Sample viewer

vx.netlux.org/Virus.DOS.Vienna.656.a

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:01:44.496090219Z	47	PC: 12e4c \| Get disk transfer address
2018-12-17T22:01:44.498006309Z	26	PC: 12e5c \| Set disk transfer address
2018-12-17T22:01:44.499776757Z	78	PC: 12edd \| Find first file
2018-12-17T22:01:44.506547587Z	67	PC: 12f17 \| Get or set file attributes
2018-12-17T22:01:44.512338751Z	67	PC: 12f28 \| Get or set file attributes
2018-12-17T22:01:44.530730004Z	61	PC: 12f32 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:01:44.541731268Z	87	PC: 12f3e \| Get or set file date and time
2018-12-17T22:01:44.542950154Z	63	PC: 12f50 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:01:44.54982344Z	66	PC: 12f62 \| Move file pointer
2018-12-17T22:01:44.551277563Z	64	PC: 12f85 \| Write file or device (Write 656 bytes on handle 5)
2018-12-17T22:01:44.5595954Z	66	PC: 12f97 \| Move file pointer
2018-12-17T22:01:44.561551568Z	64	PC: 12fa5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:01:44.56802596Z	87	PC: 12fb8 \| Get or set file date and time
2018-12-17T22:01:44.56962305Z	62	PC: 12fbc \| Close file
2018-12-17T22:01:44.578192596Z	67	PC: 12fc9 \| Get or set file attributes
2018-12-17T22:01:44.588102994Z	26	PC: 12fd4 \| Set disk transfer address
2018-12-17T22:01:44.58951935Z	42	PC: 12fda \| Get date 0x12fda: cmp dh, 2 0x12fdd: jb 0x1300d 0x12fdf: cmp dl, 0xe 0x12fe2: je 0x12fe9 0x12fe4: cmp dh, 4 0x12fe7: jb 0x1300d 0x12fe9: mov al, 2 0x12feb: mov cx, 0x50 0x12fee: mov dx, 1 0x12ff1: int 0x26 0x12ff3: jb 0x1300d 0x12ff5: nop 0x12ff6: nop 0x12ff7: int 0x21 0x12ff9: mov dh, dl 0x12ffb: mov dl, ah 0x12ffd: mov dx, 0x192e 0x13000: jne 0x12ff5 0x13002: ret 0x13003: add byte ptr [bx + si], al
2018-12-17T22:01:44.593381208Z	9	PC: 12e26 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1308,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:43:22.790443978Z	47	PC: 12e4c \| Get disk transfer address
2018-12-25T11:43:22.791963765Z	26	PC: 12e5c \| Set disk transfer address
2018-12-25T11:43:22.793139239Z	78	PC: 12edd \| Find first file
2018-12-25T11:43:22.799550906Z	67	PC: 12f17 \| Get or set file attributes
2018-12-25T11:43:22.806006711Z	67	PC: 12f28 \| Get or set file attributes
2018-12-25T11:43:23.330884645Z	61	PC: 12f32 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:43:23.339146692Z	87	PC: 12f3e \| Get or set file date and time
2018-12-25T11:43:23.340725823Z	63	PC: 12f50 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:43:23.348286706Z	66	PC: 12f62 \| Move file pointer
2018-12-25T11:43:23.349347497Z	64	PC: 12f85 \| Write file or device (Write 656 bytes on handle 5)
2018-12-25T11:43:23.355716788Z	66	PC: 12f97 \| Move file pointer
2018-12-25T11:43:23.358130737Z	64	PC: 12fa5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:43:23.362471985Z	87	PC: 12fb8 \| Get or set file date and time
2018-12-25T11:43:23.363579837Z	62	PC: 12fbc \| Close file
2018-12-25T11:43:23.370318317Z	67	PC: 12fc9 \| Get or set file attributes
2018-12-25T11:43:23.379923676Z	26	PC: 12fd4 \| Set disk transfer address
