Sample viewer

vx.netlux.org/Virus.DOS.Vampiro.1000.d

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:01:36.83070964Z	250	PC: 12a54 \| UNKNOWN!
2018-12-17T23:01:36.831779291Z	42	PC: 12a58 \| Get date 0x12a58: cmp dh, 6 0x12a5b: jb 0x12a69 0x12a5d: mov ah, 0x2c 0x12a5f: int 0x21 0x12a61: cmp ch, 0x16 0x12a64: jb 0x12a69 0x12a66: jmp 0x12c56 0x12a69: cld 0x12a6a: mov cx, 7 0x12a6d: lea si, word ptr [bp + 0x322] 0x12a71: lea di, word ptr [bp + 0x329] 0x12a75: rep movsb byte ptr es:[di], byte ptr [si] 0x12a77: mov cx, 0x2b 0x12a7a: lea di, word ptr [bp + 0x35b] 0x12a7e: mov si, 0x80 0x12a81: rep movsb byte ptr es:[di], byte ptr [si] 0x12a83: mov ah, 0x47 0x12a85: mov dl, 0 0x12a87: lea si, word ptr [bp + 0x38f] 0x12a8b: int 0x21
2018-12-17T23:01:36.835507075Z	44	PC: 12a61 \| Get time 0x12a61: cmp ch, 0x16 0x12a64: jb 0x12a69 0x12a66: jmp 0x12c56 0x12a69: cld 0x12a6a: mov cx, 7 0x12a6d: lea si, word ptr [bp + 0x322] 0x12a71: lea di, word ptr [bp + 0x329] 0x12a75: rep movsb byte ptr es:[di], byte ptr [si] 0x12a77: mov cx, 0x2b 0x12a7a: lea di, word ptr [bp + 0x35b] 0x12a7e: mov si, 0x80 0x12a81: rep movsb byte ptr es:[di], byte ptr [si] 0x12a83: mov ah, 0x47 0x12a85: mov dl, 0 0x12a87: lea si, word ptr [bp + 0x38f] 0x12a8b: int 0x21 0x12a8d: mov ah, 0x4e 0x12a8f: lea dx, word ptr [bp + 0x436] 0x12a93: mov cx, 0x10 0x12a96: int 0x21
2018-12-17T23:01:36.838468256Z	71	PC: 12a8d \| Get current directory
2018-12-17T23:01:36.842683542Z	78	PC: 12a98 \| Find first file
2018-12-17T23:01:36.849725879Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.852671031Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.855459091Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.8591916Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.862005948Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.865192282Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.868116761Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.872892616Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.875998749Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.87894577Z	59	PC: 12af3 \| Change current directory
2018-12-17T23:01:36.884335202Z	59	PC: 12c39 \| Change current directory
2018-12-17T23:01:36.888793405Z	250	PC: 12a54 \| UNKNOWN!
