Sample viewer

vx.netlux.org/Virus.DOS.Mindless.423.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:56:48.59411971Z 42 PC: 12a58 | Get date 0x12a58: cmp al, 0
0x12a5a: jne 0x12aba
0x12a5c: mov ax, 0x3301
0x12a5f: xor dl, dl
0x12a61: int 0x21
0x12a63: mov cx, 0x44
0x12a66: nop
0x12a67: mov si, 0x1ff
0x12a6a: mov al, byte ptr [si]
0x12a6c: xor al, 1
0x12a6e: mov byte ptr [si], al
0x12a70: inc si
0x12a71: loop 0x12a6a
0x12a73: cmp byte ptr [0x1f6], 0x1b
0x12a78: ja 0x12a90
0x12a7a: pushf
0x12a7b: mov al, byte ptr [0x1f6]
0x12a7e: mov cx, word ptr [0x1f7]
0x12a82: xor dx, dx
0x12a84: mov bx, 0x1ff
2018-12-17T22:56:48.597633316Z 78 PC: 12af7 | Find first file
2018-12-17T22:56:48.604787838Z 67 PC: 12aff | Get or set file attributes
2018-12-17T22:56:48.611061573Z 67 PC: 12b08 | Get or set file attributes
2018-12-17T22:56:48.933391732Z 61 PC: 12b10 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:56:48.941896281Z 87 PC: 12b17 | Get or set file date and time
2018-12-17T22:56:48.943718948Z 64 PC: 12b23 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T22:56:48.951142737Z 87 PC: 12b2a | Get or set file date and time
2018-12-17T22:56:48.953778973Z 62 PC: 12b2e | Close file
2018-12-17T22:56:48.961714713Z 79 PC: 12b32 | Find next file
2018-12-17T22:56:48.96485129Z 67 PC: 12aff | Get or set file attributes
2018-12-17T22:56:48.97143563Z 67 PC: 12b08 | Get or set file attributes
2018-12-17T22:56:48.983266935Z 61 PC: 12b10 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:56:48.990790991Z 87 PC: 12b17 | Get or set file date and time
2018-12-17T22:56:48.992555859Z 64 PC: 12b23 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T22:56:49.001286133Z 87 PC: 12b2a | Get or set file date and time
2018-12-17T22:56:49.003627967Z 62 PC: 12b2e | Close file
2018-12-17T22:56:49.01210292Z 79 PC: 12b32 | Find next file
2018-12-17T22:56:49.018369713Z 67 PC: 12aff | Get or set file attributes
2018-12-17T22:56:49.025294683Z 67 PC: 12b08 | Get or set file attributes
2018-12-17T22:56:49.036835221Z 61 PC: 12b10 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:56:49.046540789Z 87 PC: 12b17 | Get or set file date and time
2018-12-17T22:56:49.048687004Z 64 PC: 12b23 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T22:56:49.056483111Z 87 PC: 12b2a | Get or set file date and time
2018-12-17T22:56:49.059297934Z 62 PC: 12b2e | Close file
2018-12-17T22:56:49.067773579Z 79 PC: 12b32 | Find next file
2018-12-17T22:56:49.071064416Z 67 PC: 12aff | Get or set file attributes
2018-12-17T22:56:49.078187369Z 67 PC: 12b08 | Get or set file attributes
2018-12-17T22:56:49.092177302Z 61 PC: 12b10 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:56:49.101553099Z 87 PC: 12b17 | Get or set file date and time
2018-12-17T22:56:49.105076033Z 64 PC: 12b23 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T22:56:49.113481727Z 87 PC: 12b2a | Get or set file date and time
2018-12-17T22:56:49.115686913Z 62 PC: 12b2e | Close file
2018-12-17T22:56:49.125443377Z 79 PC: 12b32 | Find next file
2018-12-17T22:56:49.129394796Z 67 PC: 12aff | Get or set file attributes
2018-12-17T22:56:49.137775663Z 67 PC: 12b08 | Get or set file attributes
2018-12-17T22:56:49.152173824Z 61 PC: 12b10 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:56:49.161564599Z 87 PC: 12b17 | Get or set file date and time
2018-12-17T22:56:49.163196377Z 64 PC: 12b23 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T22:56:49.175285747Z 87 PC: 12b2a | Get or set file date and time
2018-12-17T22:56:49.1786699Z 62 PC: 12b2e | Close file
2018-12-17T22:56:49.187243941Z 79 PC: 12b32 | Find next file
2018-12-17T22:56:49.190006254Z 67 PC: 12aff | Get or set file attributes
2018-12-17T22:56:49.196818983Z 67 PC: 12b08 | Get or set file attributes
2018-12-17T22:56:49.207968535Z 61 PC: 12b10 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:56:49.214983875Z 87 PC: 12b17 | Get or set file date and time
