Sample viewer

vx.netlux.org/Virus.DOS.Patr.1536

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:03:13.888908187Z	71	PC: 12c57 \| Get current directory
2018-12-17T23:03:13.892450913Z	25	PC: 12c5b \| Get default drive
2018-12-17T23:03:13.89386136Z	14	PC: 12c71 \| Set default drive (Drive = 'C')
2018-12-17T23:03:13.895390101Z	44	PC: 12c75 \| Get time 0x12c75: cmp dl, 0x32 0x12c78: jg 0x12c83 0x12c7a: mov ah, 0x3b 0x12c7c: mov dx, 0x4ed 0x12c7f: int 0x21 0x12c81: jae 0x12c7a 0x12c83: mov dx, 0x4f0 0x12c86: mov ah, 0x1a 0x12c88: int 0x21 0x12c8a: mov ax, cs 0x12c8c: mov ds, ax 0x12c8e: mov ah, 0x4e 0x12c90: mov dx, 0x3d0 0x12c93: mov cx, 0xf 0x12c96: int 0x21 0x12c98: jae 0x12c9d 0x12c9a: jmp 0x12dec 0x12c9d: mov ah, 0x2f 0x12c9f: int 0x21 0x12ca1: mov cx, es
2018-12-17T23:03:13.898336599Z	26	PC: 12c8a \| Set disk transfer address
2018-12-17T23:03:13.899639129Z	78	PC: 12c98 \| Find first file
2018-12-17T23:03:13.905177887Z	78	PC: 12e09 \| Find first file
2018-12-17T23:03:13.911190662Z	47	PC: 12e0d \| Get disk transfer address
2018-12-17T23:03:13.912535886Z	79	PC: 12e2a \| Find next file
2018-12-17T23:03:13.915268799Z	79	PC: 12e2a \| Find next file
2018-12-17T23:03:13.926732623Z	59	PC: 12e47 \| Change current directory
2018-12-17T23:03:13.932821506Z	78	PC: 12c98 \| Find first file
2018-12-17T23:03:13.943463338Z	47	PC: 12ca1 \| Get disk transfer address
2018-12-17T23:03:13.945456759Z	67	PC: 12cb3 \| Get or set file attributes
2018-12-17T23:03:14.291007618Z	61	PC: 12cb8 \| Open file (Filename = 'ATTRIB.EXE')
2018-12-17T23:03:14.297964101Z	87	PC: 12cc3 \| Get or set file date and time
2018-12-17T23:03:14.300791787Z	66	PC: 12cea \| Move file pointer
2018-12-17T23:03:14.302714611Z	66	PC: 12cfc \| Move file pointer
2018-12-17T23:03:14.304640692Z	66	PC: 12d77 \| Move file pointer
2018-12-17T23:03:14.306778645Z	64	PC: 12d82 \| Write file or device (Write 32 bytes on handle 24)
2018-12-17T23:03:14.309183959Z	66	PC: 12d8d \| Move file pointer
2018-12-17T23:03:14.311023751Z	64	PC: 12dac \| Write file or device (Write 8 bytes on handle 24)
2018-12-17T23:03:14.312508359Z	66	PC: 12db7 \| Move file pointer
2018-12-17T23:03:14.313973372Z	64	PC: 12dce \| Write file or device (Write 1536 bytes on handle 24)
2018-12-17T23:03:14.315070373Z	87	PC: 12ddf \| Get or set file date and time
2018-12-17T23:03:14.316474626Z	62	PC: 12de3 \| Close file
2018-12-17T23:03:14.318185181Z	79	PC: 12de7 \| Find next file
2018-12-17T23:03:14.320128158Z	47	PC: 12ca1 \| Get disk transfer address
2018-12-17T23:03:14.320906384Z	67	PC: 12cb3 \| Get or set file attributes
2018-12-17T23:03:14.328001238Z	61	PC: 12cb8 \| Open file (Filename = 'CHKDSK.EXE')
2018-12-17T23:03:14.332096726Z	87	PC: 12cc3 \| Get or set file date and time
2018-12-17T23:03:14.333090184Z	66	PC: 12cea \| Move file pointer