2018-12-17T23:01:36.889392174Z	42	PC: 12a58 \| Get date 0x12a58: cmp dh, 6 0x12a5b: jb 0x12a69 0x12a5d: mov ah, 0x2c 0x12a5f: int 0x21 0x12a61: cmp ch, 0x16 0x12a64: jb 0x12a69 0x12a66: jmp 0x12c56 0x12a69: cld 0x12a6a: mov cx, 7 0x12a6d: lea si, word ptr [bp + 0x322] 0x12a71: lea di, word ptr [bp + 0x329] 0x12a75: rep movsb byte ptr es:[di], byte ptr [si] 0x12a77: mov cx, 0x2b 0x12a7a: lea di, word ptr [bp + 0x35b] 0x12a7e: mov si, 0x80 0x12a81: rep movsb byte ptr es:[di], byte ptr [si] 0x12a83: mov ah, 0x47 0x12a85: mov dl, 0 0x12a87: lea si, word ptr [bp + 0x38f] 0x12a8b: int 0x21
2018-12-17T23:01:36.89209032Z	44	PC: 12a61 \| Get time 0x12a61: cmp ch, 0x16 0x12a64: jb 0x12a69 0x12a66: jmp 0x12c56 0x12a69: cld 0x12a6a: mov cx, 7 0x12a6d: lea si, word ptr [bp + 0x322] 0x12a71: lea di, word ptr [bp + 0x329] 0x12a75: rep movsb byte ptr es:[di], byte ptr [si] 0x12a77: mov cx, 0x2b 0x12a7a: lea di, word ptr [bp + 0x35b] 0x12a7e: mov si, 0x80 0x12a81: rep movsb byte ptr es:[di], byte ptr [si] 0x12a83: mov ah, 0x47 0x12a85: mov dl, 0 0x12a87: lea si, word ptr [bp + 0x38f] 0x12a8b: int 0x21 0x12a8d: mov ah, 0x4e 0x12a8f: lea dx, word ptr [bp + 0x436] 0x12a93: mov cx, 0x10 0x12a96: int 0x21
2018-12-17T23:01:36.894371575Z	71	PC: 12a8d \| Get current directory
2018-12-17T23:01:36.898068538Z	78	PC: 12a98 \| Find first file
2018-12-17T23:01:36.90842672Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.912078914Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.914912443Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.918436915Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.921952804Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.926213219Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.929537244Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.932456351Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.935666837Z	79	PC: 12b09 \| Find next file
2018-12-17T23:01:36.93906072Z	59	PC: 12af3 \| Change current directory
2018-12-17T23:01:36.943679691Z	59	PC: 12c39 \| Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":13938,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:29.782198182Z	250	PC: 12a54 \| UNKNOWN!
2018-12-25T12:39:29.783371729Z	42	PC: 12a58 \| Get date 0x12a58: cmp dh, 6 0x12a5b: jb 0x12a69 0x12a5d: mov ah, 0x2c 0x12a5f: int 0x21 0x12a61: cmp ch, 0x16 0x12a64: jb 0x12a69 0x12a66: jmp 0x12c56 0x12a69: cld 0x12a6a: mov cx, 7 0x12a6d: lea si, word ptr [bp + 0x322] 0x12a71: lea di, word ptr [bp + 0x329] 0x12a75: rep movsb byte ptr es:[di], byte ptr [si] 0x12a77: mov cx, 0x2b 0x12a7a: lea di, word ptr [bp + 0x35b] 0x12a7e: mov si, 0x80 0x12a81: rep movsb byte ptr es:[di], byte ptr [si] 0x12a83: mov ah, 0x47 0x12a85: mov dl, 0 0x12a87: lea si, word ptr [bp + 0x38f] 0x12a8b: int 0x21
2018-12-25T12:39:29.786526932Z	71	PC: 12a8d \| Get current directory
2018-12-25T12:39:29.789842041Z	78	PC: 12a98 \| Find first file
2018-12-25T12:39:29.796442856Z	79	PC: 12b09 \| Find next file
2018-12-25T12:39:29.800554134Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.803623307Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.806913221Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.811353926Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.814582059Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.817818533Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.821648167Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.824501042Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.827036799Z	59	PC: 12af3 \| Change current directory
2018-12-25T12:39:29.832085359Z	59	PC: 12c39 \| Change current directory
2018-12-25T12:39:29.837532092Z	250	PC: 12a54 \| UNKNOWN! (See above)
2018-12-25T12:39:29.83845438Z	42	PC: 12a58 \| Get date (See above)
2018-12-25T12:39:29.841349587Z	71	PC: 12a8d \| Get current directory (See above)
2018-12-25T12:39:29.84688284Z	78	PC: 12a98 \| Find first file (See above)
2018-12-25T12:39:29.85367962Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.856368909Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.859923835Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.862735771Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.865530076Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.868825059Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.871490284Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.874228016Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.879214416Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.881854133Z	59	PC: 12af3 \| Change current directory (See above)
2018-12-25T12:39:29.886438716Z	59	PC: 12c39 \| Change current directory (See above)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":13938,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:29.880329293Z	250	PC: 12a54 \| UNKNOWN!
