Sample viewer

vx.netlux.org/Virus.DOS.Taiwan.752

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:02:37.185708967Z 25 PC: 12b0a | Get default drive
2018-12-17T23:02:37.187512621Z 71 PC: 12b19 | Get current directory
2018-12-17T23:02:37.192453439Z 14 PC: 12b39 | Set default drive (Drive = 'C')
2018-12-17T23:02:37.195309957Z 59 PC: 12b40 | Change current directory
2018-12-17T23:02:37.199852636Z 78 PC: 12b53 | Find first file
2018-12-17T23:02:37.207861084Z 67 PC: 12b7c | Get or set file attributes
2018-12-17T23:02:37.552707388Z 61 PC: 12b85 | Open file (Filename = 'COMMAND.COM')
2018-12-17T23:02:37.56020107Z 63 PC: 12b91 | Read file or device (Read 752 bytes on handle 5)
2018-12-17T23:02:37.56892959Z 66 PC: 12b9b | Move file pointer
2018-12-17T23:02:37.570699825Z 64 PC: 12bb0 | Write file or device (Write 752 bytes on handle 5)
2018-12-17T23:02:37.577944546Z 66 PC: 12bba | Move file pointer
2018-12-17T23:02:37.580522453Z 64 PC: 12bc4 | Write file or device (Write 752 bytes on handle 5)
2018-12-17T23:02:37.592004552Z 87 PC: 12bd5 | Get or set file date and time
2018-12-17T23:02:37.593823698Z 67 PC: 12be2 | Get or set file attributes
2018-12-17T23:02:37.603147641Z 62 PC: 12be6 | Close file
2018-12-17T23:02:37.612190861Z 79 PC: 12c11 | Find next file
2018-12-17T23:02:37.615387534Z 78 PC: 12c20 | Find first file
2018-12-17T23:02:37.622135752Z 59 PC: 12c38 | Change current directory
2018-12-17T23:02:37.629270946Z 78 PC: 12b53 | Find first file
2018-12-17T23:02:37.640992907Z 67 PC: 12b7c | Get or set file attributes
2018-12-17T23:02:37.652318604Z 61 PC: 12b85 | Open file (Filename = 'EDIT.COM')
2018-12-17T23:02:37.662197922Z 63 PC: 12b91 | Read file or device (Read 752 bytes on handle 5)
2018-12-17T23:02:37.669052149Z 66 PC: 12b9b | Move file pointer
2018-12-17T23:02:37.671274911Z 64 PC: 12bb0 | Write file or device (Write 752 bytes on handle 5)
2018-12-17T23:02:37.681244789Z 66 PC: 12bba | Move file pointer
2018-12-17T23:02:37.683665814Z 64 PC: 12bc4 | Write file or device (Write 752 bytes on handle 5)
2018-12-17T23:02:37.692465833Z 87 PC: 12bd5 | Get or set file date and time
2018-12-17T23:02:37.695626379Z 67 PC: 12be2 | Get or set file attributes
2018-12-17T23:02:37.70163566Z 62 PC: 12be6 | Close file
2018-12-17T23:02:37.709851414Z 79 PC: 12c11 | Find next file
2018-12-17T23:02:37.721018708Z 67 PC: 12b7c | Get or set file attributes
2018-12-17T23:02:37.733050406Z 61 PC: 12b85 | Open file (Filename = 'FORMAT.COM')
2018-12-17T23:02:37.740561047Z 63 PC: 12b91 | Read file or device (Read 752 bytes on handle 5)
2018-12-17T23:02:37.749071891Z 66 PC: 12b9b | Move file pointer
2018-12-17T23:02:37.752191535Z 64 PC: 12bb0 | Write file or device (Write 752 bytes on handle 5)
2018-12-17T23:02:37.76020488Z 66 PC: 12bba | Move file pointer
2018-12-17T23:02:37.764565033Z 64 PC: 12bc4 | Write file or device (Write 752 bytes on handle 5)
2018-12-17T23:02:37.799567783Z 87 PC: 12bd5 | Get or set file date and time
2018-12-17T23:02:37.80342538Z 67 PC: 12be2 | Get or set file attributes