2018-12-17T23:03:14.33467318Z	66	PC: 12cfc \| Move file pointer
2018-12-17T23:03:14.335861706Z	66	PC: 12d77 \| Move file pointer
2018-12-17T23:03:14.336986977Z	64	PC: 12d82 \| Write file or device (Write 32 bytes on handle 25)
2018-12-17T23:03:14.338825714Z	66	PC: 12d8d \| Move file pointer
2018-12-17T23:03:14.33996298Z	64	PC: 12dac \| Write file or device (Write 15 bytes on handle 25)
2018-12-17T23:03:14.341021833Z	66	PC: 12db7 \| Move file pointer
2018-12-17T23:03:14.342502976Z	64	PC: 12dce \| Write file or device (Write 1536 bytes on handle 25)
2018-12-17T23:03:14.343845902Z	87	PC: 12ddf \| Get or set file date and time
2018-12-17T23:03:14.344783651Z	62	PC: 12de3 \| Close file
2018-12-17T23:03:14.346047852Z	79	PC: 12de7 \| Find next file
2018-12-17T23:03:14.348012381Z	47	PC: 12ca1 \| Get disk transfer address
2018-12-17T23:03:14.348724621Z	67	PC: 12cb3 \| Get or set file attributes
2018-12-17T23:03:14.355417604Z	61	PC: 12cb8 \| Open file (Filename = 'DEBUG.EXE')
2018-12-17T23:03:14.359604579Z	87	PC: 12cc3 \| Get or set file date and time
2018-12-17T23:03:14.360859173Z	66	PC: 12cea \| Move file pointer
2018-12-17T23:03:14.36240308Z	66	PC: 12cfc \| Move file pointer
2018-12-17T23:03:14.363907663Z	66	PC: 12d77 \| Move file pointer
2018-12-17T23:03:14.365224493Z	64	PC: 12d82 \| Write file or device (Write 32 bytes on handle 25)
2018-12-17T23:03:14.366976531Z	66	PC: 12d8d \| Move file pointer
2018-12-17T23:03:14.368388924Z	64	PC: 12dac \| Write file or device (Write 10 bytes on handle 25)
2018-12-17T23:03:14.369629708Z	66	PC: 12db7 \| Move file pointer
2018-12-17T23:03:14.371414139Z	64	PC: 12dce \| Write file or device (Write 1536 bytes on handle 25)
2018-12-17T23:03:14.372658492Z	87	PC: 12ddf \| Get or set file date and time
2018-12-17T23:03:14.373847911Z	62	PC: 12de3 \| Close file
2018-12-17T23:03:14.375563525Z	79	PC: 12de7 \| Find next file
2018-12-17T23:03:14.378404902Z	47	PC: 12ca1 \| Get disk transfer address
2018-12-17T23:03:14.379245716Z	67	PC: 12cb3 \| Get or set file attributes
2018-12-17T23:03:14.38853349Z	61	PC: 12cb8 \| Open file (Filename = 'EXPAND.EXE')
2018-12-17T23:03:14.394850727Z	87	PC: 12cc3 \| Get or set file date and time
2018-12-17T23:03:14.395965731Z	66	PC: 12cea \| Move file pointer
2018-12-17T23:03:14.397535755Z	66	PC: 12cfc \| Move file pointer
2018-12-17T23:03:14.398853432Z	66	PC: 12d77 \| Move file pointer
2018-12-17T23:03:14.399945751Z	64	PC: 12d82 \| Write file or device (Write 32 bytes on handle 8)
2018-12-17T23:03:14.405590872Z	66	PC: 12d8d \| Move file pointer
2018-12-17T23:03:14.406932419Z	64	PC: 12dac \| Write file or device (Write 15 bytes on handle 8)
2018-12-17T23:03:14.412705469Z	66	PC: 12db7 \| Move file pointer
2018-12-17T23:03:14.414140415Z	64	PC: 12dce \| Write file or device (Write 1536 bytes on handle 8)