2018-12-25T12:39:29.882524791Z	42	PC: 12a58 \| Get date 0x12a58: cmp dh, 6 0x12a5b: jb 0x12a69 0x12a5d: mov ah, 0x2c 0x12a5f: int 0x21 0x12a61: cmp ch, 0x16 0x12a64: jb 0x12a69 0x12a66: jmp 0x12c56 0x12a69: cld 0x12a6a: mov cx, 7 0x12a6d: lea si, word ptr [bp + 0x322] 0x12a71: lea di, word ptr [bp + 0x329] 0x12a75: rep movsb byte ptr es:[di], byte ptr [si] 0x12a77: mov cx, 0x2b 0x12a7a: lea di, word ptr [bp + 0x35b] 0x12a7e: mov si, 0x80 0x12a81: rep movsb byte ptr es:[di], byte ptr [si] 0x12a83: mov ah, 0x47 0x12a85: mov dl, 0 0x12a87: lea si, word ptr [bp + 0x38f] 0x12a8b: int 0x21
2018-12-25T12:39:29.884758217Z	71	PC: 12a8d \| Get current directory
2018-12-25T12:39:29.887491459Z	78	PC: 12a98 \| Find first file
2018-12-25T12:39:29.893522384Z	79	PC: 12b09 \| Find next file
2018-12-25T12:39:29.900198073Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.902799886Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.905505963Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.908720674Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.912094107Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.914769365Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.918843064Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.921461872Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.923642963Z	59	PC: 12af3 \| Change current directory
2018-12-25T12:39:29.928277543Z	59	PC: 12c39 \| Change current directory
2018-12-25T12:39:29.932768656Z	250	PC: 12a54 \| UNKNOWN! (See above)
2018-12-25T12:39:29.933902571Z	42	PC: 12a58 \| Get date (See above)
2018-12-25T12:39:29.946572855Z	71	PC: 12a8d \| Get current directory (See above)
2018-12-25T12:39:29.95021014Z	78	PC: 12a98 \| Find first file (See above)
2018-12-25T12:39:29.956299066Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.958848032Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.962662528Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.965257363Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.968111394Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.970736434Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.973585157Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.976069011Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.978522134Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:29.983165234Z	59	PC: 12af3 \| Change current directory (See above)
2018-12-25T12:39:29.988250207Z	59	PC: 12c39 \| Change current directory (See above)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":22,"Min":0,"Second":0,"TimeBased":true,"OriginalID":13938,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:30.024128517Z	250	PC: 12a54 \| UNKNOWN!