2018-12-17T23:02:37.812668964Z 62 PC: 12be6 | Close file
2018-12-17T23:02:37.820755086Z 79 PC: 12c11 | Find next file
2018-12-17T23:02:37.824779963Z 67 PC: 12b7c | Get or set file attributes
2018-12-17T23:02:37.835801697Z 61 PC: 12b85 | Open file (Filename = 'KEYB.COM')
2018-12-17T23:02:37.843912475Z 63 PC: 12b91 | Read file or device (Read 752 bytes on handle 5)
2018-12-17T23:02:37.851137489Z 66 PC: 12b9b | Move file pointer
2018-12-17T23:02:37.853136178Z 64 PC: 12bb0 | Write file or device (Write 752 bytes on handle 5)
2018-12-17T23:02:37.86342964Z 66 PC: 12bba | Move file pointer
2018-12-17T23:02:37.865367359Z 64 PC: 12bc4 | Write file or device (Write 752 bytes on handle 5)
2018-12-17T23:02:37.874891607Z 87 PC: 12bd5 | Get or set file date and time
2018-12-17T23:02:37.877993209Z 67 PC: 12be2 | Get or set file attributes
2018-12-17T23:02:37.883167961Z 62 PC: 12be6 | Close file
2018-12-17T23:02:37.891306966Z 42 PC: 12c7e | Get date 0x12c7e: cmp dl, 8
0x12c81: jne 0x12caa
0x12c83: mov byte ptr [0x111], 1
0x12c88: mov al, byte ptr [0x110]
0x12c8b: mov cx, 0x140
0x12c8e: xor dx, dx
0x12c90: xor bx, bx
0x12c92: int 0x26
0x12c94: popf
0x12c95: cmp byte ptr [0x10f], 2
0x12c9a: jne 0x12cb9
0x12c9c: mov al, 3
0x12c9e: mov cx, 0x140
0x12ca1: xor dx, dx
0x12ca3: xor bx, bx
0x12ca5: int 0x26
0x12ca7: popf
0x12ca8: jmp 0x12cb9
0x12caa: mov ah, 0xe
0x12cac: mov dl, byte ptr [0x122]
2018-12-17T23:02:37.894836188Z 14 PC: 12cb2 | Set default drive (Drive = 'A')
2018-12-17T23:02:37.896273368Z 59 PC: 12cb9 | Change current directory
2018-12-17T23:02:37.901232693Z 48 PC: 12a4f | Get DOS version
2018-12-17T23:02:37.903074797Z 74 PC: 12eb8 | Reallocate memory
2018-12-17T23:02:37.904669322Z 72 PC: 12ec8 | Allocate memory
2018-12-17T23:02:37.908408287Z 9 PC: 14748 | Display string (String= ' New File: ')
2018-12-17T23:02:37.911355503Z 61 PC: 146b6 | Open file (Filename = 'CON')
2018-12-17T23:02:37.916751523Z 70 PC: 146c4 | Redirect handle
2018-12-17T23:02:37.919023923Z 62 PC: 146c8 | Close file
2018-12-17T23:02:37.921095489Z 10 PC: 146d3 | Buffered keyboard input

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14274,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:40:17.169925209Z 25 PC: 12b0a | Get default drive
2018-12-25T12:40:17.171598962Z 71 PC: 12b19 | Get current directory
2018-12-25T12:40:17.174948005Z 14 PC: 12b39 | Set default drive (Drive = 'C')
2018-12-25T12:40:17.176062284Z 59 PC: 12b40 | Change current directory
2018-12-25T12:40:17.179914721Z 78 PC: 12b53 | Find first file
2018-12-25T12:40:17.185221057Z 67 PC: 12b7c | Get or set file attributes
2018-12-25T12:40:18.20900019Z 61 PC: 12b85 | Open file (Filename = 'COMMAND.COM')
2018-12-25T12:40:18.216666572Z 63 PC: 12b91 | Read file or device (Read 752 bytes on handle 5)
2018-12-25T12:40:18.223806763Z 66 PC: 12b9b | Move file pointer
2018-12-25T12:40:18.225262483Z 64 PC: 12bb0 | Write file or device (Write 752 bytes on handle 5)
2018-12-25T12:40:18.232459075Z 66 PC: 12bba | Move file pointer
