Sample viewer

vx.netlux.org/Virus.DOS.SillyOC.165

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:04:08.923219712Z	42	PC: 12a44 \| Get date 0x12a44: cmp dl, 0x1d 0x12a47: jne 0x12a57 0x12a49: add byte ptr [0x7507], 9 0x12a4e: mov ah, 9 0x12a50: mov dx, 0x189 0x12a53: int 0x21 0x12a55: int 0x20 0x12a57: mov ah, 0x4e 0x12a59: mov cx, 0 0x12a5c: mov dx, 0x174 0x12a5f: int 0x21 0x12a61: jae 0x12a66 0x12a63: jmp 0x12ab2 0x12a65: nop 0x12a66: mov ax, 0x4301 0x12a69: mov cx, 0 0x12a6c: mov dx, 0x9e 0x12a6f: int 0x21 0x12a71: jb 0x12a8b 0x12a73: mov ah, 0x3d
2018-12-17T23:04:08.92703259Z	78	PC: 12a61 \| Find first file
2018-12-17T23:04:08.949067955Z	67	PC: 12a71 \| Get or set file attributes
2018-12-17T23:04:08.96741826Z	61	PC: 12a7c \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:04:08.97503761Z	64	PC: 12a89 \| Write file or device (Write 165 bytes on handle 5)
2018-12-17T23:04:08.98408942Z	67	PC: 12a98 \| Get or set file attributes
2018-12-17T23:04:08.989793779Z	87	PC: 12aa7 \| Get or set file date and time
2018-12-17T23:04:08.991572982Z	62	PC: 12aab \| Close file
2018-12-17T23:04:09.001074867Z	79	PC: 12a61 \| Find next file
2018-12-17T23:04:09.00420342Z	67	PC: 12a71 \| Get or set file attributes
2018-12-17T23:04:09.01634651Z	61	PC: 12a7c \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:04:09.026815253Z	64	PC: 12a89 \| Write file or device (Write 165 bytes on handle 5)
2018-12-17T23:04:09.035249824Z	67	PC: 12a98 \| Get or set file attributes
2018-12-17T23:04:09.041674158Z	87	PC: 12aa7 \| Get or set file date and time
2018-12-17T23:04:09.048735585Z	62	PC: 12aab \| Close file
2018-12-17T23:04:09.05757754Z	79	PC: 12a61 \| Find next file
2018-12-17T23:04:09.061088382Z	67	PC: 12a71 \| Get or set file attributes
2018-12-17T23:04:09.072354631Z	61	PC: 12a7c \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:04:09.081109863Z	64	PC: 12a89 \| Write file or device (Write 165 bytes on handle 5)
2018-12-17T23:04:09.088928242Z	67	PC: 12a98 \| Get or set file attributes
2018-12-17T23:04:09.09457842Z	87	PC: 12aa7 \| Get or set file date and time
2018-12-17T23:04:09.096849856Z	62	PC: 12aab \| Close file
2018-12-17T23:04:09.105147255Z	79	PC: 12a61 \| Find next file
2018-12-17T23:04:09.108281307Z	67	PC: 12a71 \| Get or set file attributes
2018-12-17T23:04:09.120753597Z	61	PC: 12a7c \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:04:09.129308091Z	64	PC: 12a89 \| Write file or device (Write 165 bytes on handle 5)
2018-12-17T23:04:09.137146248Z	67	PC: 12a98 \| Get or set file attributes
2018-12-17T23:04:09.143491318Z	87	PC: 12aa7 \| Get or set file date and time
2018-12-17T23:04:09.146547888Z	62	PC: 12aab \| Close file
2018-12-17T23:04:09.155261064Z	79	PC: 12a61 \| Find next file
2018-12-17T23:04:09.158603001Z	67	PC: 12a71 \| Get or set file attributes
2018-12-17T23:04:09.170012977Z	61	PC: 12a7c \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:04:09.184803334Z	64	PC: 12a89 \| Write file or device (Write 165 bytes on handle 5)
2018-12-17T23:04:09.19351729Z	67	PC: 12a98 \| Get or set file attributes
2018-12-17T23:04:09.198991891Z	87	PC: 12aa7 \| Get or set file date and time
2018-12-17T23:04:09.200960263Z	62	PC: 12aab \| Close file
2018-12-17T23:04:09.209099844Z	79	PC: 12a61 \| Find next file
2018-12-17T23:04:09.212332041Z	67	PC: 12a71 \| Get or set file attributes
2018-12-17T23:04:09.22341641Z	61	PC: 12a7c \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:04:09.230656251Z	64	PC: 12a89 \| Write file or device (Write 165 bytes on handle 5)