2018-12-17T23:03:14.423985996Z	87	PC: 12ddf \| Get or set file date and time
2018-12-17T23:03:14.425304484Z	62	PC: 12de3 \| Close file
2018-12-17T23:03:14.432341553Z	79	PC: 12de7 \| Find next file
2018-12-17T23:03:14.435098017Z	47	PC: 12ca1 \| Get disk transfer address
2018-12-17T23:03:14.436017374Z	67	PC: 12cb3 \| Get or set file attributes
2018-12-17T23:03:14.445616601Z	61	PC: 12cb8 \| Open file (Filename = 'FDISK.EXE')
2018-12-17T23:03:14.45205699Z	87	PC: 12cc3 \| Get or set file date and time
2018-12-17T23:03:14.453447432Z	66	PC: 12cea \| Move file pointer
2018-12-17T23:03:14.454999071Z	66	PC: 12cfc \| Move file pointer
2018-12-17T23:03:14.457177552Z	66	PC: 12d77 \| Move file pointer
2018-12-17T23:03:14.458672127Z	64	PC: 12d82 \| Write file or device (Write 32 bytes on handle 26)
2018-12-17T23:03:14.461175844Z	66	PC: 12d8d \| Move file pointer
2018-12-17T23:03:14.462718571Z	64	PC: 12dac \| Write file or device (Write 8 bytes on handle 26)
2018-12-17T23:03:14.464143074Z	66	PC: 12db7 \| Move file pointer
2018-12-17T23:03:14.466481995Z	64	PC: 12dce \| Write file or device (Write 1536 bytes on handle 26)
2018-12-17T23:03:14.468355273Z	87	PC: 12ddf \| Get or set file date and time
2018-12-17T23:03:14.469753479Z	62	PC: 12de3 \| Close file
2018-12-17T23:03:14.471253792Z	79	PC: 12de7 \| Find next file
2018-12-17T23:03:14.474889976Z	47	PC: 12ca1 \| Get disk transfer address
2018-12-17T23:03:14.476298448Z	67	PC: 12cb3 \| Get or set file attributes
2018-12-17T23:03:14.48567523Z	61	PC: 12cb8 \| Open file (Filename = 'MEM.EXE')
2018-12-17T23:03:14.492566147Z	87	PC: 12cc3 \| Get or set file date and time
2018-12-17T23:03:14.494449327Z	66	PC: 12cea \| Move file pointer
2018-12-17T23:03:14.495609031Z	66	PC: 12cfc \| Move file pointer
2018-12-17T23:03:14.497586902Z	66	PC: 12d77 \| Move file pointer
2018-12-17T23:03:14.498806056Z	64	PC: 12d82 \| Write file or device (Write 32 bytes on handle 27)
2018-12-17T23:03:14.500016853Z	66	PC: 12d8d \| Move file pointer
2018-12-17T23:03:14.501964917Z	64	PC: 12dac \| Write file or device (Write 10 bytes on handle 27)
2018-12-17T23:03:14.503605445Z	66	PC: 12db7 \| Move file pointer
2018-12-17T23:03:14.50525392Z	64	PC: 12dce \| Write file or device (Write 1536 bytes on handle 27)
2018-12-17T23:03:14.507177554Z	87	PC: 12ddf \| Get or set file date and time
2018-12-17T23:03:14.508732358Z	62	PC: 12de3 \| Close file
2018-12-17T23:03:14.510340093Z	79	PC: 12de7 \| Find next file
2018-12-17T23:03:14.516748126Z	47	PC: 12ca1 \| Get disk transfer address
2018-12-17T23:03:14.517641294Z	67	PC: 12cb3 \| Get or set file attributes
2018-12-17T23:03:14.52512042Z	61	PC: 12cb8 \| Open file (Filename = 'NLSFUNC.EXE')
2018-12-17T23:03:14.531091722Z	87	PC: 12cc3 \| Get or set file date and time
2018-12-17T23:03:14.53234851Z	66	PC: 12cea \| Move file pointer
2018-12-17T23:03:14.533546091Z	66	PC: 12cfc \| Move file pointer