2018-12-17T22:56:49.217392454Z 64 PC: 12b23 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T22:56:49.225138177Z 87 PC: 12b2a | Get or set file date and time
2018-12-17T22:56:49.227063056Z 62 PC: 12b2e | Close file
2018-12-17T22:56:49.235450916Z 79 PC: 12b32 | Find next file
2018-12-17T22:56:49.240355507Z 67 PC: 12aff | Get or set file attributes
2018-12-17T22:56:49.24623905Z 67 PC: 12b08 | Get or set file attributes
2018-12-17T22:56:49.253727789Z 61 PC: 12b10 | Open file (Filename = 'PAH.COM')
2018-12-17T22:56:49.259951661Z 87 PC: 12b17 | Get or set file date and time
2018-12-17T22:56:49.2612327Z 64 PC: 12b23 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T22:56:49.268431845Z 87 PC: 12b2a | Get or set file date and time
2018-12-17T22:56:49.271204277Z 62 PC: 12b2e | Close file
2018-12-17T22:56:49.279545991Z 79 PC: 12b32 | Find next file
2018-12-17T22:56:49.282584534Z 67 PC: 12aff | Get or set file attributes
2018-12-17T22:56:49.289496099Z 67 PC: 12b08 | Get or set file attributes
2018-12-17T22:56:49.300090347Z 61 PC: 12b10 | Open file (Filename = 'TEST.COM')
2018-12-17T22:56:49.308022371Z 87 PC: 12b17 | Get or set file date and time
2018-12-17T22:56:49.310221856Z 64 PC: 12b23 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T22:56:49.313843937Z 87 PC: 12b2a | Get or set file date and time
2018-12-17T22:56:49.315718Z 62 PC: 12b2e | Close file
2018-12-17T22:56:49.32465364Z 79 PC: 12b32 | Find next file

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12348,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:30.365110133Z 42 PC: 12a58 | Get date 0x12a58: cmp al, 0
0x12a5a: jne 0x12aba
0x12a5c: mov ax, 0x3301
0x12a5f: xor dl, dl
0x12a61: int 0x21
0x12a63: mov cx, 0x44
0x12a66: nop
0x12a67: mov si, 0x1ff
0x12a6a: mov al, byte ptr [si]
0x12a6c: xor al, 1
0x12a6e: mov byte ptr [si], al
0x12a70: inc si
0x12a71: loop 0x12a6a
0x12a73: cmp byte ptr [0x1f6], 0x1b
0x12a78: ja 0x12a90
0x12a7a: pushf
0x12a7b: mov al, byte ptr [0x1f6]
0x12a7e: mov cx, word ptr [0x1f7]
0x12a82: xor dx, dx
0x12a84: mov bx, 0x1ff
2018-12-25T12:32:30.368532016Z 78 PC: 12af7 | Find first file
2018-12-25T12:32:30.372830377Z 67 PC: 12aff | Get or set file attributes
2018-12-25T12:32:30.376274251Z 67 PC: 12b08 | Get or set file attributes
2018-12-25T12:32:30.388593063Z 61 PC: 12b10 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:32:30.392670016Z 87 PC: 12b17 | Get or set file date and time
2018-12-25T12:32:30.393639371Z 64 PC: 12b23 | Write file or device (Write 423 bytes on handle 5)
2018-12-25T12:32:30.398054523Z 87 PC: 12b2a | Get or set file date and time
2018-12-25T12:32:30.39920172Z 62 PC: 12b2e | Close file
2018-12-25T12:32:30.403878278Z 79 PC: 12b32 | Find next file
2018-12-25T12:32:30.405963778Z 67 PC: 12aff | Get or set file attributes (See above)
2018-12-25T12:32:30.409737989Z 67 PC: 12b08 | Get or set file attributes (See above)
2018-12-25T12:32:30.415724124Z 61 PC: 12b10 | Open file (See above)
2018-12-25T12:32:30.422455998Z 87 PC: 12b17 | Get or set file date and time (See above)
2018-12-25T12:32:30.423996522Z 64 PC: 12b23 | Write file or device (See above)
2018-12-25T12:32:30.428008585Z 87 PC: 12b2a | Get or set file date and time (See above)
2018-12-25T12:32:30.42902964Z 62 PC: 12b2e | Close file (See above)
2018-12-25T12:32:30.433824285Z 79 PC: 12b32 | Find next file (See above)
2018-12-25T12:32:30.43693267Z 67 PC: 12aff | Get or set file attributes (See above)
2018-12-25T12:32:30.44239142Z 67 PC: 12b08 | Get or set file attributes (See above)
2018-12-25T12:32:30.453004086Z 61 PC: 12b10 | Open file (See above)
2018-12-25T12:32:30.459745892Z 87 PC: 12b17 | Get or set file date and time (See above)
2018-12-25T12:32:30.46182213Z 64 PC: 12b23 | Write file or device (See above)
2018-12-25T12:32:30.469170785Z 87 PC: 12b2a | Get or set file date and time (See above)
2018-12-25T12:32:30.470585698Z 62 PC: 12b2e | Close file (See above)