2018-12-17T23:04:09.239214238Z	67	PC: 12a98 \| Get or set file attributes
2018-12-17T23:04:09.244989535Z	87	PC: 12aa7 \| Get or set file date and time
2018-12-17T23:04:09.247011136Z	62	PC: 12aab \| Close file
2018-12-17T23:04:09.256414515Z	79	PC: 12a61 \| Find next file
2018-12-17T23:04:09.259669615Z	67	PC: 12a71 \| Get or set file attributes
2018-12-17T23:04:09.270964766Z	61	PC: 12a7c \| Open file (Filename = 'PAH.COM')
2018-12-17T23:04:09.279104012Z	64	PC: 12a89 \| Write file or device (Write 165 bytes on handle 5)
2018-12-17T23:04:09.286783887Z	67	PC: 12a98 \| Get or set file attributes
2018-12-17T23:04:09.292490837Z	87	PC: 12aa7 \| Get or set file date and time
2018-12-17T23:04:09.29534089Z	62	PC: 12aab \| Close file
2018-12-17T23:04:09.305074341Z	79	PC: 12a61 \| Find next file
2018-12-17T23:04:09.30850008Z	67	PC: 12a71 \| Get or set file attributes
2018-12-17T23:04:09.320151426Z	61	PC: 12a7c \| Open file (Filename = 'TEST.COM')
2018-12-17T23:04:09.329090708Z	64	PC: 12a89 \| Write file or device (Write 165 bytes on handle 5)
2018-12-17T23:04:09.336988748Z	67	PC: 12a98 \| Get or set file attributes
2018-12-17T23:04:09.342782715Z	87	PC: 12aa7 \| Get or set file date and time
2018-12-17T23:04:09.345423263Z	62	PC: 12aab \| Close file
2018-12-17T23:04:09.35471922Z	79	PC: 12a61 \| Find next file

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14778,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:41:40.013323084Z	42	PC: 12a44 \| Get date 0x12a44: cmp dl, 0x1d 0x12a47: jne 0x12a57 0x12a49: add byte ptr [0x7507], 9 0x12a4e: mov ah, 9 0x12a50: mov dx, 0x189 0x12a53: int 0x21 0x12a55: int 0x20 0x12a57: mov ah, 0x4e 0x12a59: mov cx, 0 0x12a5c: mov dx, 0x174 0x12a5f: int 0x21 0x12a61: jae 0x12a66 0x12a63: jmp 0x12ab2 0x12a65: nop 0x12a66: mov ax, 0x4301 0x12a69: mov cx, 0 0x12a6c: mov dx, 0x9e 0x12a6f: int 0x21 0x12a71: jb 0x12a8b 0x12a73: mov ah, 0x3d
2018-12-25T12:41:40.016408817Z	78	PC: 12a61 \| Find first file
2018-12-25T12:41:40.023323323Z	67	PC: 12a71 \| Get or set file attributes
2018-12-25T12:41:40.036719154Z	61	PC: 12a7c \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:41:40.044538559Z	64	PC: 12a89 \| Write file or device (Write 165 bytes on handle 5)
2018-12-25T12:41:40.053021866Z	67	PC: 12a98 \| Get or set file attributes
2018-12-25T12:41:40.058388918Z	87	PC: 12aa7 \| Get or set file date and time
2018-12-25T12:41:40.060388318Z	62	PC: 12aab \| Close file
2018-12-25T12:41:40.069366812Z	79	PC: 12a61 \| Find next file (See above)
2018-12-25T12:41:40.072352722Z	67	PC: 12a71 \| Get or set file attributes (See above)
2018-12-25T12:41:40.08361709Z	61	PC: 12a7c \| Open file (See above)
2018-12-25T12:41:40.091462226Z	64	PC: 12a89 \| Write file or device (See above)
2018-12-25T12:41:40.099488978Z	67	PC: 12a98 \| Get or set file attributes (See above)
2018-12-25T12:41:40.105103432Z	87	PC: 12aa7 \| Get or set file date and time (See above)
2018-12-25T12:41:40.1075158Z	62	PC: 12aab \| Close file (See above)
2018-12-25T12:41:40.115848954Z	79	PC: 12a61 \| Find next file (See above)
2018-12-25T12:41:40.11912369Z	67	PC: 12a71 \| Get or set file attributes (See above)
2018-12-25T12:41:40.13713353Z	61	PC: 12a7c \| Open file (See above)
2018-12-25T12:41:40.144699946Z	64	PC: 12a89 \| Write file or device (See above)
2018-12-25T12:41:40.152279056Z	67	PC: 12a98 \| Get or set file attributes (See above)
2018-12-25T12:41:40.15819596Z	87	PC: 12aa7 \| Get or set file date and time (See above)
2018-12-25T12:41:40.160487932Z	62	PC: 12aab \| Close file (See above)
