Sample viewer

vx.netlux.org/Virus.DOS.VCL.4893

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:04:12.170974191Z 47 PC: 12e50 | Get disk transfer address
2018-12-17T23:04:12.172620938Z 26 PC: 12e58 | Set disk transfer address
2018-12-17T23:04:12.174728492Z 42 PC: 13049 | Get date 0x13049: cwde
0x1304a: ret
0x1304b: sub ch, byte ptr [0x7865]
0x1304f: add byte ptr gs:[bp + di - 0x16f0], dl
0x13054: push si
0x13055: add ax, 0xa0d
0x13058: and byte ptr [bx + si], ah
0x1305a: and byte ptr [bx + si], ah
0x1305c: and byte ptr [bx + si], ah
0x1305e: and byte ptr [bx + si], ah
0x13060: leave
0x13061: int 0xcd
0x13063: int 0xcd
0x13065: int 0xcd
0x13067: int 0xcd
0x13069: int 0xcd
0x1306b: int 0xcd
0x1306d: int 0xcd
0x1306f: int 0xcd
0x13071: int 0xcd
2018-12-17T23:04:12.177764633Z 71 PC: 12efb | Get current directory
2018-12-17T23:04:12.181458511Z 59 PC: 12f03 | Change current directory
2018-12-17T23:04:12.186753991Z 47 PC: 12f18 | Get disk transfer address
2018-12-17T23:04:12.18972029Z 26 PC: 12f26 | Set disk transfer address
2018-12-17T23:04:12.191253855Z 78 PC: 12f31 | Find first file
2018-12-17T23:04:12.202071583Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.20506856Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.208121412Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.212785746Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.215622512Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.218853259Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.226188536Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.234350839Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.237778567Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.242163044Z 47 PC: 12f7d | Get disk transfer address
2018-12-17T23:04:12.248151588Z 26 PC: 12f8c | Set disk transfer address
2018-12-17T23:04:12.249892071Z 78 PC: 12f94 | Find first file
2018-12-17T23:04:12.257489852Z 47 PC: 12fac | Get disk transfer address
2018-12-17T23:04:12.26328834Z 61 PC: 12fc5 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:04:12.272391582Z 63 PC: 12fd1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:04:12.279932967Z 66 PC: 12fd9 | Move file pointer
2018-12-17T23:04:12.282685534Z 62 PC: 12fde | Close file
2018-12-17T23:04:12.285198341Z 67 PC: 12ffe | Get or set file attributes
2018-12-17T23:04:12.305068355Z 61 PC: 13003 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:04:12.3139758Z 64 PC: 1300f | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:04:12.317161492Z 66 PC: 13017 | Move file pointer
2018-12-17T23:04:12.319630977Z 64 PC: 14159 | Write file or device (Write 4893 bytes on handle 5)
2018-12-17T23:04:12.331228161Z 87 PC: 13027 | Get or set file date and time
2018-12-17T23:04:12.333275502Z 62 PC: 1302b | Close file
2018-12-17T23:04:12.341906086Z 67 PC: 13038 | Get or set file attributes
2018-12-17T23:04:12.353106353Z 26 PC: 12fa6 | Set disk transfer address
2018-12-17T23:04:12.354671157Z 26 PC: 12f69 | Set disk transfer address
2018-12-17T23:04:12.356221463Z 59 PC: 12f0d | Change current directory
2018-12-17T23:04:12.359608493Z 71 PC: 12efb | Get current directory
2018-12-17T23:04:12.363102485Z 59 PC: 12f03 | Change current directory
2018-12-17T23:04:12.367805291Z 47 PC: 12f18 | Get disk transfer address
2018-12-17T23:04:12.369434565Z 26 PC: 12f26 | Set disk transfer address
2018-12-17T23:04:12.372202351Z 78 PC: 12f31 | Find first file
2018-12-17T23:04:12.391203261Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.395106624Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.400038561Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.402916674Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.406121482Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.410086731Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.412809853Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.415894214Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.419696717Z 79 PC: 12f59 | Find next file
2018-12-17T23:04:12.422406193Z 47 PC: 12f7d | Get disk transfer address
2018-12-17T23:04:12.423775609Z 26 PC: 12f8c | Set disk transfer address
2018-12-17T23:04:12.425777635Z 78 PC: 12f94 | Find first file
2018-12-17T23:04:12.432486494Z 47 PC: 12fac | Get disk transfer address
2018-12-17T23:04:12.433700908Z 61 PC: 12fc5 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:04:12.44074121Z 63 PC: 12fd1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:04:12.448084653Z 66 PC: 12fd9 | Move file pointer
2018-12-17T23:04:12.449591528Z 62 PC: 12fde | Close file
2018-12-17T23:04:12.451516989Z 79 PC: 12f94 | Find next file
2018-12-17T23:04:12.455596342Z 47 PC: 12fac | Get disk transfer address
2018-12-17T23:04:12.456920052Z 61 PC: 12fc5 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:04:12.463862451Z 63 PC: 12fd1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:04:12.471677581Z 66 PC: 12fd9 | Move file pointer
2018-12-17T23:04:12.473604535Z 62 PC: 12fde | Close file
2018-12-17T23:04:12.475936101Z 67 PC: 12ffe | Get or set file attributes
2018-12-17T23:04:12.488925954Z 61 PC: 13003 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:04:12.496986956Z 64 PC: 1300f | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:04:12.500600383Z 66 PC: 13017 | Move file pointer
2018-12-17T23:04:12.504223658Z 64 PC: 14159 | Write file or device (Write 4893 bytes on handle 5)
2018-12-17T23:04:12.523223256Z 87 PC: 13027 | Get or set file date and time
2018-12-17T23:04:12.525182962Z 62 PC: 1302b | Close file
2018-12-17T23:04:12.535120995Z 67 PC: 13038 | Get or set file attributes
2018-12-17T23:04:12.546885413Z 26 PC: 12fa6 | Set disk transfer address
2018-12-17T23:04:12.548562828Z 26 PC: 12f69 | Set disk transfer address
2018-12-17T23:04:12.549922065Z 59 PC: 12f0d | Change current directory
2018-12-17T23:04:12.553332079Z 26 PC: 12edb | Set disk transfer address