2018-12-25T12:40:18.234205573Z 64 PC: 12bc4 | Write file or device (Write 752 bytes on handle 5)
2018-12-25T12:40:18.243852371Z 87 PC: 12bd5 | Get or set file date and time
2018-12-25T12:40:18.24669527Z 67 PC: 12be2 | Get or set file attributes
2018-12-25T12:40:18.250924479Z 62 PC: 12be6 | Close file
2018-12-25T12:40:18.256863865Z 79 PC: 12c11 | Find next file
2018-12-25T12:40:18.259575555Z 78 PC: 12c20 | Find first file
2018-12-25T12:40:18.265323204Z 59 PC: 12c38 | Change current directory
2018-12-25T12:40:18.27107506Z 78 PC: 12b53 | Find first file (See above)
2018-12-25T12:40:18.27960383Z 67 PC: 12b7c | Get or set file attributes (See above)
2018-12-25T12:40:18.298610985Z 61 PC: 12b85 | Open file (See above)
2018-12-25T12:40:18.315076151Z 63 PC: 12b91 | Read file or device (See above)
2018-12-25T12:40:18.321192541Z 66 PC: 12b9b | Move file pointer (See above)
2018-12-25T12:40:18.323627779Z 64 PC: 12bb0 | Write file or device (See above)
2018-12-25T12:40:18.330304288Z 66 PC: 12bba | Move file pointer (See above)
2018-12-25T12:40:18.33182254Z 64 PC: 12bc4 | Write file or device (See above)
2018-12-25T12:40:18.34353589Z 87 PC: 12bd5 | Get or set file date and time (See above)
2018-12-25T12:40:18.34539573Z 67 PC: 12be2 | Get or set file attributes (See above)
2018-12-25T12:40:18.350836179Z 62 PC: 12be6 | Close file (See above)
2018-12-25T12:40:18.357622932Z 79 PC: 12c11 | Find next file (See above)
2018-12-25T12:40:18.360582303Z 67 PC: 12b7c | Get or set file attributes (See above)
2018-12-25T12:40:18.370199602Z 61 PC: 12b85 | Open file (See above)
2018-12-25T12:40:18.377302689Z 63 PC: 12b91 | Read file or device (See above)
2018-12-25T12:40:18.384314728Z 66 PC: 12b9b | Move file pointer (See above)
2018-12-25T12:40:18.38571391Z 64 PC: 12bb0 | Write file or device (See above)
2018-12-25T12:40:18.393759809Z 66 PC: 12bba | Move file pointer (See above)
2018-12-25T12:40:18.395142038Z 64 PC: 12bc4 | Write file or device (See above)
2018-12-25T12:40:18.402598969Z 87 PC: 12bd5 | Get or set file date and time (See above)
2018-12-25T12:40:18.40505027Z 67 PC: 12be2 | Get or set file attributes (See above)
2018-12-25T12:40:18.409474004Z 62 PC: 12be6 | Close file (See above)
2018-12-25T12:40:18.416613609Z 79 PC: 12c11 | Find next file (See above)
2018-12-25T12:40:18.419836423Z 67 PC: 12b7c | Get or set file attributes (See above)
2018-12-25T12:40:18.430111757Z 61 PC: 12b85 | Open file (See above)
2018-12-25T12:40:18.436909829Z 63 PC: 12b91 | Read file or device (See above)
2018-12-25T12:40:18.443152284Z 66 PC: 12b9b | Move file pointer (See above)
2018-12-25T12:40:18.446487655Z 64 PC: 12bb0 | Write file or device (See above)
2018-12-25T12:40:18.454178371Z 66 PC: 12bba | Move file pointer (See above)
2018-12-25T12:40:18.455698043Z 64 PC: 12bc4 | Write file or device (See above)
2018-12-25T12:40:18.465233724Z 87 PC: 12bd5 | Get or set file date and time (See above)
2018-12-25T12:40:18.466948818Z 67 PC: 12be2 | Get or set file attributes (See above)
