Sample viewer

vx.netlux.org/Virus.DOS.Trivial.102.c

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:02:23.076274257Z 78 PC: 12a49 | Find first file
2018-12-17T23:02:23.082258877Z 61 PC: 12a56 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:02:23.089146823Z 87 PC: 12a5c | Get or set file date and time
2018-12-17T23:02:23.09039371Z 64 PC: 12a68 | Write file or device (Write 102 bytes on handle 5)
2018-12-17T23:02:23.096589825Z 87 PC: 12a6f | Get or set file date and time
2018-12-17T23:02:23.09859348Z 62 PC: 12a73 | Close file
2018-12-17T23:02:23.1115933Z 79 PC: 12a49 | Find next file
2018-12-17T23:02:23.11412375Z 61 PC: 12a56 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:02:23.120903572Z 87 PC: 12a5c | Get or set file date and time
2018-12-17T23:02:23.122396264Z 64 PC: 12a68 | Write file or device (Write 102 bytes on handle 5)
2018-12-17T23:02:23.127267452Z 87 PC: 12a6f | Get or set file date and time
2018-12-17T23:02:23.128981552Z 62 PC: 12a73 | Close file
2018-12-17T23:02:23.136643601Z 79 PC: 12a49 | Find next file
2018-12-17T23:02:23.139158645Z 61 PC: 12a56 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:02:23.14756036Z 87 PC: 12a5c | Get or set file date and time
2018-12-17T23:02:23.149725336Z 64 PC: 12a68 | Write file or device (Write 102 bytes on handle 5)
2018-12-17T23:02:23.155278076Z 87 PC: 12a6f | Get or set file date and time
2018-12-17T23:02:23.156624632Z 62 PC: 12a73 | Close file
2018-12-17T23:02:23.161372022Z 79 PC: 12a49 | Find next file
2018-12-17T23:02:23.163164917Z 61 PC: 12a56 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:02:23.167683957Z 87 PC: 12a5c | Get or set file date and time
2018-12-17T23:02:23.168786654Z 64 PC: 12a68 | Write file or device (Write 102 bytes on handle 5)
2018-12-17T23:02:23.173178974Z 87 PC: 12a6f | Get or set file date and time
2018-12-17T23:02:23.175022287Z 62 PC: 12a73 | Close file
2018-12-17T23:02:23.182340447Z 79 PC: 12a49 | Find next file
2018-12-17T23:02:23.184749898Z 61 PC: 12a56 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:02:23.191177775Z 87 PC: 12a5c | Get or set file date and time
2018-12-17T23:02:23.192543151Z 64 PC: 12a68 | Write file or device (Write 102 bytes on handle 5)
2018-12-17T23:02:23.198701825Z 87 PC: 12a6f | Get or set file date and time
2018-12-17T23:02:23.20004149Z 62 PC: 12a73 | Close file
2018-12-17T23:02:23.206114319Z 79 PC: 12a49 | Find next file
2018-12-17T23:02:23.208898637Z 61 PC: 12a56 | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:02:23.213170785Z 87 PC: 12a5c | Get or set file date and time
2018-12-17T23:02:23.214861727Z 64 PC: 12a68 | Write file or device (Write 102 bytes on handle 5)
2018-12-17T23:02:23.218897407Z 87 PC: 12a6f | Get or set file date and time
2018-12-17T23:02:23.219969302Z 62 PC: 12a73 | Close file
2018-12-17T23:02:23.225575743Z 79 PC: 12a49 | Find next file
2018-12-17T23:02:23.227411558Z 61 PC: 12a56 | Open file (Filename = 'PAH.COM')
2018-12-17T23:02:23.231571598Z 87 PC: 12a5c | Get or set file date and time
2018-12-17T23:02:23.232836571Z 64 PC: 12a68 | Write file or device (Write 102 bytes on handle 5)
2018-12-17T23:02:23.236825051Z 87 PC: 12a6f | Get or set file date and time
2018-12-17T23:02:23.237924617Z 62 PC: 12a73 | Close file
2018-12-17T23:02:23.242873259Z 79 PC: 12a49 | Find next file
2018-12-17T23:02:23.244585276Z 44 PC: 12a7b | Get time 0x12a7b: cmp cl, 0x21
0x12a7e: jne 0x12a87
0x12a80: mov ax, 0xff0d
0x12a83: mov dx, 0x3da
0x12a86: out dx, ax
0x12a87: ret
0x12a88: sub ch, byte ptr [0x6f63]
0x12a8c: insw word ptr es:[di], dx
0x12a8d: add byte ptr [di + 0x61], cl
0x12a90: push dx
0x12a91: imul cx, word ptr [bx + 0x20], 0x7962
0x12a96: and byte ptr [di + 0x69], cl
0x12a99: inc sp
0x12a9a: pop dx
0x12a9c: and byte ptr [bp + di + 0x52], bl
0x12a9f: imul bp, word ptr [bx + 0x74], 0x7265
0x12aa4: jae 0x12b03
0x12aa6: ljmp ptr [0x114]
0x12aaa: call 0x12adc
0x12aad: push ds

