Sample viewer

vx.netlux.org/Virus.DOS.NoSmoking.1575

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:00:36.27492948Z 255 PC: 13242 | UNKNOWN!
2018-12-17T23:00:36.277159039Z 71 PC: 13494 | Get current directory
2018-12-17T23:00:36.280731042Z 26 PC: 133f8 | Set disk transfer address
2018-12-17T23:00:36.282678311Z 78 PC: 13403 | Find first file
2018-12-17T23:00:36.2906336Z 67 PC: 133ac | Get or set file attributes
2018-12-17T23:00:36.29692343Z 67 PC: 133b8 | Get or set file attributes
2018-12-17T23:00:36.486969747Z 61 PC: 133bf | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:00:36.500746235Z 87 PC: 133c9 | Get or set file date and time
2018-12-17T23:00:36.503503827Z 63 PC: 13325 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:36.513147078Z 66 PC: 13330 | Move file pointer
2018-12-17T23:00:36.514816605Z 66 PC: 132f7 | Move file pointer
2018-12-17T23:00:36.526371439Z 64 PC: 13302 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:00:36.529529293Z 44 PC: 1309b | Get time 0x1309b: mov al, dh
0x1309d: inc al
0x1309f: xor ah, ah
0x130a1: pop cx
0x130a2: div cl
0x130a4: xchg al, ah
0x130a6: pop dx
0x130a7: pop cx
0x130a8: ret
0x130a9: pushaw
0x130aa: mov bx, si
0x130ac: add bx, 0x80
0x130b0: call 0x23053
0x130b3: jb 0x1310c
0x130b5: cmp al, 3
0x130b7: jb 0x1310c
0x130b9: xor ah, ah
0x130bb: mov bp, ax
0x130bd: mov ah, 0xdc
0x130bf: int 0x21
2018-12-17T23:00:36.533448587Z 66 PC: 13312 | Move file pointer
2018-12-17T23:00:36.536598066Z 64 PC: 1331a | Write file or device (Write 1576 bytes on handle 5)
2018-12-17T23:00:36.546513308Z 87 PC: 133dd | Get or set file date and time
2018-12-17T23:00:36.548448305Z 62 PC: 133e1 | Close file
2018-12-17T23:00:36.557892291Z 67 PC: 133ea | Get or set file attributes
2018-12-17T23:00:36.570113768Z 79 PC: 13414 | Find next file
2018-12-17T23:00:36.574306656Z 67 PC: 133ac | Get or set file attributes
2018-12-17T23:00:36.579191456Z 67 PC: 133b8 | Get or set file attributes
2018-12-17T23:00:36.589140432Z 61 PC: 133bf | Open file (Filename = 'PRINT.COM')
2018-12-17T23:00:36.597855749Z 87 PC: 133c9 | Get or set file date and time
2018-12-17T23:00:36.600135644Z 63 PC: 13325 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:36.610642768Z 66 PC: 13330 | Move file pointer
2018-12-17T23:00:36.613079456Z 66 PC: 132f7 | Move file pointer
2018-12-17T23:00:36.615274241Z 64 PC: 13302 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:00:36.619385497Z 44 PC: 1309b | Get time 0x1309b: mov al, dh
0x1309d: inc al
0x1309f: xor ah, ah
0x130a1: pop cx
0x130a2: div cl
0x130a4: xchg al, ah
0x130a6: pop dx
0x130a7: pop cx
0x130a8: ret
0x130a9: pushaw
0x130aa: mov bx, si
0x130ac: add bx, 0x80
0x130b0: call 0x23053
0x130b3: jb 0x1310c
0x130b5: cmp al, 3
0x130b7: jb 0x1310c
0x130b9: xor ah, ah
0x130bb: mov bp, ax
0x130bd: mov ah, 0xdc
0x130bf: int 0x21
2018-12-17T23:00:36.633575692Z 66 PC: 13312 | Move file pointer
2018-12-17T23:00:36.635170709Z 64 PC: 1331a | Write file or device (Write 1576 bytes on handle 5)
2018-12-17T23:00:36.650079135Z 87 PC: 133dd | Get or set file date and time
2018-12-17T23:00:36.655282593Z 62 PC: 133e1 | Close file
2018-12-17T23:00:36.979189225Z 67 PC: 133ea | Get or set file attributes
2018-12-17T23:00:37.063812404Z 79 PC: 13414 | Find next file
2018-12-17T23:00:37.067583681Z 67 PC: 133ac | Get or set file attributes
2018-12-17T23:00:37.074759516Z 67 PC: 133b8 | Get or set file attributes
2018-12-17T23:00:37.488586721Z 61 PC: 133bf | Open file (Filename = 'HELLO.COM')
2018-12-17T23:00:37.497103827Z 87 PC: 133c9 | Get or set file date and time
2018-12-17T23:00:37.499153077Z 63 PC: 13325 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:37.506567139Z 66 PC: 13330 | Move file pointer
2018-12-17T23:00:37.509826454Z 66 PC: 132f7 | Move file pointer
2018-12-17T23:00:37.511706747Z 64 PC: 13302 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:00:37.514974789Z 44 PC: 1309b | Get time 0x1309b: mov al, dh
0x1309d: inc al
0x1309f: xor ah, ah
0x130a1: pop cx
0x130a2: div cl
0x130a4: xchg al, ah
0x130a6: pop dx
0x130a7: pop cx