2018-12-25T12:41:40.168553905Z	79	PC: 12a61 \| Find next file (See above)
2018-12-25T12:41:40.171364028Z	67	PC: 12a71 \| Get or set file attributes (See above)
2018-12-25T12:41:40.182653408Z	61	PC: 12a7c \| Open file (See above)
2018-12-25T12:41:40.190099639Z	64	PC: 12a89 \| Write file or device (See above)
2018-12-25T12:41:40.197588251Z	67	PC: 12a98 \| Get or set file attributes (See above)
2018-12-25T12:41:40.203975791Z	87	PC: 12aa7 \| Get or set file date and time (See above)
2018-12-25T12:41:40.209713689Z	62	PC: 12aab \| Close file (See above)
2018-12-25T12:41:40.218623918Z	79	PC: 12a61 \| Find next file (See above)
2018-12-25T12:41:40.22257799Z	67	PC: 12a71 \| Get or set file attributes (See above)
2018-12-25T12:41:40.233828231Z	61	PC: 12a7c \| Open file (See above)
2018-12-25T12:41:40.241580162Z	64	PC: 12a89 \| Write file or device (See above)
2018-12-25T12:41:40.250438403Z	67	PC: 12a98 \| Get or set file attributes (See above)
2018-12-25T12:41:40.256305618Z	87	PC: 12aa7 \| Get or set file date and time (See above)
2018-12-25T12:41:40.257986847Z	62	PC: 12aab \| Close file (See above)
2018-12-25T12:41:40.266606167Z	79	PC: 12a61 \| Find next file (See above)
2018-12-25T12:41:40.269670175Z	67	PC: 12a71 \| Get or set file attributes (See above)
2018-12-25T12:41:40.283789357Z	61	PC: 12a7c \| Open file (See above)
2018-12-25T12:41:40.291269889Z	64	PC: 12a89 \| Write file or device (See above)
2018-12-25T12:41:40.299570005Z	67	PC: 12a98 \| Get or set file attributes (See above)
2018-12-25T12:41:40.305039537Z	87	PC: 12aa7 \| Get or set file date and time (See above)
2018-12-25T12:41:40.307058647Z	62	PC: 12aab \| Close file (See above)
2018-12-25T12:41:40.316572958Z	79	PC: 12a61 \| Find next file (See above)
2018-12-25T12:41:40.319863582Z	67	PC: 12a71 \| Get or set file attributes (See above)
2018-12-25T12:41:40.331006876Z	61	PC: 12a7c \| Open file (See above)
2018-12-25T12:41:40.346348461Z	64	PC: 12a89 \| Write file or device (See above)
2018-12-25T12:41:40.354033987Z	67	PC: 12a98 \| Get or set file attributes (See above)
2018-12-25T12:41:40.359724946Z	87	PC: 12aa7 \| Get or set file date and time (See above)
2018-12-25T12:41:40.362712667Z	62	PC: 12aab \| Close file (See above)
2018-12-25T12:41:40.371273003Z	79	PC: 12a61 \| Find next file (See above)
2018-12-25T12:41:40.374506976Z	67	PC: 12a71 \| Get or set file attributes (See above)
2018-12-25T12:41:40.385597337Z	61	PC: 12a7c \| Open file (See above)
2018-12-25T12:41:40.393750921Z	64	PC: 12a89 \| Write file or device (See above)
2018-12-25T12:41:40.401284381Z	67	PC: 12a98 \| Get or set file attributes (See above)
2018-12-25T12:41:40.407530389Z	87	PC: 12aa7 \| Get or set file date and time (See above)
2018-12-25T12:41:40.410437076Z	62	PC: 12aab \| Close file (See above)
2018-12-25T12:41:40.418714546Z	79	PC: 12a61 \| Find next file (See above)

{"DateBased":true,"Day":29,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14778,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:41:40.951458923Z	42	PC: 12a44 \| Get date 0x12a44: cmp dl, 0x1d 0x12a47: jne 0x12a57 0x12a49: add byte ptr [0x7507], 9 0x12a4e: mov ah, 9 0x12a50: mov dx, 0x189 0x12a53: int 0x21 0x12a55: int 0x20 0x12a57: mov ah, 0x4e 0x12a59: mov cx, 0 0x12a5c: mov dx, 0x174 0x12a5f: int 0x21 0x12a61: jae 0x12a66 0x12a63: jmp 0x12ab2 0x12a65: nop 0x12a66: mov ax, 0x4301 0x12a69: mov cx, 0 0x12a6c: mov dx, 0x9e 0x12a6f: int 0x21 0x12a71: jb 0x12a8b 0x12a73: mov ah, 0x3d
2018-12-25T12:41:40.953135666Z	9	PC: 12a55 \| Display string (String= 'Splinter 3 Virus EXE-Gency')