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14184,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:40:05.981807459Z 78 PC: 12a49 | Find first file
2018-12-25T12:40:05.987915516Z 61 PC: 12a56 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:05.994145625Z 87 PC: 12a5c | Get or set file date and time
2018-12-25T12:40:05.995323363Z 64 PC: 12a68 | Write file or device (Write 102 bytes on handle 5)
2018-12-25T12:40:06.001768652Z 87 PC: 12a6f | Get or set file date and time
2018-12-25T12:40:06.003320582Z 62 PC: 12a73 | Close file
2018-12-25T12:40:06.085704974Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.089265252Z 61 PC: 12a56 | Open file (See above)
2018-12-25T12:40:06.095494547Z 87 PC: 12a5c | Get or set file date and time (See above)
2018-12-25T12:40:06.096657716Z 64 PC: 12a68 | Write file or device (See above)
2018-12-25T12:40:06.102857859Z 87 PC: 12a6f | Get or set file date and time (See above)
2018-12-25T12:40:06.104338647Z 62 PC: 12a73 | Close file (See above)
2018-12-25T12:40:06.117203099Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.119818981Z 61 PC: 12a56 | Open file (See above)
2018-12-25T12:40:06.126956416Z 87 PC: 12a5c | Get or set file date and time (See above)
2018-12-25T12:40:06.128248457Z 64 PC: 12a68 | Write file or device (See above)
2018-12-25T12:40:06.134675781Z 87 PC: 12a6f | Get or set file date and time (See above)
2018-12-25T12:40:06.137053607Z 62 PC: 12a73 | Close file (See above)
2018-12-25T12:40:06.144440266Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.147095449Z 61 PC: 12a56 | Open file (See above)
2018-12-25T12:40:06.153876575Z 87 PC: 12a5c | Get or set file date and time (See above)
2018-12-25T12:40:06.155186727Z 64 PC: 12a68 | Write file or device (See above)
2018-12-25T12:40:06.161482201Z 87 PC: 12a6f | Get or set file date and time (See above)
2018-12-25T12:40:06.163735222Z 62 PC: 12a73 | Close file (See above)
2018-12-25T12:40:06.170921632Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.173402191Z 61 PC: 12a56 | Open file (See above)
2018-12-25T12:40:06.185208621Z 87 PC: 12a5c | Get or set file date and time (See above)
2018-12-25T12:40:06.187125966Z 64 PC: 12a68 | Write file or device (See above)
2018-12-25T12:40:06.193616899Z 87 PC: 12a6f | Get or set file date and time (See above)
2018-12-25T12:40:06.195115202Z 62 PC: 12a73 | Close file (See above)
2018-12-25T12:40:06.202858184Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.205763028Z 61 PC: 12a56 | Open file (See above)
2018-12-25T12:40:06.212418483Z 87 PC: 12a5c | Get or set file date and time (See above)
2018-12-25T12:40:06.215124673Z 64 PC: 12a68 | Write file or device (See above)
2018-12-25T12:40:06.221438216Z 87 PC: 12a6f | Get or set file date and time (See above)
2018-12-25T12:40:06.222750991Z 62 PC: 12a73 | Close file (See above)
2018-12-25T12:40:06.230712752Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.233296467Z 61 PC: 12a56 | Open file (See above)
2018-12-25T12:40:06.239944721Z 87 PC: 12a5c | Get or set file date and time (See above)
2018-12-25T12:40:06.241722685Z 64 PC: 12a68 | Write file or device (See above)
2018-12-25T12:40:06.248552482Z 87 PC: 12a6f | Get or set file date and time (See above)
2018-12-25T12:40:06.249990459Z 62 PC: 12a73 | Close file (See above)
2018-12-25T12:40:06.260432385Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.263375471Z 44 PC: 12a7b | Get time 0x12a7b: cmp cl, 0x21
0x12a7e: jne 0x12a87
0x12a80: mov ax, 0xff0d
0x12a83: mov dx, 0x3da
0x12a86: out dx, ax
0x12a87: ret
0x12a88: sub ch, byte ptr [0x6f63]
0x12a8c: insw word ptr es:[di], dx
0x12a8d: add byte ptr [di + 0x61], cl
0x12a90: push dx
0x12a91: imul cx, word ptr [bx + 0x20], 0x7962
0x12a96: and byte ptr [di + 0x69], cl
0x12a99: inc sp
0x12a9a: pop dx
0x12a9c: and byte ptr [bp + di + 0x52], bl
0x12a9f: imul bp, word ptr [bx + 0x74], 0x7265
0x12aa4: jae 0x12b03
0x12aa6: ljmp ptr [0x114]
0x12aaa: call 0x12adc
0x12aad: push ds

