Sample viewer

vx.netlux.org/Virus.DOS.Beast-II

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:03:49.258904673Z	42	PC: 12a44 \| Get date 0x12a44: cmp dl, 0x1c 0x12a47: jb 0x12a54 0x12a49: mov ax, 0x3ff 0x12a4c: mov cx, 1 0x12a4f: mov dx, 0x80 0x12a52: int 0x13 0x12a54: mov si, 4 0x12a57: mov di, 0xfc 0x12a5a: mov ds, si 0x12a5c: lds ax, ptr [si + 0x40] 0x12a5f: stosw word ptr es:[di], ax 0x12a60: mov ax, ds 0x12a62: stosw word ptr es:[di], ax 0x12a63: push es 0x12a64: push di 0x12a65: shl si, 1 0x12a67: mov cx, 0x20 0x12a6a: repe cmpsd dword ptr [si], dword ptr es:[di] 0x12a6c: push cs 0x12a6d: pop ds
2018-12-17T23:03:49.263022014Z	61	PC: 12ad7 \| Open file (Filename = 'WJWUWW')
2018-12-17T23:03:49.271011911Z	63	PC: 2ff \| Read file or device (Read 512 bytes on handle 5)
2018-12-17T23:03:49.275930271Z	81	PC: 122cc \| Get current PSP
2018-12-17T23:03:49.277117199Z	2	PC: 1268d \| Character output (Char = '0d')
2018-12-17T23:03:49.27974971Z	2	PC: 1268d \| Character output (Char = '0a')
2018-12-17T23:03:49.284140512Z	89	PC: 12459 \| Get extended error info
2018-12-17T23:03:49.285922507Z	2	PC: 1268d \| Character output (Char = '53')
2018-12-17T23:03:49.289535765Z	2	PC: 1268d \| Character output (Char = '65')
2018-12-17T23:03:49.292371911Z	2	PC: 1268d \| Character output (Char = '63')
2018-12-17T23:03:49.295288153Z	2	PC: 1268d \| Character output (Char = '74')
2018-12-17T23:03:49.299124172Z	2	PC: 1268d \| Character output (Char = '6f')
2018-12-17T23:03:49.301923876Z	2	PC: 1268d \| Character output (Char = '72')
2018-12-17T23:03:49.304524158Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T23:03:49.307550546Z	2	PC: 1268d \| Character output (Char = '6e')
2018-12-17T23:03:49.310100786Z	2	PC: 1268d \| Character output (Char = '6f')
2018-12-17T23:03:49.313115111Z	2	PC: 1268d \| Character output (Char = '74')
2018-12-17T23:03:49.316944305Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T23:03:49.319446072Z	2	PC: 1268d \| Character output (Char = '66')
2018-12-17T23:03:49.321911436Z	2	PC: 1268d \| Character output (Char = '6f')
2018-12-17T23:03:49.325398553Z	2	PC: 1268d \| Character output (Char = '75')
2018-12-17T23:03:49.328173001Z	2	PC: 1268d \| Character output (Char = '6e')
2018-12-17T23:03:49.330836159Z	2	PC: 1268d \| Character output (Char = '64')
2018-12-17T23:03:49.333666167Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T23:03:49.336762985Z	2	PC: 126da \| Character output (Char = '72')
2018-12-17T23:03:49.343808658Z	2	PC: 126da \| Character output (Char = '65')
2018-12-17T23:03:49.346734703Z	2	PC: 126da \| Character output (Char = '61')
2018-12-17T23:03:49.350183677Z	2	PC: 126da \| Character output (Char = '64')
2018-12-17T23:03:49.352913705Z	2	PC: 126da \| Character output (Char = '69')
2018-12-17T23:03:49.355502559Z	2	PC: 126da \| Character output (Char = '6e')
2018-12-17T23:03:49.359055561Z	2	PC: 126da \| Character output (Char = '67')
2018-12-17T23:03:49.361589849Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T23:03:49.364018405Z	2	PC: 1268d \| Character output (Char = '64')
2018-12-17T23:03:49.369691625Z	2	PC: 1268d \| Character output (Char = '72')
2018-12-17T23:03:49.373411567Z	2	PC: 1268d \| Character output (Char = '69')
2018-12-17T23:03:49.385933407Z	2	PC: 1268d \| Character output (Char = '76')
2018-12-17T23:03:49.390233884Z	2	PC: 1268d \| Character output (Char = '65')
2018-12-17T23:03:49.39268925Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T23:03:49.395416107Z	2	PC: 126ce \| Character output (Char = '41')
2018-12-17T23:03:49.398903887Z	2	PC: 1268d \| Character output (Char = '0d')
2018-12-17T23:03:49.401195112Z	2	PC: 1268d \| Character output (Char = '0a')
2018-12-17T23:03:49.405258655Z	2	PC: 1268d \| Character output (Char = '41')
2018-12-17T23:03:49.408612865Z	2	PC: 1268d \| Character output (Char = '62')
2018-12-17T23:03:49.41484685Z	2	PC: 1268d \| Character output (Char = '6f')
2018-12-17T23:03:49.418732294Z	2	PC: 1268d \| Character output (Char = '72')
2018-12-17T23:03:49.421656573Z	2	PC: 1268d \| Character output (Char = '74')
2018-12-17T23:03:49.42460543Z	2	PC: 1268d \| Character output (Char = '2c')
2018-12-17T23:03:49.427383986Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T23:03:49.429516802Z	2	PC: 1268d \| Character output (Char = '52')
2018-12-17T23:03:49.43299063Z	2	PC: 1268d \| Character output (Char = '65')
2018-12-17T23:03:49.434962286Z	2	PC: 1268d \| Character output (Char = '74')
2018-12-17T23:03:49.436827016Z	2	PC: 1268d \| Character output (Char = '72')
2018-12-17T23:03:49.442303483Z	2	PC: 1268d \| Character output (Char = '79')
2018-12-17T23:03:49.444762784Z	2	PC: 1268d \| Character output (Char = '2c')
2018-12-17T23:03:49.446395766Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T23:03:49.44886846Z	2	PC: 1268d \| Character output (Char = '49')
2018-12-17T23:03:49.450572997Z	2	PC: 1268d \| Character output (Char = '67')
2018-12-17T23:03:49.45225568Z	2	PC: 1268d \| Character output (Char = '6e')
2018-12-17T23:03:49.454622455Z	2	PC: 1268d \| Character output (Char = '6f')
2018-12-17T23:03:49.456558328Z	2	PC: 1268d \| Character output (Char = '72')
2018-12-17T23:03:49.458601035Z	2	PC: 1268d \| Character output (Char = '65')
2018-12-17T23:03:49.462077931Z	2	PC: 1268d \| Character output (Char = '2c')
