file date and time
2018-12-25T12:32:28.896263581Z 62 PC: 12bd0 | Close file
2018-12-25T12:32:28.902962498Z 67 PC: 12bdf | Get or set file attributes
2018-12-25T12:32:28.91278973Z 79 PC: 12bf4 | Find next file (See above)
2018-12-25T12:32:28.916548885Z 67 PC: 12c01 | Get or set file attributes (See above)
2018-12-25T12:32:28.92337584Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:32:28.930297584Z 63 PC: 12c16 | Read file or device (See above)
2018-12-25T12:32:28.937465631Z 66 PC: 12c32 | Move file pointer (See above)
2018-12-25T12:32:28.93893437Z 66 PC: 12de3 | Move file pointer (See above)
2018-12-25T12:32:28.94100923Z 64 PC: 12e0a | Write file or device (See above)
2018-12-25T12:32:28.949854908Z 66 PC: 12e23 | Move file pointer (See above)
2018-12-25T12:32:28.951128105Z 63 PC: 12e2e | Read file or device (See above)
2018-12-25T12:32:28.95719175Z 66 PC: 12e39 | Move file pointer (See above)
2018-12-25T12:32:28.959026874Z 64 PC: 12e45 | Write file or device (See above)
2018-12-25T12:32:28.961705444Z 87 PC: 12ca3 | Get or set file date and time (See above)
2018-12-25T12:32:28.963286435Z 62 PC: 12bd0 | Close file (See above)
2018-12-25T12:32:28.971427907Z 67 PC: 12bdf | Get or set file attributes (See above)
2018-12-25T12:32:28.981135129Z 59 PC: 12caf | Change current directory
2018-12-25T12:32:28.98301859Z 26 PC: 12cb7 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12321,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:28.849445889Z 37 PC: 12b07 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:32:28.851108888Z 71 PC: 12b12 | Get current directory
2018-12-25T12:32:28.853163659Z 42 PC: 12b2e | Get date 0x12b2e: cmp dl, 6
0x12b31: jne 0x12b3b
0x12b33: mov ah, 9
0x12b35: lea dx, word ptr [bp + 0x15f]
0x12b39: int 0x21
0x12b3b: mov ax, 0x1a00
0x12b3e: lea dx, word ptr [bp + 0x361]
0x12b42: int 0x21
0x12b44: mov byte ptr [bp + 0x194], 0
0x12b49: mov ax, 0x4e00
0x12b4c: jmp 0x12beb
0x12b4f: pop bx
0x12b50: inc bx
0x12b51: inc cx
0x12b52: push bp
0x12b53: push bx
0x12b54: push sp
0x12b55: imul ax, word ptr [bp + di + 0x20], 0x5247
0x12b5a: imul dx, word ptr [bx + si + 0x5d], 0x4220
0x12b5f: jns 0x12b81
2018-12-25T12:32:28.854709446Z 26 PC: 12b44 | Set disk transfer address
2018-12-25T12:32:28.856076445Z 78 PC: 12bf4 | Find first file
2018-12-25T12:32:28.861865664Z 67 PC: 12c01 | Get or set file attributes
2018-12-25T12:32:28.877028173Z 61 PC: 12c06 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:32:28.883993264Z 63 PC: 12c16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:32:28.890208605Z 66 PC: 12c32 | Move file pointer
2018-12-25T12:32:28.892059448Z 66 PC: 12de3 | Move file pointer
2018-12-25T12:32:28.898897212Z 64 PC: 12e0a | Write file or device (Write 601 bytes on handle 5)
2018-12-25T12:32:28.906586331Z 66 PC: 12e23 | Move file pointer
2018-12-25T12:32:28.907778324Z 63 PC: 12e2e | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:32:28.914697023Z 66 PC: 12e39 | Move file pointer
2018-12-25T12:32:28.916924785Z 64 PC: 12e45 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:32:28.919747819Z 87 PC: 12ca3 | Get or set file date and time
2018-12-25T12:32:28.922391462Z 62 PC: 12bd0 | Close file
2018-12-25T12:32:28.93001001Z 67 PC: 12bdf | Get or set file attributes
2018-12-25T12:32:28.940268852Z 79 PC: 12bf4 | Find next file (See above)
2018-12-25T12:32:28.9431387Z 67 PC: 12c01 | Get or set file attributes (See above)
2018-12-25T12:32:28.956514585Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:32:28.963470082Z 63 PC: 12c16 | Read file or device (See above)
2018-12-25T12:32:28.969812747Z 66 PC: 12c32 | Move file pointer (See above)
2018-12-25T12:32:28.972125753Z 66 PC: 12de3 | Move file pointer (See above)
2018-12-25T12:32:28.973585751Z 64 PC: 12e0a | Write file or device (See above)
2018-12-25T12:32:28.982002628Z 66 PC: 12e23 | Move file pointer (See above)
