Sample viewer

vx.netlux.org/Virus.DOS.Dutch_Tiny.333.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:03:20.95994567Z 42 PC: 12a5e | Get date 0x12a5e: cmp dx, 0x606
0x12a62: je 0x12a8c
0x12a64: cmp dx, 0xb12
0x12a68: je 0x12a8c
0x12a6a: cmp dx, 0xb16
0x12a6e: je 0x12a8c
0x12a70: lea dx, word ptr [si + 0x20d]
0x12a74: xor cx, cx
0x12a76: mov ah, 0x4e
0x12a78: int 0x21
0x12a7a: jb 0x12a85
0x12a7c: call 0x12a96
0x12a7f: jb 0x12a85
0x12a81: mov ah, 0x4f
0x12a83: jmp 0x12a78
0x12a85: mov ax, bp
0x12a87: add ax, 0x102
0x12a8a: jmp ax
0x12a8c: lea dx, word ptr [si + 0x220]
0x12a90: mov ah, 9
2018-12-17T22:03:20.962781909Z 78 PC: 12a7a | Find first file
2018-12-17T22:03:20.974552211Z 67 PC: 12a9e | Get or set file attributes
2018-12-17T22:03:20.979925484Z 67 PC: 12aa9 | Get or set file attributes
2018-12-17T22:03:21.295358133Z 61 PC: 12aae | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:03:21.302602743Z 63 PC: 12abd | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:03:21.309488628Z 67 PC: 12b4c | Get or set file attributes
2018-12-17T22:03:21.314525921Z 79 PC: 12a7a | Find next file
2018-12-17T22:03:21.318712855Z 67 PC: 12a9e | Get or set file attributes
2018-12-17T22:03:21.324469338Z 67 PC: 12aa9 | Get or set file attributes
2018-12-17T22:03:21.334349914Z 61 PC: 12aae | Open file (Filename = 'PRINT.COM')
2018-12-17T22:03:21.342062278Z 63 PC: 12abd | Read file or device (Read 3 bytes on handle 6)
2018-12-17T22:03:21.348606966Z 67 PC: 12b4c | Get or set file attributes
2018-12-17T22:03:21.357758147Z 79 PC: 12a7a | Find next file
2018-12-17T22:03:21.364658878Z 67 PC: 12a9e | Get or set file attributes
2018-12-17T22:03:21.375531996Z 67 PC: 12aa9 | Get or set file attributes
2018-12-17T22:03:21.385745756Z 61 PC: 12aae | Open file (Filename = 'HELLO.COM')
2018-12-17T22:03:21.393481679Z 63 PC: 12abd | Read file or device (Read 3 bytes on handle 7)
2018-12-17T22:03:21.399966141Z 67 PC: 12b4c | Get or set file attributes
2018-12-17T22:03:21.404378009Z 79 PC: 12a7a | Find next file
2018-12-17T22:03:21.407825419Z 67 PC: 12a9e | Get or set file attributes
2018-12-17T22:03:21.413574311Z 67 PC: 12aa9 | Get or set file attributes
2018-12-17T22:03:21.426230809Z 61 PC: 12aae | Open file (Filename = 'PHANG.COM')
2018-12-17T22:03:21.43858634Z 63 PC: 12abd | Read file or device (Read 3 bytes on handle 8)
2018-12-17T22:03:21.444828914Z 67 PC: 12b4c | Get or set file attributes
2018-12-17T22:03:21.44955448Z 79 PC: 12a7a | Find next file
2018-12-17T22:03:21.469897454Z 67 PC: 12a9e | Get or set file attributes
2018-12-17T22:03:21.481888274Z 67 PC: 12aa9 | Get or set file attributes
2018-12-17T22:03:21.491983865Z 61 PC: 12aae | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:03:21.499162753Z 63 PC: 12abd | Read file or device (Read 3 bytes on handle 9)
2018-12-17T22:03:21.50680297Z 67 PC: 12b4c | Get or set file attributes
2018-12-17T22:03:21.511098683Z 79 PC: 12a7a | Find next file
2018-12-17T22:03:21.514242273Z 67 PC: 12a9e | Get or set file attributes
2018-12-17T22:03:21.520914203Z 67 PC: 12aa9 | Get or set file attributes
2018-12-17T22:03:21.530442875Z 61 PC: 12aae | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:03:21.536792835Z 63 PC: 12abd | Read file or device (Read 3 bytes on handle 10)
2018-12-17T22:03:21.543927672Z 67 PC: 12b4c | Get or set file attributes
2018-12-17T22:03:21.553861603Z 79 PC: 12a7a | Find next file
2018-12-17T22:03:21.560522337Z 67 PC: 12a9e | Get or set file attributes
2018-12-17T22:03:21.567050653Z 67 PC: 12aa9 | Get or set file attributes
2018-12-17T22:03:21.582827631Z 61 PC: 12aae | Open file (Filename = 'PAH.COM')
2018-12-17T22:03:21.589253307Z 63 PC: 12abd | Read file or device (Read 3 bytes on handle 11)
2018-12-17T22:03:21.606011856Z 67 PC: 12b4c | Get or set file attributes
2018-12-17T22:03:21.610575354Z 79 PC: 12a7a | Find next file
2018-12-17T22:03:21.613450296Z 67 PC: 12a9e | Get or set file attributes
2018-12-17T22:03:21.619907494Z 67 PC: 12aa9 | Get or set file attributes
2018-12-17T22:03:21.630057137Z 61 PC: 12aae | Open file (Filename = 'TEST.COM')
2018-12-17T22:03:21.636766475Z 63 PC: 12abd | Read file or device (Read 3 bytes on handle 12)
2018-12-17T22:03:21.643268623Z 67 PC: 12b4c | Get or set file attributes
2018-12-17T22:03:21.647819513Z 79 PC: 12a7a | Find next file