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":33,"Second":0,"TimeBased":true,"OriginalID":14184,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:40:06.03381504Z 78 PC: 12a49 | Find first file
2018-12-25T12:40:06.040325541Z 61 PC: 12a56 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:06.04691908Z 87 PC: 12a5c | Get or set file date and time
2018-12-25T12:40:06.048457231Z 64 PC: 12a68 | Write file or device (Write 102 bytes on handle 5)
2018-12-25T12:40:06.056776687Z 87 PC: 12a6f | Get or set file date and time
2018-12-25T12:40:06.058506861Z 62 PC: 12a73 | Close file
2018-12-25T12:40:06.085600896Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.089047902Z 61 PC: 12a56 | Open file (See above)
2018-12-25T12:40:06.095613228Z 87 PC: 12a5c | Get or set file date and time (See above)
2018-12-25T12:40:06.097246646Z 64 PC: 12a68 | Write file or device (See above)
2018-12-25T12:40:06.107751372Z 87 PC: 12a6f | Get or set file date and time (See above)
2018-12-25T12:40:06.115018222Z 62 PC: 12a73 | Close file (See above)
2018-12-25T12:40:06.12246928Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.125482584Z 61 PC: 12a56 | Open file (See above)
2018-12-25T12:40:06.131997263Z 87 PC: 12a5c | Get or set file date and time (See above)
2018-12-25T12:40:06.133208646Z 64 PC: 12a68 | Write file or device (See above)
2018-12-25T12:40:06.139520112Z 87 PC: 12a6f | Get or set file date and time (See above)
2018-12-25T12:40:06.14132127Z 62 PC: 12a73 | Close file (See above)
2018-12-25T12:40:06.14892307Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.151464582Z 61 PC: 12a56 | Open file (See above)
2018-12-25T12:40:06.158496131Z 87 PC: 12a5c | Get or set file date and time (See above)
2018-12-25T12:40:06.160081892Z 64 PC: 12a68 | Write file or device (See above)
2018-12-25T12:40:06.16653689Z 87 PC: 12a6f | Get or set file date and time (See above)
2018-12-25T12:40:06.169110207Z 62 PC: 12a73 | Close file (See above)
2018-12-25T12:40:06.175887033Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.178386309Z 61 PC: 12a56 | Open file (See above)
2018-12-25T12:40:06.184899557Z 87 PC: 12a5c | Get or set file date and time (See above)
2018-12-25T12:40:06.186268807Z 64 PC: 12a68 | Write file or device (See above)
2018-12-25T12:40:06.192321391Z 87 PC: 12a6f | Get or set file date and time (See above)
2018-12-25T12:40:06.195045396Z 62 PC: 12a73 | Close file (See above)
2018-12-25T12:40:06.202159074Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.204739552Z 61 PC: 12a56 | Open file (See above)
2018-12-25T12:40:06.217254417Z 87 PC: 12a5c | Get or set file date and time (See above)
2018-12-25T12:40:06.219164753Z 64 PC: 12a68 | Write file or device (See above)
2018-12-25T12:40:06.225832889Z 87 PC: 12a6f | Get or set file date and time (See above)
2018-12-25T12:40:06.227885335Z 62 PC: 12a73 | Close file (See above)
2018-12-25T12:40:06.235587096Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.238535155Z 61 PC: 12a56 | Open file (See above)
2018-12-25T12:40:06.245141473Z 87 PC: 12a5c | Get or set file date and time (See above)
2018-12-25T12:40:06.247926697Z 64 PC: 12a68 | Write file or device (See above)
2018-12-25T12:40:06.254639375Z 87 PC: 12a6f | Get or set file date and time (See above)
2018-12-25T12:40:06.256422343Z 62 PC: 12a73 | Close file (See above)
2018-12-25T12:40:06.265007376Z 79 PC: 12a49 | Find next file (See above)
2018-12-25T12:40:06.267735766Z 44 PC: 12a7b | Get time 0x12a7b: cmp cl, 0x21
0x12a7e: jne 0x12a87
0x12a80: mov ax, 0xff0d
0x12a83: mov dx, 0x3da
0x12a86: out dx, ax
0x12a87: ret
0x12a88: sub ch, byte ptr [0x6f63]
0x12a8c: insw word ptr es:[di], dx
0x12a8d: add byte ptr [di + 0x61], cl
0x12a90: push dx
0x12a91: imul cx, word ptr [bx + 0x20], 0x7962
0x12a96: and byte ptr [di + 0x69], cl
0x12a99: inc sp
0x12a9a: pop dx
0x12a9c: and byte ptr [bp + di + 0x52], bl
0x12a9f: imul bp, word ptr [bx + 0x74], 0x7265
0x12aa4: jae 0x12b03
0x12aa6: ljmp ptr [0x114]
0x12aaa: call 0x12adc
0x12aad: push ds