2018-12-17T23:03:14.535766117Z	66	PC: 12d77 \| Move file pointer
2018-12-17T23:03:14.537170473Z	64	PC: 12d82 \| Write file or device (Write 32 bytes on handle 28)
2018-12-17T23:03:14.538604088Z	66	PC: 12d8d \| Move file pointer
2018-12-17T23:03:14.540537403Z	64	PC: 12dac \| Write file or device (Write 4 bytes on handle 28)
2018-12-17T23:03:14.54196901Z	66	PC: 12db7 \| Move file pointer
2018-12-17T23:03:14.543393795Z	64	PC: 12dce \| Write file or device (Write 1536 bytes on handle 28)
2018-12-17T23:03:14.545357775Z	87	PC: 12ddf \| Get or set file date and time
2018-12-17T23:03:14.54663218Z	62	PC: 12de3 \| Close file
2018-12-17T23:03:14.547840939Z	79	PC: 12de7 \| Find next file
2018-12-17T23:03:14.550820125Z	47	PC: 12ca1 \| Get disk transfer address
2018-12-17T23:03:14.551758583Z	67	PC: 12cb3 \| Get or set file attributes
2018-12-17T23:03:14.559320683Z	61	PC: 12cb8 \| Open file (Filename = 'QBASIC.EXE')
2018-12-17T23:03:14.566006202Z	87	PC: 12cc3 \| Get or set file date and time
2018-12-17T23:03:14.567169102Z	66	PC: 12cea \| Move file pointer
2018-12-17T23:03:14.568376439Z	66	PC: 12cfc \| Move file pointer
2018-12-17T23:03:14.57146974Z	66	PC: 12d77 \| Move file pointer
2018-12-17T23:03:14.572725614Z	64	PC: 12d82 \| Write file or device (Write 32 bytes on handle 29)
2018-12-17T23:03:14.573974803Z	66	PC: 12d8d \| Move file pointer
2018-12-17T23:03:14.575989827Z	64	PC: 12dac \| Write file or device (Write 11 bytes on handle 29)
2018-12-17T23:03:14.577376471Z	66	PC: 12db7 \| Move file pointer
2018-12-17T23:03:14.57878362Z	64	PC: 12dce \| Write file or device (Write 1536 bytes on handle 29)
2018-12-17T23:03:14.580794249Z	87	PC: 12ddf \| Get or set file date and time
2018-12-17T23:03:14.582434106Z	62	PC: 12de3 \| Close file
2018-12-17T23:03:14.58399777Z	79	PC: 12de7 \| Find next file
2018-12-17T23:03:14.58752733Z	47	PC: 12ca1 \| Get disk transfer address
2018-12-17T23:03:14.589284246Z	67	PC: 12cb3 \| Get or set file attributes
2018-12-17T23:03:14.597395336Z	61	PC: 12cb8 \| Open file (Filename = 'REPLACE.EXE')
2018-12-17T23:03:14.604056277Z	87	PC: 12cc3 \| Get or set file date and time
2018-12-17T23:03:14.606744145Z	66	PC: 12cea \| Move file pointer
2018-12-17T23:03:14.608060112Z	66	PC: 12cfc \| Move file pointer
2018-12-17T23:03:14.610305729Z	66	PC: 12d77 \| Move file pointer
2018-12-17T23:03:14.611761719Z	64	PC: 12d82 \| Write file or device (Write 32 bytes on handle 30)
2018-12-17T23:03:14.613195393Z	66	PC: 12d8d \| Move file pointer
2018-12-17T23:03:14.614834682Z	64	PC: 12dac \| Write file or device (Write 14 bytes on handle 30)
2018-12-17T23:03:14.616893978Z	66	PC: 12db7 \| Move file pointer
2018-12-17T23:03:14.61839772Z	64	PC: 12dce \| Write file or device (Write 1536 bytes on handle 30)
2018-12-17T23:03:14.620321446Z	87	PC: 12ddf \| Get or set file date and time