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1490,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:43:52.501398748Z 42 PC: 12a5e | Get date 0x12a5e: cmp dx, 0x606
0x12a62: je 0x12a8c
0x12a64: cmp dx, 0xb12
0x12a68: je 0x12a8c
0x12a6a: cmp dx, 0xb16
0x12a6e: je 0x12a8c
0x12a70: lea dx, word ptr [si + 0x20d]
0x12a74: xor cx, cx
0x12a76: mov ah, 0x4e
0x12a78: int 0x21
0x12a7a: jb 0x12a85
0x12a7c: call 0x12a96
0x12a7f: jb 0x12a85
0x12a81: mov ah, 0x4f
0x12a83: jmp 0x12a78
0x12a85: mov ax, bp
0x12a87: add ax, 0x102
0x12a8a: jmp ax
0x12a8c: lea dx, word ptr [si + 0x220]
0x12a90: mov ah, 9
2018-12-25T11:43:52.505276835Z 78 PC: 12a7a | Find first file
2018-12-25T11:43:52.511820506Z 67 PC: 12a9e | Get or set file attributes
2018-12-25T11:43:52.518067288Z 67 PC: 12aa9 | Get or set file attributes
2018-12-25T11:43:52.537912362Z 61 PC: 12aae | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:43:52.548622286Z 63 PC: 12abd | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:43:52.556897602Z 67 PC: 12b4c | Get or set file attributes
2018-12-25T11:43:52.562704841Z 79 PC: 12a7a | Find next file (See above)
2018-12-25T11:43:52.566474629Z 67 PC: 12a9e | Get or set file attributes (See above)
2018-12-25T11:43:52.572911764Z 67 PC: 12aa9 | Get or set file attributes (See above)
2018-12-25T11:43:52.584009547Z 61 PC: 12aae | Open file (See above)
2018-12-25T11:43:52.597746842Z 63 PC: 12abd | Read file or device (See above)
2018-12-25T11:43:52.606256334Z 67 PC: 12b4c | Get or set file attributes (See above)
2018-12-25T11:43:52.611483863Z 79 PC: 12a7a | Find next file (See above)
2018-12-25T11:43:52.615179469Z 67 PC: 12a9e | Get or set file attributes (See above)
2018-12-25T11:43:52.621563047Z 67 PC: 12aa9 | Get or set file attributes (See above)
2018-12-25T11:43:52.632791149Z 61 PC: 12aae | Open file (See above)
2018-12-25T11:43:52.641274234Z 63 PC: 12abd | Read file or device (See above)
2018-12-25T11:43:52.649452971Z 67 PC: 12b4c | Get or set file attributes (See above)
2018-12-25T11:43:52.659254029Z 79 PC: 12a7a | Find next file (See above)
2018-12-25T11:43:52.666754427Z 67 PC: 12a9e | Get or set file attributes (See above)
2018-12-25T11:43:52.673583312Z 67 PC: 12aa9 | Get or set file attributes (See above)
2018-12-25T11:43:52.684452522Z 61 PC: 12aae | Open file (See above)
2018-12-25T11:43:52.691775561Z 63 PC: 12abd | Read file or device (See above)
2018-12-25T11:43:52.699527642Z 67 PC: 12b4c | Get or set file attributes (See above)
2018-12-25T11:43:52.704523585Z 79 PC: 12a7a | Find next file (See above)
2018-12-25T11:43:52.720600441Z 67 PC: 12a9e | Get or set file attributes (See above)
2018-12-25T11:43:52.727972053Z 67 PC: 12aa9 | Get or set file attributes (See above)
2018-12-25T11:43:52.738531399Z 61 PC: 12aae | Open file (See above)
2018-12-25T11:43:52.745844208Z 63 PC: 12abd | Read file or device (See above)
2018-12-25T11:43:52.754343861Z 67 PC: 12b4c | Get or set file attributes (See above)
2018-12-25T11:43:52.759284495Z 79 PC: 12a7a | Find next file (See above)
2018-12-25T11:43:52.762983433Z 67 PC: 12a9e | Get or set file attributes (See above)
2018-12-25T11:43:52.777580865Z 67 PC: 12aa9 | Get or set file attributes (See above)
2018-12-25T11:43:52.802311025Z 61 PC: 12aae | Open file (See above)
2018-12-25T11:43:52.809858773Z 63 PC: 12abd | Read file or device (See above)
2018-12-25T11:43:52.818041672Z 67 PC: 12b4c | Get or set file attributes (See above)
2018-12-25T11:43:52.823671408Z 79 PC: 12a7a | Find next file (See above)
2018-12-25T11:43:52.827104666Z 67 PC: 12a9e | Get or set file attributes (See above)
2018-12-25T11:43:52.833788952Z 67 PC: 12aa9 | Get or set file attributes (See above)
2018-12-25T11:43:52.845923218Z 61 PC: 12aae | Open file (See above)
2018-12-25T11:43:52.854115887Z 63 PC: 12abd | Read file or device (See above)
2018-12-25T11:43:52.861545735Z 67 PC: 12b4c | Get or set file attributes (See above)
2018-12-25T11:43:52.867934103Z 79 PC: 12a7a | Find next file (See above)
2018-12-25T11:43:52.871317615Z 67 PC: 12a9e | Get or set file attributes (See above)
2018-12-25T11:43:52.877871459Z 67 PC: 12aa9 | Get or set file attributes (See above)
2018-12-25T11:43:52.889910227Z 61 PC: 12aae | Open file (See above)
2018-12-25T11:43:52.902709227Z 63 PC: 12abd | Read file or device (See above)
2018-12-25T11:43:52.91039557Z 67 PC: 12b4c | Get or set file attributes (See above)
2018-12-25T11:43:52.915911774Z 79 PC: 12a7a | Find next file (See above)