2018-12-25T12:40:18.471807996Z 62 PC: 12be6 | Close file (See above)
2018-12-25T12:40:18.479965622Z 42 PC: 12c7e | Get date 0x12c7e: cmp dl, 8
0x12c81: jne 0x12caa
0x12c83: mov byte ptr [0x111], 1
0x12c88: mov al, byte ptr [0x110]
0x12c8b: mov cx, 0x140
0x12c8e: xor dx, dx
0x12c90: xor bx, bx
0x12c92: int 0x26
0x12c94: popf
0x12c95: cmp byte ptr [0x10f], 2
0x12c9a: jne 0x12cb9
0x12c9c: mov al, 3
0x12c9e: mov cx, 0x140
0x12ca1: xor dx, dx
0x12ca3: xor bx, bx
0x12ca5: int 0x26
0x12ca7: popf
0x12ca8: jmp 0x12cb9
0x12caa: mov ah, 0xe
0x12cac: mov dl, byte ptr [0x122]
2018-12-25T12:40:18.48234696Z 14 PC: 12cb2 | Set default drive (Drive = 'A')
2018-12-25T12:40:18.484537491Z 59 PC: 12cb9 | Change current directory
2018-12-25T12:40:18.489945904Z 48 PC: 12a4f | Get DOS version
2018-12-25T12:40:18.491840764Z 74 PC: 12eb8 | Reallocate memory
2018-12-25T12:40:18.493456786Z 72 PC: 12ec8 | Allocate memory
2018-12-25T12:40:18.497913279Z 9 PC: 14748 | Display string (String= ' New File: ')
2018-12-25T12:40:18.500688855Z 61 PC: 146b6 | Open file (Filename = 'CON')
2018-12-25T12:40:18.505591667Z 70 PC: 146c4 | Redirect handle
2018-12-25T12:40:18.507925394Z 62 PC: 146c8 | Close file
2018-12-25T12:40:18.510025565Z 10 PC: 146d3 | Buffered keyboard input

{"DateBased":true,"Day":8,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14274,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:40:17.1489893Z 25 PC: 12b0a | Get default drive
2018-12-25T12:40:17.150744995Z 71 PC: 12b19 | Get current directory
2018-12-25T12:40:17.154235936Z 14 PC: 12b39 | Set default drive (Drive = 'C')
2018-12-25T12:40:17.156175034Z 59 PC: 12b40 | Change current directory
2018-12-25T12:40:17.160798217Z 78 PC: 12b53 | Find first file
2018-12-25T12:40:17.167711162Z 67 PC: 12b7c | Get or set file attributes
2018-12-25T12:40:18.440732575Z 61 PC: 12b85 | Open file (Filename = 'COMMAND.COM')
2018-12-25T12:40:18.448783206Z 63 PC: 12b91 | Read file or device (Read 752 bytes on handle 5)
2018-12-25T12:40:18.457045842Z 66 PC: 12b9b | Move file pointer
2018-12-25T12:40:18.458727189Z 64 PC: 12bb0 | Write file or device (Write 752 bytes on handle 5)
2018-12-25T12:40:18.46616555Z 66 PC: 12bba | Move file pointer
2018-12-25T12:40:18.468566425Z 64 PC: 12bc4 | Write file or device (Write 752 bytes on handle 5)
2018-12-25T12:40:18.476593576Z 87 PC: 12bd5 | Get or set file date and time
2018-12-25T12:40:18.47846518Z 67 PC: 12be2 | Get or set file attributes
2018-12-25T12:40:18.48410921Z 62 PC: 12be6 | Close file
2018-12-25T12:40:18.492085493Z 79 PC: 12c11 | Find next file
2018-12-25T12:40:18.494027173Z 78 PC: 12c20 | Find first file
2018-12-25T12:40:18.499372841Z 59 PC: 12c38 | Change current directory
2018-12-25T12:40:18.503397887Z 78 PC: 12b53 | Find first file (See above)
2018-12-25T12:40:18.510331883Z 67 PC: 12b7c | Get or set file attributes (See above)
2018-12-25T12:40:18.517277015Z 61 PC: 12b85 | Open file (See above)
2018-12-25T12:40:18.525119972Z 63 PC: 12b91 | Read file or device (See above)
