Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.Busted.572

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:01:57.963932477Z	44	PC: 12b53 \| Get time 0x12b53: cmp byte ptr [0x106], 0 0x12b58: je 0x12b5a 0x12b5a: cmp dl, 0 0x12b5d: je 0x12b4f 0x12b5f: mov byte ptr [0x106], dl 0x12b63: mov byte ptr [0x107], dh 0x12b67: mov byte ptr [0x204], 0 0x12b6c: mov byte ptr [0x205], 4 0x12b71: mov byte ptr [0x20e], 0 0x12b76: mov cx, 0x27 0x12b79: mov dx, 0x142 0x12b7c: mov ah, 0x4e 0x12b7e: int 0x21 0x12b80: cmp ax, 0x12 0x12b83: je 0x12b88 0x12b85: call 0x12baa 0x12b88: mov cx, 0x27 0x12b8b: mov dx, 0x148 0x12b8e: mov ah, 0x4e 0x12b90: int 0x21
2018-12-17T23:01:57.966341683Z	78	PC: 12b80 \| Find first file
2018-12-17T23:01:57.972504683Z	67	PC: 12bcb \| Get or set file attributes
2018-12-17T23:01:58.109946432Z	61	PC: 12bd1 \| Open file (Filename = 'TEST.EXE')
2018-12-17T23:01:58.11715424Z	63	PC: 12be0 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:01:58.120025864Z	62	PC: 12c14 \| Close file
2018-12-17T23:01:58.124738829Z	61	PC: 12c1d \| Open file (Filename = 'TEST.EXE')
2018-12-17T23:01:58.14243585Z	64	PC: 12a5c \| Write file or device (Write 572 bytes on handle 5)
2018-12-17T23:01:58.150317022Z	87	PC: 12c45 \| Get or set file date and time
2018-12-17T23:01:58.151995698Z	62	PC: 12c4d \| Close file
2018-12-17T23:01:58.164898058Z	67	PC: 12c5a \| Get or set file attributes
2018-12-17T23:01:58.17381098Z	79	PC: 12c04 \| Find next file
2018-12-17T23:01:58.176737422Z	78	PC: 12b92 \| Find first file
2018-12-17T23:01:58.184245589Z	67	PC: 12bcb \| Get or set file attributes
2018-12-17T23:01:58.195344891Z	61	PC: 12bd1 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:01:58.201951734Z	63	PC: 12be0 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:01:58.211120383Z	62	PC: 12c14 \| Close file
2018-12-17T23:01:58.212994612Z	61	PC: 12c1d \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:01:58.221039973Z	64	PC: 12a5c \| Write file or device (Write 572 bytes on handle 5)
2018-12-17T23:01:58.238662823Z	87	PC: 12c45 \| Get or set file date and time
2018-12-17T23:01:58.240254078Z	62	PC: 12c4d \| Close file
2018-12-17T23:01:58.248009689Z	67	PC: 12c5a \| Get or set file attributes
2018-12-17T23:01:58.253103325Z	79	PC: 12c04 \| Find next file
2018-12-17T23:01:58.255832386Z	67	PC: 12bcb \| Get or set file attributes
2018-12-17T23:01:58.268688749Z	61	PC: 12bd1 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:01:58.277514651Z	63	PC: 12be0 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:01:58.284986414Z	62	PC: 12c14 \| Close file
2018-12-17T23:01:58.287372047Z	61	PC: 12c1d \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:01:58.295190649Z	64	PC: 12a5c \| Write file or device (Write 572 bytes on handle 5)
2018-12-17T23:01:58.304781451Z	87	PC: 12c45 \| Get or set file date and time
2018-12-17T23:01:58.306324081Z	62	PC: 12c4d \| Close file
2018-12-17T23:01:58.329263071Z	67	PC: 12c5a \| Get or set file attributes
2018-12-17T23:01:58.334455001Z	79	PC: 12c04 \| Find next file
2018-12-17T23:01:58.337462355Z	67	PC: 12bcb \| Get or set file attributes
2018-12-17T23:01:58.355529371Z	61	PC: 12bd1 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:01:58.370013095Z	63	PC: 12be0 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:01:58.376639816Z	62	PC: 12c14 \| Close file
2018-12-17T23:01:58.379435037Z	61	PC: 12c1d \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:01:58.401977882Z	64	PC: 12a5c \| Write file or device (Write 572 bytes on handle 5)
2018-12-17T23:01:58.411596808Z	87	PC: 12c45 \| Get or set file date and time
2018-12-17T23:01:58.418695426Z	62	PC: 12c4d \| Close file
2018-12-17T23:01:58.4427178Z	67	PC: 12c5a \| Get or set file attributes
2018-12-17T23:01:58.447763839Z	9	PC: 12c78 \| Display string (String= ' Program too big to fit in memory')
2018-12-17T23:01:58.452036067Z	76	PC: 12c7c \| Terminate with return code (Return code = '36')