{"DateBased":true,"Day":6,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1490,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:43:52.616395022Z 42 PC: 12a5e | Get date 0x12a5e: cmp dx, 0x606
0x12a62: je 0x12a8c
0x12a64: cmp dx, 0xb12
0x12a68: je 0x12a8c
0x12a6a: cmp dx, 0xb16
0x12a6e: je 0x12a8c
0x12a70: lea dx, word ptr [si + 0x20d]
0x12a74: xor cx, cx
0x12a76: mov ah, 0x4e
0x12a78: int 0x21
0x12a7a: jb 0x12a85
0x12a7c: call 0x12a96
0x12a7f: jb 0x12a85
0x12a81: mov ah, 0x4f
0x12a83: jmp 0x12a78
0x12a85: mov ax, bp
0x12a87: add ax, 0x102
0x12a8a: jmp ax
0x12a8c: lea dx, word ptr [si + 0x220]
0x12a90: mov ah, 9
2018-12-25T11:43:52.619206498Z 9 PC: 12a94 | Display string (String= 'Kennedy er d�d - l�nge leve "The Dead Kennedys" ')

{"DateBased":true,"Day":18,"Month":11,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1490,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:43:52.683711678Z 42 PC: 12a5e | Get date 0x12a5e: cmp dx, 0x606
0x12a62: je 0x12a8c
0x12a64: cmp dx, 0xb12
0x12a68: je 0x12a8c
0x12a6a: cmp dx, 0xb16
0x12a6e: je 0x12a8c
0x12a70: lea dx, word ptr [si + 0x20d]
0x12a74: xor cx, cx
0x12a76: mov ah, 0x4e
0x12a78: int 0x21
0x12a7a: jb 0x12a85
0x12a7c: call 0x12a96
0x12a7f: jb 0x12a85
0x12a81: mov ah, 0x4f
0x12a83: jmp 0x12a78
0x12a85: mov ax, bp
0x12a87: add ax, 0x102
0x12a8a: jmp ax
0x12a8c: lea dx, word ptr [si + 0x220]
0x12a90: mov ah, 9
2018-12-25T11:43:52.694132943Z 9 PC: 12a94 | Display string (String= 'Kennedy er d�d - l�nge leve "The Dead Kennedys" ')

{"DateBased":true,"Day":22,"Month":11,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1490,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:43:52.768747426Z 42 PC: 12a5e | Get date 0x12a5e: cmp dx, 0x606
0x12a62: je 0x12a8c
0x12a64: cmp dx, 0xb12
0x12a68: je 0x12a8c
0x12a6a: cmp dx, 0xb16
0x12a6e: je 0x12a8c
0x12a70: lea dx, word ptr [si + 0x20d]
0x12a74: xor cx, cx
0x12a76: mov ah, 0x4e
0x12a78: int 0x21
0x12a7a: jb 0x12a85
0x12a7c: call 0x12a96
0x12a7f: jb 0x12a85
0x12a81: mov ah, 0x4f
0x12a83: jmp 0x12a78
0x12a85: mov ax, bp
0x12a87: add ax, 0x102
0x12a8a: jmp ax
0x12a8c: lea dx, word ptr [si + 0x220]
0x12a90: mov ah, 9
2018-12-25T11:43:52.775570212Z 9 PC: 12a94 | Display string (String= 'Kennedy er d�d - l�nge leve "The Dead Kennedys" ')