2018-12-25T12:39:30.025203727Z	42	PC: 12a58 \| Get date 0x12a58: cmp dh, 6 0x12a5b: jb 0x12a69 0x12a5d: mov ah, 0x2c 0x12a5f: int 0x21 0x12a61: cmp ch, 0x16 0x12a64: jb 0x12a69 0x12a66: jmp 0x12c56 0x12a69: cld 0x12a6a: mov cx, 7 0x12a6d: lea si, word ptr [bp + 0x322] 0x12a71: lea di, word ptr [bp + 0x329] 0x12a75: rep movsb byte ptr es:[di], byte ptr [si] 0x12a77: mov cx, 0x2b 0x12a7a: lea di, word ptr [bp + 0x35b] 0x12a7e: mov si, 0x80 0x12a81: rep movsb byte ptr es:[di], byte ptr [si] 0x12a83: mov ah, 0x47 0x12a85: mov dl, 0 0x12a87: lea si, word ptr [bp + 0x38f] 0x12a8b: int 0x21
2018-12-25T12:39:30.02732641Z	71	PC: 12a8d \| Get current directory
2018-12-25T12:39:30.029790594Z	78	PC: 12a98 \| Find first file
2018-12-25T12:39:30.035813158Z	79	PC: 12b09 \| Find next file
2018-12-25T12:39:30.03836286Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.040790987Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.043682503Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.045979367Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.04825619Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.050901625Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.053212457Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.055681447Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.05848145Z	59	PC: 12af3 \| Change current directory
2018-12-25T12:39:30.062464519Z	59	PC: 12c39 \| Change current directory
2018-12-25T12:39:30.06629694Z	250	PC: 12a54 \| UNKNOWN! (See above)
2018-12-25T12:39:30.078422444Z	42	PC: 12a58 \| Get date (See above)
2018-12-25T12:39:30.08015522Z	71	PC: 12a8d \| Get current directory (See above)
2018-12-25T12:39:30.085216425Z	78	PC: 12a98 \| Find first file (See above)
2018-12-25T12:39:30.090953799Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.093663289Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.096029728Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.099090185Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.101464757Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.104882382Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.107841966Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.110132488Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.11386756Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.116079059Z	59	PC: 12af3 \| Change current directory (See above)
2018-12-25T12:39:30.120454182Z	59	PC: 12c39 \| Change current directory (See above)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":22,"Min":0,"Second":0,"TimeBased":true,"OriginalID":13938,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:30.077835158Z	250	PC: 12a54 \| UNKNOWN!
2018-12-25T12:39:30.081413567Z	42	PC: 12a58 \| Get date 0x12a58: cmp dh, 6 0x12a5b: jb 0x12a69 0x12a5d: mov ah, 0x2c 0x12a5f: int 0x21 0x12a61: cmp ch, 0x16 0x12a64: jb 0x12a69 0x12a66: jmp 0x12c56 0x12a69: cld 0x12a6a: mov cx, 7 0x12a6d: lea si, word ptr [bp + 0x322] 0x12a71: lea di, word ptr [bp + 0x329] 0x12a75: rep movsb byte ptr es:[di], byte ptr [si] 0x12a77: mov cx, 0x2b 0x12a7a: lea di, word ptr [bp + 0x35b] 0x12a7e: mov si, 0x80 0x12a81: rep movsb byte ptr es:[di], byte ptr [si] 0x12a83: mov ah, 0x47 0x12a85: mov dl, 0 0x12a87: lea si, word ptr [bp + 0x38f] 0x12a8b: int 0x21
2018-12-25T12:39:30.084113846Z	71	PC: 12a8d \| Get current directory
2018-12-25T12:39:30.087739977Z	78	PC: 12a98 \| Find first file
2018-12-25T12:39:30.094353293Z	79	PC: 12b09 \| Find next file
2018-12-25T12:39:30.0972239Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.099959942Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.102739793Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.106330109Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.109107137Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.11178749Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.115181128Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.118267553Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.121125005Z	59	PC: 12af3 \| Change current directory
2018-12-25T12:39:30.127281539Z	59	PC: 12c39 \| Change current directory
2018-12-25T12:39:30.132556701Z	250	PC: 12a54 \| UNKNOWN! (See above)
2018-12-25T12:39:30.13311992Z	42	PC: 12a58 \| Get date (See above)
2018-12-25T12:39:30.136476766Z	71	PC: 12a8d \| Get current directory (See above)
2018-12-25T12:39:30.139987862Z	78	PC: 12a98 \| Find first file (See above)
2018-12-25T12:39:30.146402247Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.149431763Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.154819986Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.157798216Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.160899843Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.164707473Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.167843796Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.170854424Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.174485398Z	79	PC: 12b09 \| Find next file (See above)
2018-12-25T12:39:30.177111235Z	59	PC: 12af3 \| Change current directory (See above)
2018-12-25T12:39:30.181734841Z	59	PC: 12c39 \| Change current directory (See above)