Sample viewer

vx.netlux.org/Virus.DOS.VCL.Zeta.2536

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:58:31.253349647Z	47	PC: 12a6b \| Get disk transfer address
2018-12-17T22:58:31.25515468Z	26	PC: 12a73 \| Set disk transfer address
2018-12-17T22:58:31.259947559Z	71	PC: 12ad9 \| Get current directory
2018-12-17T22:58:31.263908404Z	59	PC: 12ae1 \| Change current directory
2018-12-17T22:58:31.269029199Z	47	PC: 12af6 \| Get disk transfer address
2018-12-17T22:58:31.274924851Z	26	PC: 12b04 \| Set disk transfer address
2018-12-17T22:58:31.276596883Z	78	PC: 12b0f \| Find first file
2018-12-17T22:58:31.283472246Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.287124761Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.289830657Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.292791793Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.296483642Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.299844399Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.302855829Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.305683083Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.308850306Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.311397504Z	47	PC: 12b5b \| Get disk transfer address
2018-12-17T22:58:31.312845786Z	26	PC: 12b6a \| Set disk transfer address
2018-12-17T22:58:31.315046833Z	78	PC: 12b72 \| Find first file
2018-12-17T22:58:31.320342016Z	47	PC: 12b8a \| Get disk transfer address
2018-12-17T22:58:31.32171646Z	61	PC: 12ba3 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:58:31.327832976Z	63	PC: 12baf \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:58:31.333171961Z	66	PC: 12bb7 \| Move file pointer
2018-12-17T22:58:31.334499136Z	62	PC: 12bbc \| Close file
2018-12-17T22:58:31.338353951Z	67	PC: 12bdc \| Get or set file attributes
2018-12-17T22:58:31.353355338Z	61	PC: 12be1 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:58:31.358611186Z	64	PC: 12bed \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:58:31.361662372Z	66	PC: 12bf5 \| Move file pointer
2018-12-17T22:58:31.363787516Z	64	PC: 13442 \| Write file or device (Write 2536 bytes on handle 5)
2018-12-17T22:58:31.37127023Z	87	PC: 12c05 \| Get or set file date and time
2018-12-17T22:58:31.373502907Z	62	PC: 12c09 \| Close file
2018-12-17T22:58:31.379756501Z	67	PC: 12c16 \| Get or set file attributes
2018-12-17T22:58:31.387567582Z	26	PC: 12b84 \| Set disk transfer address
2018-12-17T22:58:31.388910056Z	26	PC: 12b47 \| Set disk transfer address
2018-12-17T22:58:31.390300359Z	59	PC: 12aeb \| Change current directory
2018-12-17T22:58:31.391858868Z	71	PC: 12ad9 \| Get current directory
2018-12-17T22:58:31.400317046Z	59	PC: 12ae1 \| Change current directory
2018-12-17T22:58:31.405549211Z	47	PC: 12af6 \| Get disk transfer address
2018-12-17T22:58:31.406860426Z	26	PC: 12b04 \| Set disk transfer address
2018-12-17T22:58:31.408098503Z	78	PC: 12b0f \| Find first file
2018-12-17T22:58:31.418869908Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.421824762Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.424693625Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.428554652Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.431453259Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.434602579Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.438818483Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.441849771Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.444960879Z	79	PC: 12b37 \| Find next file
2018-12-17T22:58:31.449718721Z	47	PC: 12b5b \| Get disk transfer address
2018-12-17T22:58:31.451203532Z	26	PC: 12b6a \| Set disk transfer address
2018-12-17T22:58:31.452469021Z	78	PC: 12b72 \| Find first file
2018-12-17T22:58:31.458846087Z	47	PC: 12b8a \| Get disk transfer address
2018-12-17T22:58:31.461303075Z	61	PC: 12ba3 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:58:31.468596383Z	63	PC: 12baf \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:58:31.476143639Z	66	PC: 12bb7 \| Move file pointer
2018-12-17T22:58:31.478866618Z	62	PC: 12bbc \| Close file
2018-12-17T22:58:31.481189604Z	79	PC: 12b72 \| Find next file
2018-12-17T22:58:31.484434954Z	47	PC: 12b8a \| Get disk transfer address
2018-12-17T22:58:31.486803906Z	61	PC: 12ba3 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:58:31.494312109Z	63	PC: 12baf \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:58:31.501353744Z	66	PC: 12bb7 \| Move file pointer
2018-12-17T22:58:31.503584477Z	62	PC: 12bbc \| Close file
2018-12-17T22:58:31.505936007Z	67	PC: 12bdc \| Get or set file attributes
2018-12-17T22:58:31.516943436Z	61	PC: 12be1 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:58:31.524539864Z	64	PC: 12bed \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:58:31.528742334Z	66	PC: 12bf5 \| Move file pointer
2018-12-17T22:58:31.53151783Z	64	PC: 13442 \| Write file or device (Write 2536 bytes on handle 5)
2018-12-17T22:58:31.541601383Z	87	PC: 12c05 \| Get or set file date and time
2018-12-17T22:58:31.545474954Z	62	PC: 12c09 \| Close file
2018-12-17T22:58:31.55444807Z	67	PC: 12c16 \| Get or set file attributes
2018-12-17T22:58:31.565479304Z	26	PC: 12b84 \| Set disk transfer address
2018-12-17T22:58:31.568049224Z	26	PC: 12b47 \| Set disk transfer address
2018-12-17T22:58:31.570691471Z	59	PC: 12aeb \| Change current directory
2018-12-17T22:58:31.57243099Z	44	PC: 12c30 \| Get time 0x12c30: mov al, ch 0x12c32: cwde 0x12c33: ret 0x12c34: mov ah, 0x2c 0x12c36: int 0x21 0x12c38: mov al, cl 0x12c3a: cwde 0x12c3b: ret 0x12c3c: mov al, byte ptr [di + 0x2d9] 0x12c40: cwde 0x12c41: ret 0x12c42: and byte ptr [bx + si], ah 0x12c44: and byte ptr [bx + si], ah 0x12c46: and byte ptr [bx + si], ah 0x12c48: and byte ptr [bx + si], ah 0x12c4a: and byte ptr [bx + si], ah 0x12c4c: and byte ptr [bx + si], ah 0x12c4e: and byte ptr [bx + si], ah 0x12c50: and byte ptr [bx + si], ah 0x12c52: and byte ptr [bx + si], ah
2018-12-17T22:58:31.57512312Z	26	PC: 12ab9 \| Set disk transfer address
2018-12-17T22:58:31.576333105Z	76	PC: 12a46 \| Terminate with return code (Return code = '0')