Sample viewer

vx.netlux.org/Virus.DOS.Chameleon.1251

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:02:24.964179341Z 44 PC: 12f34 | Get time 0x12f34: xor dx, cx
0x12f36: mov word ptr [bp - 0x10], dx
0x12f39: call 0x22d48
0x12f3c: mov di, 0x100
0x12f3f: push ds
0x12f40: pop es
0x12f41: mov cx, 0x8000
0x12f44: mov si, 0x5e9
0x12f47: lodsb al, byte ptr [si]
0x12f48: repne scasb al, byte ptr es:[di]
0x12f4a: cmp cx, 0
0x12f4d: je 0x12f68
0x12f4f: cmp di, 0x5e9
0x12f53: jge 0x12f68
0x12f55: lodsb al, byte ptr [si]
0x12f56: scasb al, byte ptr es:[di]
0x12f57: jne 0x12f41
0x12f59: call 0x22d48
0x12f5c: mov ax, word ptr [bp - 0x10]
0x12f5f: dec di
2018-12-17T23:02:24.967199355Z 48 PC: 12ab2 | Get DOS version
2018-12-17T23:02:24.969615685Z 47 PC: 12ac0 | Get disk transfer address
2018-12-17T23:02:24.971276035Z 26 PC: 12ad5 | Set disk transfer address
2018-12-17T23:02:24.972942526Z 78 PC: 12b58 | Find first file
2018-12-17T23:02:24.980357629Z 67 PC: 12b97 | Get or set file attributes
2018-12-17T23:02:24.986465856Z 67 PC: 12ba8 | Get or set file attributes
2018-12-17T23:02:25.005483839Z 61 PC: 12bb3 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:02:25.013636167Z 87 PC: 12bc0 | Get or set file date and time
2018-12-17T23:02:25.015273944Z 63 PC: 12bd3 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:02:25.022918908Z 66 PC: 12bef | Move file pointer
2018-12-17T23:02:25.025870524Z 44 PC: 12c1d | Get time 0x12c1d: xor dx, cx
0x12c1f: int3
0x12c20: jg 0x12c18
0x12c22: push si
2018-12-17T23:02:25.030393502Z 64 PC: 13044 | Write file or device (Write 1251 bytes on handle 5)
2018-12-17T23:02:25.040244972Z 66 PC: 12cf5 | Move file pointer
2018-12-17T23:02:25.042790185Z 64 PC: 12d06 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:02:25.05089381Z 87 PC: 12d17 | Get or set file date and time
2018-12-17T23:02:25.053065331Z 62 PC: 12d1b | Close file
2018-12-17T23:02:25.063354614Z 67 PC: 12d29 | Get or set file attributes
2018-12-17T23:02:25.078177564Z 26 PC: 12d34 | Set disk transfer address