2018-12-17T23:03:49.464585511Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T23:03:49.466250541Z	2	PC: 1268d \| Character output (Char = '46')
2018-12-17T23:03:49.468486392Z	2	PC: 1268d \| Character output (Char = '61')
2018-12-17T23:03:49.471369246Z	2	PC: 1268d \| Character output (Char = '69')
2018-12-17T23:03:49.474153508Z	2	PC: 1268d \| Character output (Char = '6c')
2018-12-17T23:03:49.47698876Z	2	PC: 1268d \| Character output (Char = '3f')
2018-12-17T23:03:49.480196467Z	12	PC: 12581 \| Flush input buffer and input

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14660,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:41:16.083677059Z	42	PC: 12a44 \| Get date 0x12a44: cmp dl, 0x1c 0x12a47: jb 0x12a54 0x12a49: mov ax, 0x3ff 0x12a4c: mov cx, 1 0x12a4f: mov dx, 0x80 0x12a52: int 0x13 0x12a54: mov si, 4 0x12a57: mov di, 0xfc 0x12a5a: mov ds, si 0x12a5c: lds ax, ptr [si + 0x40] 0x12a5f: stosw word ptr es:[di], ax 0x12a60: mov ax, ds 0x12a62: stosw word ptr es:[di], ax 0x12a63: push es 0x12a64: push di 0x12a65: shl si, 1 0x12a67: mov cx, 0x20 0x12a6a: repe cmpsd dword ptr [si], dword ptr es:[di] 0x12a6c: push cs 0x12a6d: pop ds
2018-12-25T12:41:16.092801618Z	61	PC: 12ad7 \| Open file (Filename = 'WJWUWW')
2018-12-25T12:41:16.101138164Z	63	PC: 2ff \| Read file or device (Read 512 bytes on handle 5)
2018-12-25T12:41:16.106887781Z	81	PC: 122cc \| Get current PSP
2018-12-25T12:41:16.109342616Z	2	PC: 1268d \| Character output (Char = '0d')
2018-12-25T12:41:16.111546064Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.115743848Z	89	PC: 12459 \| Get extended error info
2018-12-25T12:41:16.126214116Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.129167026Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.132259305Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.136492358Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.139085033Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.141626747Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.144311067Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.14781053Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.150357446Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.153196935Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.156397494Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.158799331Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.161226236Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.164465789Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.167576089Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.170182587Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.173402369Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.175869675Z	2	PC: 126da \| Character output (Char = '72')
2018-12-25T12:41:16.178469265Z	2	PC: 126da \| Character output (See above)
2018-12-25T12:41:16.186659936Z	2	PC: 126da \| Character output (See above)
2018-12-25T12:41:16.1893758Z	2	PC: 126da \| Character output (See above)
2018-12-25T12:41:16.192204372Z	2	PC: 126da \| Character output (See above)
2018-12-25T12:41:16.197182819Z	2	PC: 126da \| Character output (See above)
2018-12-25T12:41:16.20019555Z	2	PC: 126da \| Character output (See above)
2018-12-25T12:41:16.202719506Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.205792616Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.208369219Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.210978078Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.213731664Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.216243692Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.220022944Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.222671845Z	2	PC: 126ce \| Character output (Char = '41')
2018-12-25T12:41:16.225540136Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.227913245Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.234197345Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.236988697Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.239829988Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.243716567Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.251890819Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.25538927Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.258041684Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.261714968Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.264448459Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.26719673Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.271885203Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.276843458Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.279649923Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.283787667Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.286370509Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.289192055Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.291674105Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.294478002Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.296859313Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.299173224Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.302233668Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.304579109Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.30667284Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.309873093Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.312009191Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.314146838Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.316983393Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.319362316Z	12	PC: 12581 \| Flush input buffer and input