2018-12-25T12:32:28.983789998Z 63 PC: 12e2e | Read file or device (See above)
2018-12-25T12:32:28.990470271Z 66 PC: 12e39 | Move file pointer (See above)
2018-12-25T12:32:28.992020901Z 64 PC: 12e45 | Write file or device (See above)
2018-12-25T12:32:28.995737379Z 87 PC: 12ca3 | Get or set file date and time (See above)
2018-12-25T12:32:28.997900437Z 62 PC: 12bd0 | Close file (See above)
2018-12-25T12:32:29.00550355Z 67 PC: 12bdf | Get or set file attributes (See above)
2018-12-25T12:32:29.019850576Z 59 PC: 12caf | Change current directory
2018-12-25T12:32:29.022494845Z 26 PC: 12cb7 | Set disk transfer address

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12321,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:28.86098353Z 37 PC: 12b07 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:32:28.862810682Z 71 PC: 12b12 | Get current directory
2018-12-25T12:32:28.865582237Z 42 PC: 12b2e | Get date 0x12b2e: cmp dl, 6
0x12b31: jne 0x12b3b
0x12b33: mov ah, 9
0x12b35: lea dx, word ptr [bp + 0x15f]
0x12b39: int 0x21
0x12b3b: mov ax, 0x1a00
0x12b3e: lea dx, word ptr [bp + 0x361]
0x12b42: int 0x21
0x12b44: mov byte ptr [bp + 0x194], 0
0x12b49: mov ax, 0x4e00
0x12b4c: jmp 0x12beb
0x12b4f: pop bx
0x12b50: inc bx
0x12b51: inc cx
0x12b52: push bp
0x12b53: push bx
0x12b54: push sp
0x12b55: imul ax, word ptr [bp + di + 0x20], 0x5247
0x12b5a: imul dx, word ptr [bx + si + 0x5d], 0x4220
0x12b5f: jns 0x12b81
2018-12-25T12:32:28.867540773Z 9 PC: 12b3b | Display string (String= '[CAUSTiC GRiP] By Spectral Shadow (c) 1994 ')
2018-12-25T12:32:28.872853419Z 26 PC: 12b44 | Set disk transfer address
2018-12-25T12:32:28.873847662Z 78 PC: 12bf4 | Find first file
2018-12-25T12:32:28.879784644Z 67 PC: 12c01 | Get or set file attributes
2018-12-25T12:32:28.899149091Z 61 PC: 12c06 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:32:28.906556077Z 63 PC: 12c16 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:32:28.912844454Z 66 PC: 12c32 | Move file pointer
2018-12-25T12:32:28.914660085Z 66 PC: 12de3 | Move file pointer
2018-12-25T12:32:28.916619548Z 64 PC: 12e0a | Write file or device (Write 601 bytes on handle 5)
2018-12-25T12:32:28.924340855Z 66 PC: 12e23 | Move file pointer
2018-12-25T12:32:28.9255353Z 63 PC: 12e2e | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:32:28.932028937Z 66 PC: 12e39 | Move file pointer
2018-12-25T12:32:28.933619627Z 64 PC: 12e45 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:32:28.936500219Z 87 PC: 12ca3 | Get or set file date and time
2018-12-25T12:32:28.938511337Z 62 PC: 12bd0 | Close file
2018-12-25T12:32:28.944070474Z 67 PC: 12bdf | Get or set file attributes
2018-12-25T12:32:28.953689279Z 79 PC: 12bf4 | Find next file (See above)
2018-12-25T12:32:28.95659661Z 67 PC: 12c01 | Get or set file attributes (See above)
2018-12-25T12:32:28.966762666Z 61 PC: 12c06 | Open file (See above)
2018-12-25T12:32:28.973210742Z 63 PC: 12c16 | Read file or device (See above)
2018-12-25T12:32:28.979859973Z 66 PC: 12c32 | Move file pointer (See above)
2018-12-25T12:32:28.981646699Z 66 PC: 12de3 | Move file pointer (See above)
2018-12-25T12:32:28.982918083Z 64 PC: 12e0a | Write file or device (See above)
2018-12-25T12:32:28.990960238Z 66 PC: 12e23 | Move file pointer (See above)
2018-12-25T12:32:28.992147869Z 63 PC: 12e2e | Read file or device (See above)
2018-12-25T12:32:28.99824302Z 66 PC: 12e39 | Move file pointer (See above)
2018-12-25T12:32:29.000199133Z 64 PC: 12e45 | Write file or device (See above)
2018-12-25T12:32:29.002897146Z 87 PC: 12ca3 | Get or set file date and time (See above)
2018-12-25T12:32:29.004360992Z 62 PC: 12bd0 | Close file (See above)
2018-12-25T12:32:29.012638946Z 67 PC: 12bdf | Get or set file attributes (See above)
2018-12-25T12:32:29.022214244Z 59 PC: 12caf | Change current directory
2018-12-25T12:32:29.023807195Z 26 PC: 12cb7 | Set disk transfer address