Sample viewer

vx.netlux.org/Virus.DOS.Vienna.1098

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:00:31.756598946Z	47	PC: 151b3 \| Get disk transfer address
2018-12-17T23:00:31.758479329Z	26	PC: 151c2 \| Set disk transfer address
2018-12-17T23:00:31.760614552Z	78	PC: 15249 \| Find first file
2018-12-17T23:00:31.776184971Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:31.779901044Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:31.783946066Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:31.786976991Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:31.790221768Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:31.808305862Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:31.811543897Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:31.815663568Z	67	PC: 152a5 \| Get or set file attributes
2018-12-17T23:00:31.823574915Z	67	PC: 152b5 \| Get or set file attributes
2018-12-17T23:00:31.940571542Z	61	PC: 152bf \| Open file (Filename = 'TEST.COM')
2018-12-17T23:00:31.948442122Z	87	PC: 152ce \| Get or set file date and time
2018-12-17T23:00:31.951281939Z	44	PC: 152d8 \| Get time 0x152d8: mov cx, 3 0x152db: mov ah, 0x3f 0x152dd: mov dx, 0xa 0x152e0: add dx, si 0x152e2: push dx 0x152e3: int 0x21 0x152e5: pop bp 0x152e6: jb 0x1530c 0x152e8: cmp byte ptr [bp], 0x4d 0x152ec: jne 0x152fa 0x152ee: cmp byte ptr [bp + 1], 0x5a 0x152f2: je 0x1530c 0x152f4: jmp 0x152fa 0x152f6: jmp 0x15348 0x152f8: jmp 0x15346 0x152fa: cmp ax, 3 0x152fd: jne 0x1534a 0x152ff: xor cx, cx 0x15301: mov ax, 0x4202 0x15304: xor dx, dx
2018-12-17T23:00:31.954501428Z	63	PC: 152e5 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:31.957958515Z	66	PC: 15308 \| Move file pointer
2018-12-17T23:00:31.961126899Z	64	PC: 15361 \| Write file or device (Write 1098 bytes on handle 5)
2018-12-17T23:00:31.972543121Z	66	PC: 15371 \| Move file pointer
2018-12-17T23:00:31.974714973Z	64	PC: 1537f \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:00:31.978427279Z	87	PC: 15390 \| Get or set file date and time
2018-12-17T23:00:31.98182802Z	62	PC: 15394 \| Close file
2018-12-17T23:00:31.995248539Z	67	PC: 153a1 \| Get or set file attributes
2018-12-17T23:00:32.024307456Z	26	PC: 153ab \| Set disk transfer address
2018-12-17T23:00:32.026498113Z	47	PC: 151b3 \| Get disk transfer address
2018-12-17T23:00:32.027857507Z	26	PC: 151c2 \| Set disk transfer address
2018-12-17T23:00:32.02928522Z	78	PC: 15249 \| Find first file
2018-12-17T23:00:32.039476731Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.045483369Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.048570029Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.063633185Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.067844719Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.071458721Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.075407321Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.078233642Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.081816355Z	78	PC: 15249 \| Find first file
2018-12-17T23:00:32.108938532Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.113108528Z	67	PC: 152a5 \| Get or set file attributes
2018-12-17T23:00:32.134480048Z	67	PC: 152b5 \| Get or set file attributes
2018-12-17T23:00:32.542084827Z	61	PC: 152bf \| Open file (Filename = 'C:\DOS\FORMAT.COM')
2018-12-17T23:00:32.55070238Z	87	PC: 152ce \| Get or set file date and time
2018-12-17T23:00:32.552758524Z	44	PC: 152d8 \| Get time 0x152d8: mov cx, 3 0x152db: mov ah, 0x3f 0x152dd: mov dx, 0xa 0x152e0: add dx, si 0x152e2: push dx 0x152e3: int 0x21 0x152e5: pop bp 0x152e6: jb 0x1530c 0x152e8: cmp byte ptr [bp], 0x4d 0x152ec: jne 0x152fa 0x152ee: cmp byte ptr [bp + 1], 0x5a 0x152f2: je 0x1530c 0x152f4: jmp 0x152fa 0x152f6: jmp 0x15348 0x152f8: jmp 0x15346 0x152fa: cmp ax, 3 0x152fd: jne 0x1534a 0x152ff: xor cx, cx 0x15301: mov ax, 0x4202 0x15304: xor dx, dx
2018-12-17T23:00:32.556824905Z	63	PC: 152e5 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:32.563689114Z	66	PC: 15308 \| Move file pointer
2018-12-17T23:00:32.566052155Z	64	PC: 15361 \| Write file or device (Write 1098 bytes on handle 5)
2018-12-17T23:00:32.575132388Z	66	PC: 15371 \| Move file pointer
2018-12-17T23:00:32.578168053Z	64	PC: 1537f \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:00:32.582592577Z	87	PC: 15390 \| Get or set file date and time
2018-12-17T23:00:32.584814884Z	62	PC: 15394 \| Close file
2018-12-17T23:00:32.593694349Z	67	PC: 153a1 \| Get or set file attributes
2018-12-17T23:00:32.605110823Z	26	PC: 153ab \| Set disk transfer address
2018-12-17T23:00:32.606991788Z	47	PC: 151b3 \| Get disk transfer address
2018-12-17T23:00:32.609672766Z	26	PC: 151c2 \| Set disk transfer address
2018-12-17T23:00:32.611924116Z	78	PC: 15249 \| Find first file
