Sample viewer

vx.netlux.org/Virus.DOS.Leathal.722.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:01:55.48939829Z 42 PC: 12b5c | Get date 0x12b5c: cmp dh, 9
0x12b5f: jne 0x12b6d
0x12b61: push di
0x12b62: add di, 0xa5
0x12b66: mov dx, di
0x12b68: mov ah, 9
0x12b6a: int 0x21
0x12b6c: pop di
0x12b6d: mov ax, 0x1a00
0x12b70: push di
0x12b71: add di, 0x1c
0x12b74: mov dx, di
0x12b76: int 0x21
0x12b78: pop di
0x12b79: xor bx, bx
0x12b7b: xor cx, cx
0x12b7d: mov ax, 0x4e00
0x12b80: push di
0x12b81: add di, 0x14
0x12b84: mov dx, di
2018-12-17T23:01:55.492099421Z 26 PC: 12b78 | Set disk transfer address
2018-12-17T23:01:55.493199485Z 78 PC: 12b89 | Find first file
2018-12-17T23:01:55.499111838Z 61 PC: 12baa | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:01:55.506731923Z 63 PC: 12bc6 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:01:55.51582413Z 76 PC: 12c4f | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14035,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:39:44.763866498Z 42 PC: 12b5c | Get date 0x12b5c: cmp dh, 9
0x12b5f: jne 0x12b6d
0x12b61: push di
0x12b62: add di, 0xa5
0x12b66: mov dx, di
0x12b68: mov ah, 9
0x12b6a: int 0x21
0x12b6c: pop di
0x12b6d: mov ax, 0x1a00
0x12b70: push di
0x12b71: add di, 0x1c
0x12b74: mov dx, di
0x12b76: int 0x21
0x12b78: pop di
0x12b79: xor bx, bx
0x12b7b: xor cx, cx
0x12b7d: mov ax, 0x4e00
0x12b80: push di
0x12b81: add di, 0x14
0x12b84: mov dx, di
2018-12-25T12:39:44.766685653Z 26 PC: 12b78 | Set disk transfer address
2018-12-25T12:39:44.773839591Z 78 PC: 12b89 | Find first file
2018-12-25T12:39:44.780584778Z 61 PC: 12baa | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:39:44.787233526Z 63 PC: 12bc6 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:39:44.795267322Z 76 PC: 12c4f | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14035,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:39:44.724360144Z 42 PC: 12b5c | Get date 0x12b5c: cmp dh, 9
0x12b5f: jne 0x12b6d
0x12b61: push di
0x12b62: add di, 0xa5
0x12b66: mov dx, di
0x12b68: mov ah, 9
0x12b6a: int 0x21
0x12b6c: pop di
0x12b6d: mov ax, 0x1a00
0x12b70: push di
0x12b71: add di, 0x1c
0x12b74: mov dx, di
0x12b76: int 0x21
0x12b78: pop di
0x12b79: xor bx, bx
0x12b7b: xor cx, cx
0x12b7d: mov ax, 0x4e00
0x12b80: push di
0x12b81: add di, 0x14
0x12b84: mov dx, di
2018-12-25T12:39:44.726912961Z 9 PC: 12b6c | Display string (String= 'Leathal Virus Striked your fuking computer... Do not worry, I am not destructive...')
2018-12-25T12:39:44.733161205Z 26 PC: 12b78 | Set disk transfer address
2018-12-25T12:39:44.734492442Z 78 PC: 12b89 | Find first file
2018-12-25T12:39:44.741031484Z 61 PC: 12baa | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:39:44.748387411Z 63 PC: 12bc6 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:39:44.755353186Z 76 PC: 12c4f | Terminate with return code (Return code = '0')