2018-12-25T11:43:23.38096505Z	42	PC: 12fda \| Get date 0x12fda: cmp dh, 2 0x12fdd: jb 0x1300d 0x12fdf: cmp dl, 0xe 0x12fe2: je 0x12fe9 0x12fe4: cmp dh, 4 0x12fe7: jb 0x1300d 0x12fe9: mov al, 2 0x12feb: mov cx, 0x50 0x12fee: mov dx, 1 0x12ff1: int 0x26 0x12ff3: jb 0x1300d 0x12ff5: nop 0x12ff6: nop 0x12ff7: int 0x21 0x12ff9: mov dh, dl 0x12ffb: mov dl, ah 0x12ffd: mov dx, 0x192e 0x13000: jne 0x12ff5 0x13002: ret 0x13003: add byte ptr [bx + si], al
2018-12-25T11:43:23.383306851Z	9	PC: 12e26 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":2,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1308,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:43:23.31136802Z	47	PC: 12e4c \| Get disk transfer address
2018-12-25T11:43:23.313566789Z	26	PC: 12e5c \| Set disk transfer address
2018-12-25T11:43:23.314684643Z	78	PC: 12edd \| Find first file
2018-12-25T11:43:23.320651305Z	67	PC: 12f17 \| Get or set file attributes
2018-12-25T11:43:23.327319858Z	67	PC: 12f28 \| Get or set file attributes
2018-12-25T11:43:23.34401479Z	61	PC: 12f32 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:43:23.350331501Z	87	PC: 12f3e \| Get or set file date and time
2018-12-25T11:43:23.351954263Z	63	PC: 12f50 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:43:23.358180034Z	66	PC: 12f62 \| Move file pointer
2018-12-25T11:43:23.359502547Z	64	PC: 12f85 \| Write file or device (Write 656 bytes on handle 5)
2018-12-25T11:43:23.368080464Z	66	PC: 12f97 \| Move file pointer
2018-12-25T11:43:23.370603944Z	64	PC: 12fa5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:43:23.377024299Z	87	PC: 12fb8 \| Get or set file date and time
2018-12-25T11:43:23.379808521Z	62	PC: 12fbc \| Close file
2018-12-25T11:43:23.389225548Z	67	PC: 12fc9 \| Get or set file attributes
2018-12-25T11:43:23.398866864Z	26	PC: 12fd4 \| Set disk transfer address
2018-12-25T11:43:23.399891929Z	42	PC: 12fda \| Get date 0x12fda: cmp dh, 2 0x12fdd: jb 0x1300d 0x12fdf: cmp dl, 0xe 0x12fe2: je 0x12fe9 0x12fe4: cmp dh, 4 0x12fe7: jb 0x1300d 0x12fe9: mov al, 2 0x12feb: mov cx, 0x50 0x12fee: mov dx, 1 0x12ff1: int 0x26 0x12ff3: jb 0x1300d 0x12ff5: nop 0x12ff6: nop 0x12ff7: int 0x21 0x12ff9: mov dh, dl 0x12ffb: mov dl, ah 0x12ffd: mov dx, 0x192e 0x13000: jne 0x12ff5 0x13002: ret 0x13003: add byte ptr [bx + si], al
2018-12-25T11:43:23.40299769Z	9	PC: 12e26 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":14,"Month":2,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1308,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:43:23.628625235Z	47	PC: 12e4c \| Get disk transfer address
2018-12-25T11:43:23.630582678Z	26	PC: 12e5c \| Set disk transfer address
2018-12-25T11:43:23.632735122Z	78	PC: 12edd \| Find first file
2018-12-25T11:43:23.638808544Z	67	PC: 12f17 \| Get or set file attributes
2018-12-25T11:43:23.649755341Z	67	PC: 12f28 \| Get or set file attributes
2018-12-25T11:43:23.683831095Z	61	PC: 12f32 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:43:23.690206819Z	87	PC: 12f3e \| Get or set file date and time