2018-12-17T23:00:32.619054996Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.623439305Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.626993013Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.630387753Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.633815994Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.638208229Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.641627194Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.644953313Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.649508975Z	78	PC: 15249 \| Find first file
2018-12-17T23:00:32.65780305Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.661763894Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.666517497Z	67	PC: 152a5 \| Get or set file attributes
2018-12-17T23:00:32.673911661Z	67	PC: 152b5 \| Get or set file attributes
2018-12-17T23:00:32.684698472Z	61	PC: 152bf \| Open file (Filename = 'C:\DOS\KEYB.COM')
2018-12-17T23:00:32.693309192Z	87	PC: 152ce \| Get or set file date and time
2018-12-17T23:00:32.695513765Z	44	PC: 152d8 \| Get time 0x152d8: mov cx, 3 0x152db: mov ah, 0x3f 0x152dd: mov dx, 0xa 0x152e0: add dx, si 0x152e2: push dx 0x152e3: int 0x21 0x152e5: pop bp 0x152e6: jb 0x1530c 0x152e8: cmp byte ptr [bp], 0x4d 0x152ec: jne 0x152fa 0x152ee: cmp byte ptr [bp + 1], 0x5a 0x152f2: je 0x1530c 0x152f4: jmp 0x152fa 0x152f6: jmp 0x15348 0x152f8: jmp 0x15346 0x152fa: cmp ax, 3 0x152fd: jne 0x1534a 0x152ff: xor cx, cx 0x15301: mov ax, 0x4202 0x15304: xor dx, dx
2018-12-17T23:00:32.698236953Z	63	PC: 152e5 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:32.704572318Z	66	PC: 15308 \| Move file pointer
2018-12-17T23:00:32.707728429Z	64	PC: 15361 \| Write file or device (Write 1098 bytes on handle 5)
2018-12-17T23:00:32.718179538Z	66	PC: 15371 \| Move file pointer
2018-12-17T23:00:32.720003135Z	64	PC: 1537f \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:00:32.725207865Z	87	PC: 15390 \| Get or set file date and time
2018-12-17T23:00:32.727178969Z	62	PC: 15394 \| Close file
2018-12-17T23:00:32.735112528Z	67	PC: 153a1 \| Get or set file attributes
2018-12-17T23:00:32.746657142Z	26	PC: 153ab \| Set disk transfer address
2018-12-17T23:00:32.74856122Z	47	PC: 151b3 \| Get disk transfer address
2018-12-17T23:00:32.750138444Z	26	PC: 151c2 \| Set disk transfer address
2018-12-17T23:00:32.752512496Z	78	PC: 15249 \| Find first file
2018-12-17T23:00:32.759631573Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.762686544Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.765775559Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.770261569Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.773346035Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.776410253Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.780474761Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.783510135Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.786432968Z	78	PC: 15249 \| Find first file
2018-12-17T23:00:32.795130913Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.802847523Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.806598552Z	79	PC: 15254 \| Find next file
2018-12-17T23:00:32.814364445Z	67	PC: 152a5 \| Get or set file attributes
2018-12-17T23:00:32.821638225Z	67	PC: 152b5 \| Get or set file attributes
2018-12-17T23:00:32.832402211Z	61	PC: 152bf \| Open file (Filename = 'C:\DOS\SYS.COM')
2018-12-17T23:00:32.840189345Z	87	PC: 152ce \| Get or set file date and time
2018-12-17T23:00:32.843063526Z	44	PC: 152d8 \| Get time 0x152d8: mov cx, 3 0x152db: mov ah, 0x3f 0x152dd: mov dx, 0xa 0x152e0: add dx, si 0x152e2: push dx 0x152e3: int 0x21 0x152e5: pop bp 0x152e6: jb 0x1530c 0x152e8: cmp byte ptr [bp], 0x4d 0x152ec: jne 0x152fa 0x152ee: cmp byte ptr [bp + 1], 0x5a 0x152f2: je 0x1530c 0x152f4: jmp 0x152fa 0x152f6: jmp 0x15348 0x152f8: jmp 0x15346 0x152fa: cmp ax, 3 0x152fd: jne 0x1534a 0x152ff: xor cx, cx 0x15301: mov ax, 0x4202 0x15304: xor dx, dx
2018-12-17T23:00:32.846487861Z	63	PC: 152e5 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:32.853030235Z	66	PC: 15308 \| Move file pointer
2018-12-17T23:00:32.856514142Z	64	PC: 15361 \| Write file or device (Write 1098 bytes on handle 5)
2018-12-17T23:00:32.866473908Z	66	PC: 15371 \| Move file pointer
2018-12-17T23:00:32.868429874Z	64	PC: 1537f \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:00:32.872841945Z	87	PC: 15390 \| Get or set file date and time
2018-12-17T23:00:32.87528767Z	62	PC: 15394 \| Close file
2018-12-17T23:00:32.88407302Z	67	PC: 153a1 \| Get or set file attributes
2018-12-17T23:00:32.89593466Z	26	PC: 153ab \| Set disk transfer address
2018-12-17T23:00:32.89770682Z	253	PC: 15452 \| UNKNOWN!
2018-12-17T23:00:32.899064932Z	9	PC: 12a51 \| Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-17T23:00:32.902045523Z	76	PC: 12a56 \| Terminate with return code (Return code = '0')