2018-12-17T23:03:14.621908429Z	62	PC: 12de3 \| Close file
2018-12-17T23:03:14.623325175Z	79	PC: 12de7 \| Find next file
2018-12-17T23:03:14.626157104Z	47	PC: 12ca1 \| Get disk transfer address
2018-12-17T23:03:14.627980371Z	67	PC: 12cb3 \| Get or set file attributes
2018-12-17T23:03:14.63582312Z	61	PC: 12cb8 \| Open file (Filename = 'RESTORE.EXE')
2018-12-17T23:03:14.641441673Z	87	PC: 12cc3 \| Get or set file date and time
2018-12-17T23:03:14.643763791Z	66	PC: 12cea \| Move file pointer
2018-12-17T23:03:14.645198366Z	66	PC: 12cfc \| Move file pointer
2018-12-17T23:03:14.646714776Z	66	PC: 12d77 \| Move file pointer
2018-12-17T23:03:14.649033805Z	64	PC: 12d82 \| Write file or device (Write 32 bytes on handle 31)
2018-12-17T23:03:14.650630437Z	66	PC: 12d8d \| Move file pointer
2018-12-17T23:03:14.652194235Z	64	PC: 12dac \| Write file or device (Write 10 bytes on handle 31)
2018-12-17T23:03:14.655034734Z	66	PC: 12db7 \| Move file pointer
2018-12-17T23:03:14.656502141Z	64	PC: 12dce \| Write file or device (Write 1536 bytes on handle 31)
2018-12-17T23:03:14.657927537Z	87	PC: 12ddf \| Get or set file date and time
2018-12-17T23:03:14.660120915Z	62	PC: 12de3 \| Close file
2018-12-17T23:03:14.661526146Z	79	PC: 12de7 \| Find next file
2018-12-17T23:03:14.664310374Z	47	PC: 12ca1 \| Get disk transfer address
2018-12-17T23:03:14.666091922Z	67	PC: 12cb3 \| Get or set file attributes
2018-12-17T23:03:14.674224004Z	61	PC: 12cb8 \| Open file (Filename = 'SCANDISK.EXE')
2018-12-17T23:03:14.680769102Z	87	PC: 12cc3 \| Get or set file date and time
2018-12-17T23:03:14.682854864Z	66	PC: 12cea \| Move file pointer
2018-12-17T23:03:14.684165167Z	66	PC: 12cfc \| Move file pointer
2018-12-17T23:03:14.685668841Z	66	PC: 12d77 \| Move file pointer
2018-12-17T23:03:14.68768284Z	64	PC: 12d82 \| Write file or device (Write 32 bytes on handle 32)
2018-12-17T23:03:14.688999373Z	66	PC: 12d8d \| Move file pointer
2018-12-17T23:03:14.690339167Z	64	PC: 12dac \| Write file or device (Write 10 bytes on handle 32)
2018-12-17T23:03:14.692355634Z	66	PC: 12db7 \| Move file pointer
2018-12-17T23:03:14.693770878Z	64	PC: 12dce \| Write file or device (Write 1536 bytes on handle 32)
2018-12-17T23:03:14.695065222Z	87	PC: 12ddf \| Get or set file date and time
2018-12-17T23:03:14.697166487Z	62	PC: 12de3 \| Close file
2018-12-17T23:03:14.698531462Z	79	PC: 12de7 \| Find next file
2018-12-17T23:03:14.702245272Z	47	PC: 12ca1 \| Get disk transfer address
2018-12-17T23:03:14.703563988Z	67	PC: 12cb3 \| Get or set file attributes
2018-12-17T23:03:14.713078386Z	61	PC: 12cb8 \| Open file (Filename = 'SETUP.EXE')
2018-12-17T23:03:14.718606727Z	87	PC: 12cc3 \| Get or set file date and time
2018-12-17T23:03:14.721329721Z	66	PC: 12cea \| Move file pointer
2018-12-17T23:03:14.722996163Z	66	PC: 12cfc \| Move file pointer