2018-12-25T11:43:23.692128751Z	63	PC: 12f50 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:43:23.698957191Z	66	PC: 12f62 \| Move file pointer
2018-12-25T11:43:23.700470293Z	64	PC: 12f85 \| Write file or device (Write 656 bytes on handle 5)
2018-12-25T11:43:23.709539537Z	66	PC: 12f97 \| Move file pointer
2018-12-25T11:43:23.711286582Z	64	PC: 12fa5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:43:23.717979865Z	87	PC: 12fb8 \| Get or set file date and time
2018-12-25T11:43:23.721128887Z	62	PC: 12fbc \| Close file
2018-12-25T11:43:23.729467582Z	67	PC: 12fc9 \| Get or set file attributes
2018-12-25T11:43:23.739173306Z	26	PC: 12fd4 \| Set disk transfer address
2018-12-25T11:43:23.740387847Z	42	PC: 12fda \| Get date 0x12fda: cmp dh, 2 0x12fdd: jb 0x1300d 0x12fdf: cmp dl, 0xe 0x12fe2: je 0x12fe9 0x12fe4: cmp dh, 4 0x12fe7: jb 0x1300d 0x12fe9: mov al, 2 0x12feb: mov cx, 0x50 0x12fee: mov dx, 1 0x12ff1: int 0x26 0x12ff3: jb 0x1300d 0x12ff5: nop 0x12ff6: nop 0x12ff7: int 0x21 0x12ff9: mov dh, dl 0x12ffb: mov dl, ah 0x12ffd: mov dx, 0x192e 0x13000: jne 0x12ff5 0x13002: ret 0x13003: add byte ptr [bx + si], al
2018-12-25T11:43:23.751963249Z	9	PC: 12e26 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1308,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:43:23.820766923Z	47	PC: 12e4c \| Get disk transfer address
2018-12-25T11:43:23.82274716Z	26	PC: 12e5c \| Set disk transfer address
2018-12-25T11:43:23.823804727Z	78	PC: 12edd \| Find first file
2018-12-25T11:43:23.827634927Z	67	PC: 12f17 \| Get or set file attributes
2018-12-25T11:43:23.831392985Z	67	PC: 12f28 \| Get or set file attributes
2018-12-25T11:43:23.846173469Z	61	PC: 12f32 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:43:23.852549435Z	87	PC: 12f3e \| Get or set file date and time
2018-12-25T11:43:23.854103899Z	63	PC: 12f50 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:43:23.860721882Z	66	PC: 12f62 \| Move file pointer
2018-12-25T11:43:23.861907204Z	64	PC: 12f85 \| Write file or device (Write 656 bytes on handle 5)
2018-12-25T11:43:23.870244412Z	66	PC: 12f97 \| Move file pointer
2018-12-25T11:43:23.872336942Z	64	PC: 12fa5 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:43:23.878863882Z	87	PC: 12fb8 \| Get or set file date and time
2018-12-25T11:43:23.880513775Z	62	PC: 12fbc \| Close file
2018-12-25T11:43:23.888637436Z	67	PC: 12fc9 \| Get or set file attributes
2018-12-25T11:43:23.898298694Z	26	PC: 12fd4 \| Set disk transfer address
2018-12-25T11:43:23.899548555Z	42	PC: 12fda \| Get date 0x12fda: cmp dh, 2 0x12fdd: jb 0x1300d 0x12fdf: cmp dl, 0xe 0x12fe2: je 0x12fe9 0x12fe4: cmp dh, 4 0x12fe7: jb 0x1300d 0x12fe9: mov al, 2 0x12feb: mov cx, 0x50 0x12fee: mov dx, 1 0x12ff1: int 0x26 0x12ff3: jb 0x1300d 0x12ff5: nop 0x12ff6: nop 0x12ff7: int 0x21 0x12ff9: mov dh, dl 0x12ffb: mov dl, ah 0x12ffd: mov dx, 0x192e 0x13000: jne 0x12ff5 0x13002: ret 0x13003: add byte ptr [bx + si], al
2018-12-25T11:43:23.904427928Z	9	PC: 12e26 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')