2018-12-25T12:40:18.540452297Z 66 PC: 12b9b | Move file pointer (See above)
2018-12-25T12:40:18.557919746Z 64 PC: 12bb0 | Write file or device (See above)
2018-12-25T12:40:18.566688693Z 66 PC: 12bba | Move file pointer (See above)
2018-12-25T12:40:18.568328624Z 64 PC: 12bc4 | Write file or device (See above)
2018-12-25T12:40:18.576057259Z 87 PC: 12bd5 | Get or set file date and time (See above)
2018-12-25T12:40:18.578740898Z 67 PC: 12be2 | Get or set file attributes (See above)
2018-12-25T12:40:18.583614697Z 62 PC: 12be6 | Close file (See above)
2018-12-25T12:40:18.590731244Z 79 PC: 12c11 | Find next file (See above)
2018-12-25T12:40:18.595152253Z 67 PC: 12b7c | Get or set file attributes (See above)
2018-12-25T12:40:18.605887259Z 61 PC: 12b85 | Open file (See above)
2018-12-25T12:40:18.613654635Z 63 PC: 12b91 | Read file or device (See above)
2018-12-25T12:40:18.622024125Z 66 PC: 12b9b | Move file pointer (See above)
2018-12-25T12:40:18.624625192Z 64 PC: 12bb0 | Write file or device (See above)
2018-12-25T12:40:18.632946259Z 66 PC: 12bba | Move file pointer (See above)
2018-12-25T12:40:18.635784494Z 64 PC: 12bc4 | Write file or device (See above)
2018-12-25T12:40:18.64501587Z 87 PC: 12bd5 | Get or set file date and time (See above)
2018-12-25T12:40:18.647047736Z 67 PC: 12be2 | Get or set file attributes (See above)
2018-12-25T12:40:18.652168366Z 62 PC: 12be6 | Close file (See above)
2018-12-25T12:40:18.660752742Z 79 PC: 12c11 | Find next file (See above)
2018-12-25T12:40:18.664560579Z 67 PC: 12b7c | Get or set file attributes (See above)
2018-12-25T12:40:18.675379338Z 61 PC: 12b85 | Open file (See above)
2018-12-25T12:40:18.683830927Z 63 PC: 12b91 | Read file or device (See above)
2018-12-25T12:40:18.690873317Z 66 PC: 12b9b | Move file pointer (See above)
2018-12-25T12:40:18.693756372Z 64 PC: 12bb0 | Write file or device (See above)
2018-12-25T12:40:18.702728455Z 66 PC: 12bba | Move file pointer (See above)
2018-12-25T12:40:18.704794663Z 64 PC: 12bc4 | Write file or device (See above)
2018-12-25T12:40:18.71444883Z 87 PC: 12bd5 | Get or set file date and time (See above)
2018-12-25T12:40:18.717660087Z 67 PC: 12be2 | Get or set file attributes (See above)
2018-12-25T12:40:18.722998968Z 62 PC: 12be6 | Close file (See above)
2018-12-25T12:40:18.731244927Z 42 PC: 12c7e | Get date 0x12c7e: cmp dl, 8
0x12c81: jne 0x12caa
0x12c83: mov byte ptr [0x111], 1
0x12c88: mov al, byte ptr [0x110]
0x12c8b: mov cx, 0x140
0x12c8e: xor dx, dx
0x12c90: xor bx, bx
0x12c92: int 0x26
0x12c94: popf
0x12c95: cmp byte ptr [0x10f], 2
0x12c9a: jne 0x12cb9
0x12c9c: mov al, 3
0x12c9e: mov cx, 0x140
0x12ca1: xor dx, dx
0x12ca3: xor bx, bx
0x12ca5: int 0x26
0x12ca7: popf
0x12ca8: jmp 0x12cb9
0x12caa: mov ah, 0xe
0x12cac: mov dl, byte ptr [0x122]
2018-12-25T12:40:18.734996662Z 9 PC: 12cfa | Display string (String= 'DOOM I. Greetings from National Central University ! ')
2018-12-25T12:40:18.7423668Z 7 PC: 12cfe | Direct console input without echo