2018-12-25T12:32:30.47754432Z 79 PC: 12b32 | Find next file (See above)
2018-12-25T12:32:30.489037359Z 67 PC: 12aff | Get or set file attributes (See above)
2018-12-25T12:32:30.494492454Z 67 PC: 12b08 | Get or set file attributes (See above)
2018-12-25T12:32:30.503557997Z 61 PC: 12b10 | Open file (See above)
2018-12-25T12:32:30.515291447Z 87 PC: 12b17 | Get or set file date and time (See above)
2018-12-25T12:32:30.516677312Z 64 PC: 12b23 | Write file or device (See above)
2018-12-25T12:32:30.523270431Z 87 PC: 12b2a | Get or set file date and time (See above)
2018-12-25T12:32:30.525859186Z 62 PC: 12b2e | Close file (See above)
2018-12-25T12:32:30.533266335Z 79 PC: 12b32 | Find next file (See above)
2018-12-25T12:32:30.53590313Z 67 PC: 12aff | Get or set file attributes (See above)
2018-12-25T12:32:30.543006335Z 67 PC: 12b08 | Get or set file attributes (See above)
2018-12-25T12:32:30.553029187Z 61 PC: 12b10 | Open file (See above)
2018-12-25T12:32:30.559343951Z 87 PC: 12b17 | Get or set file date and time (See above)
2018-12-25T12:32:30.56116093Z 64 PC: 12b23 | Write file or device (See above)
2018-12-25T12:32:30.567464182Z 87 PC: 12b2a | Get or set file date and time (See above)
2018-12-25T12:32:30.568794773Z 62 PC: 12b2e | Close file (See above)
2018-12-25T12:32:30.576021392Z 79 PC: 12b32 | Find next file (See above)
2018-12-25T12:32:30.578551421Z 67 PC: 12aff | Get or set file attributes (See above)
2018-12-25T12:32:30.583879052Z 67 PC: 12b08 | Get or set file attributes (See above)
2018-12-25T12:32:30.59310568Z 61 PC: 12b10 | Open file (See above)
2018-12-25T12:32:30.599940386Z 87 PC: 12b17 | Get or set file date and time (See above)
2018-12-25T12:32:30.601213524Z 64 PC: 12b23 | Write file or device (See above)
2018-12-25T12:32:30.607453767Z 87 PC: 12b2a | Get or set file date and time (See above)
2018-12-25T12:32:30.609316147Z 62 PC: 12b2e | Close file (See above)
2018-12-25T12:32:30.616350658Z 79 PC: 12b32 | Find next file (See above)
2018-12-25T12:32:30.619968466Z 67 PC: 12aff | Get or set file attributes (See above)
2018-12-25T12:32:30.632972689Z 67 PC: 12b08 | Get or set file attributes (See above)
2018-12-25T12:32:30.645115567Z 61 PC: 12b10 | Open file (See above)
2018-12-25T12:32:30.651436622Z 87 PC: 12b17 | Get or set file date and time (See above)
2018-12-25T12:32:30.653225741Z 64 PC: 12b23 | Write file or device (See above)
2018-12-25T12:32:30.659725216Z 87 PC: 12b2a | Get or set file date and time (See above)
2018-12-25T12:32:30.661116385Z 62 PC: 12b2e | Close file (See above)
2018-12-25T12:32:30.668899508Z 79 PC: 12b32 | Find next file (See above)
2018-12-25T12:32:30.671417831Z 67 PC: 12aff | Get or set file attributes (See above)
2018-12-25T12:32:30.677024388Z 67 PC: 12b08 | Get or set file attributes (See above)
2018-12-25T12:32:30.687353919Z 61 PC: 12b10 | Open file (See above)
2018-12-25T12:32:30.698467271Z 87 PC: 12b17 | Get or set file date and time (See above)
2018-12-25T12:32:30.701248814Z 64 PC: 12b23 | Write file or device (See above)
2018-12-25T12:32:30.708905518Z 87 PC: 12b2a | Get or set file date and time (See above)
2018-12-25T12:32:30.712288154Z 62 PC: 12b2e | Close file (See above)
2018-12-25T12:32:30.719942655Z 79 PC: 12b32 | Find next file (See above)

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12348,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:30.879634351Z 42 PC: 12a58 | Get date 0x12a58: cmp al, 0
0x12a5a: jne 0x12aba
0x12a5c: mov ax, 0x3301
0x12a5f: xor dl, dl
0x12a61: int 0x21
0x12a63: mov cx, 0x44
0x12a66: nop
0x12a67: mov si, 0x1ff
0x12a6a: mov al, byte ptr [si]
0x12a6c: xor al, 1
0x12a6e: mov byte ptr [si], al
0x12a70: inc si
0x12a71: loop 0x12a6a
0x12a73: cmp byte ptr [0x1f6], 0x1b
0x12a78: ja 0x12a90
0x12a7a: pushf
0x12a7b: mov al, byte ptr [0x1f6]
0x12a7e: mov cx, word ptr [0x1f7]
0x12a82: xor dx, dx
0x12a84: mov bx, 0x1ff
2018-12-25T12:32:30.882915451Z 51 PC: 12a63 | Get or set Ctrl-Break