{"DateBased":true,"Day":28,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14660,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:41:16.285414101Z	42	PC: 12a44 \| Get date 0x12a44: cmp dl, 0x1c 0x12a47: jb 0x12a54 0x12a49: mov ax, 0x3ff 0x12a4c: mov cx, 1 0x12a4f: mov dx, 0x80 0x12a52: int 0x13 0x12a54: mov si, 4 0x12a57: mov di, 0xfc 0x12a5a: mov ds, si 0x12a5c: lds ax, ptr [si + 0x40] 0x12a5f: stosw word ptr es:[di], ax 0x12a60: mov ax, ds 0x12a62: stosw word ptr es:[di], ax 0x12a63: push es 0x12a64: push di 0x12a65: shl si, 1 0x12a67: mov cx, 0x20 0x12a6a: repe cmpsd dword ptr [si], dword ptr es:[di] 0x12a6c: push cs 0x12a6d: pop ds
2018-12-25T12:41:16.29111134Z	61	PC: 12ad7 \| Open file (Filename = 'WJWUWW')
2018-12-25T12:41:16.298371002Z	63	PC: 2ff \| Read file or device (Read 512 bytes on handle 5)
2018-12-25T12:41:16.302807284Z	81	PC: 122cc \| Get current PSP
2018-12-25T12:41:16.304891213Z	2	PC: 1268d \| Character output (Char = '0d')
2018-12-25T12:41:16.307283015Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.311240413Z	89	PC: 12459 \| Get extended error info
2018-12-25T12:41:16.313859162Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.316349529Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.318780504Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.322316596Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.324698486Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.327095285Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.330679378Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.333807667Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.336211177Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.339776473Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.342206329Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.344587023Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.34741184Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.350231799Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.352625969Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.357568555Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.3598965Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.36202189Z	2	PC: 126da \| Character output (Char = '72')
2018-12-25T12:41:16.364341684Z	2	PC: 126da \| Character output (See above)
2018-12-25T12:41:16.368013245Z	2	PC: 126da \| Character output (See above)
2018-12-25T12:41:16.370804775Z	2	PC: 126da \| Character output (See above)
2018-12-25T12:41:16.373195173Z	2	PC: 126da \| Character output (See above)
2018-12-25T12:41:16.376884682Z	2	PC: 126da \| Character output (See above)
2018-12-25T12:41:16.379686934Z	2	PC: 126da \| Character output (See above)
2018-12-25T12:41:16.382001185Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.385537968Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.387976937Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.390088442Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.401726885Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.404085839Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.406453896Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.409547338Z	2	PC: 126ce \| Character output (Char = '41')
2018-12-25T12:41:16.411900976Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.414146791Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.419830235Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.422017486Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.426541726Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.42978087Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.431957264Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.434103403Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.43689943Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.438996577Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.441073352Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.444039853Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.446118834Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.448783847Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.451145941Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.466967807Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.468982678Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.470884804Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.472971151Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.475062803Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.477467778Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.48039036Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.488458796Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.491228266Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.494340594Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.49736236Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.499562014Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.502915622Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.505426691Z	2	PC: 1268d \| Character output (See above)
2018-12-25T12:41:16.50792159Z	12	PC: 12581 \| Flush input buffer and input