0x130a8: ret
0x130a9: pushaw
0x130aa: mov bx, si
0x130ac: add bx, 0x80
0x130b0: call 0x23053
0x130b3: jb 0x1310c
0x130b5: cmp al, 3
0x130b7: jb 0x1310c
0x130b9: xor ah, ah
0x130bb: mov bp, ax
0x130bd: mov ah, 0xdc
0x130bf: int 0x21
2018-12-17T23:00:37.520041931Z 66 PC: 13312 | Move file pointer
2018-12-17T23:00:37.521999008Z 64 PC: 1331a | Write file or device (Write 1576 bytes on handle 5)
2018-12-17T23:00:37.532198725Z 87 PC: 133dd | Get or set file date and time
2018-12-17T23:00:37.535051335Z 62 PC: 133e1 | Close file
2018-12-17T23:00:37.544093918Z 67 PC: 133ea | Get or set file attributes
2018-12-17T23:00:37.555108255Z 79 PC: 13414 | Find next file
2018-12-17T23:00:37.55961264Z 67 PC: 133ac | Get or set file attributes
2018-12-17T23:00:37.566198476Z 67 PC: 133b8 | Get or set file attributes
2018-12-17T23:00:37.576047724Z 61 PC: 133bf | Open file (Filename = 'PHANG.COM')
2018-12-17T23:00:37.587898814Z 87 PC: 133c9 | Get or set file date and time
2018-12-17T23:00:37.591552049Z 63 PC: 13325 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:37.597665838Z 66 PC: 13330 | Move file pointer
2018-12-17T23:00:37.599030232Z 66 PC: 132f7 | Move file pointer
2018-12-17T23:00:37.600964957Z 64 PC: 13302 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:00:37.604020699Z 44 PC: 1309b | Get time 0x1309b: mov al, dh
0x1309d: inc al
0x1309f: xor ah, ah
0x130a1: pop cx
0x130a2: div cl
0x130a4: xchg al, ah
0x130a6: pop dx
0x130a7: pop cx
0x130a8: ret
0x130a9: pushaw
0x130aa: mov bx, si
0x130ac: add bx, 0x80
0x130b0: call 0x23053
0x130b3: jb 0x1310c
0x130b5: cmp al, 3
0x130b7: jb 0x1310c
0x130b9: xor ah, ah
0x130bb: mov bp, ax
0x130bd: mov ah, 0xdc
0x130bf: int 0x21
2018-12-17T23:00:37.606650992Z 66 PC: 13312 | Move file pointer
2018-12-17T23:00:37.608682069Z 64 PC: 1331a | Write file or device (Write 1576 bytes on handle 5)
2018-12-17T23:00:37.616849226Z 87 PC: 133dd | Get or set file date and time
2018-12-17T23:00:37.618259637Z 62 PC: 133e1 | Close file
2018-12-17T23:00:37.62582358Z 67 PC: 133ea | Get or set file attributes
2018-12-17T23:00:37.63555677Z 79 PC: 13414 | Find next file
2018-12-17T23:00:37.638969484Z 67 PC: 133ac | Get or set file attributes
2018-12-17T23:00:37.646841146Z 67 PC: 133b8 | Get or set file attributes
2018-12-17T23:00:37.658442396Z 61 PC: 133bf | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:00:37.666093514Z 87 PC: 133c9 | Get or set file date and time
2018-12-17T23:00:37.668382786Z 63 PC: 13325 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:00:37.675529696Z 66 PC: 13330 | Move file pointer
2018-12-17T23:00:37.677232225Z 66 PC: 132f7 | Move file pointer
2018-12-17T23:00:37.680174815Z 64 PC: 13302 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:00:37.684025721Z 44 PC: 1309b | Get time 0x1309b: mov al, dh
0x1309d: inc al
0x1309f: xor ah, ah
0x130a1: pop cx
0x130a2: div cl
0x130a4: xchg al, ah
0x130a6: pop dx
0x130a7: pop cx
0x130a8: ret
0x130a9: pushaw
0x130aa: mov bx, si
0x130ac: add bx, 0x80
0x130b0: call 0x23053
0x130b3: jb 0x1310c
0x130b5: cmp al, 3
0x130b7: jb 0x1310c
0x130b9: xor ah, ah
0x130bb: mov bp, ax
0x130bd: mov ah, 0xdc
0x130bf: int 0x21
2018-12-17T23:00:37.688533162Z 66 PC: 13312 | Move file pointer
2018-12-17T23:00:37.690284803Z 64 PC: 1331a | Write file or device (Write 1576 bytes on handle 5)
2018-12-17T23:00:37.701119543Z 87 PC: 133dd | Get or set file date and time
2018-12-17T23:00:37.703319597Z 62 PC: 133e1 | Close file
2018-12-17T23:00:37.712070011Z 67 PC: 133ea | Get or set file attributes
2018-12-17T23:00:37.725810151Z 26 PC: 1341d | Set disk transfer address
2018-12-17T23:00:37.727698098Z 26 PC: 1350b | Set disk transfer address
2018-12-17T23:00:37.729562852Z 59 PC: 13514 | Change current directory
2018-12-17T23:00:37.73546281Z 227 PC: 1306e | UNKNOWN!
2018-12-17T23:00:37.738575248Z 9 PC: 12d3b | Display string (Could not find end pointer)
2018-12-17T23:00:37.786711624Z 9 PC: 12d67 | Display string (String= '      �1������������������                                                            �2�� �!�"�#�')