Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.591.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:04:35.933488343Z	78	PC: 12b67 \| Find first file
2018-12-17T23:04:35.940701289Z	78	PC: 12b79 \| Find first file
2018-12-17T23:04:35.948725781Z	67	PC: 12bb2 \| Get or set file attributes
2018-12-17T23:04:35.968097325Z	61	PC: 12bb8 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:04:35.975805011Z	63	PC: 12bc7 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:04:35.983489093Z	62	PC: 12bfb \| Close file
2018-12-17T23:04:35.986028349Z	61	PC: 12c04 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:04:35.994032282Z	64	PC: 12a5a \| Write file or device (Write 591 bytes on handle 5)
2018-12-17T23:04:36.005207741Z	87	PC: 12c2c \| Get or set file date and time
2018-12-17T23:04:36.015007331Z	62	PC: 12c34 \| Close file
2018-12-17T23:04:36.023717223Z	67	PC: 12c41 \| Get or set file attributes
2018-12-17T23:04:36.032689538Z	79	PC: 12beb \| Find next file
2018-12-17T23:04:36.036585224Z	67	PC: 12bb2 \| Get or set file attributes
2018-12-17T23:04:36.050980449Z	61	PC: 12bb8 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:04:36.058707702Z	63	PC: 12bc7 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:04:36.066041094Z	62	PC: 12bfb \| Close file
2018-12-17T23:04:36.068212668Z	61	PC: 12c04 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:04:36.075680554Z	64	PC: 12a5a \| Write file or device (Write 591 bytes on handle 5)
2018-12-17T23:04:36.085384624Z	87	PC: 12c2c \| Get or set file date and time
2018-12-17T23:04:36.087509882Z	62	PC: 12c34 \| Close file
2018-12-17T23:04:36.096274176Z	67	PC: 12c41 \| Get or set file attributes
2018-12-17T23:04:36.103528238Z	79	PC: 12beb \| Find next file
2018-12-17T23:04:36.107130824Z	67	PC: 12bb2 \| Get or set file attributes
2018-12-17T23:04:36.117930866Z	61	PC: 12bb8 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:04:36.126108987Z	63	PC: 12bc7 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:04:36.133328326Z	62	PC: 12bfb \| Close file
2018-12-17T23:04:36.135429437Z	61	PC: 12c04 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:04:36.143204109Z	64	PC: 12a5a \| Write file or device (Write 591 bytes on handle 5)
2018-12-17T23:04:36.156298337Z	87	PC: 12c2c \| Get or set file date and time
2018-12-17T23:04:36.158419977Z	62	PC: 12c34 \| Close file
2018-12-17T23:04:36.167719848Z	67	PC: 12c41 \| Get or set file attributes
2018-12-17T23:04:36.174687432Z	9	PC: 12c81 \| Display string (String= ' Program too big to fit in memory')
2018-12-17T23:04:36.179793495Z	76	PC: 12c8f \| Terminate with return code (Return code = '5')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14936,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:42:12.748551186Z	78	PC: 12b67 \| Find first file
2018-12-25T12:42:12.754591692Z	78	PC: 12b79 \| Find first file
2018-12-25T12:42:12.760209664Z	67	PC: 12bb2 \| Get or set file attributes
2018-12-25T12:42:12.776078051Z	61	PC: 12bb8 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:42:12.782733658Z	63	PC: 12bc7 \| Read file or device (Read 20 bytes on handle 5)
2018-12-25T12:42:12.789477574Z	62	PC: 12bfb \| Close file
2018-12-25T12:42:12.791205751Z	61	PC: 12c04 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:42:12.802778051Z	64	PC: 12a5a \| Write file or device (Write 591 bytes on handle 5)
2018-12-25T12:42:12.814270399Z	87	PC: 12c2c \| Get or set file date and time
2018-12-25T12:42:12.815622667Z	62	PC: 12c34 \| Close file
2018-12-25T12:42:12.822879323Z	67	PC: 12c41 \| Get or set file attributes
2018-12-25T12:42:12.828350602Z	79	PC: 12beb \| Find next file
2018-12-25T12:42:12.830879993Z	67	PC: 12bb2 \| Get or set file attributes (See above)
2018-12-25T12:42:12.840315858Z	61	PC: 12bb8 \| Open file (See above)
2018-12-25T12:42:12.847445696Z	63	PC: 12bc7 \| Read file or device (See above)
2018-12-25T12:42:12.853475351Z	62	PC: 12bfb \| Close file (See above)
2018-12-25T12:42:12.855312257Z	61	PC: 12c04 \| Open file (See above)
2018-12-25T12:42:12.867804044Z	64	PC: 12a5a \| Write file or device (See above)
2018-12-25T12:42:12.876609966Z	87	PC: 12c2c \| Get or set file date and time (See above)
2018-12-25T12:42:12.878314203Z	62	PC: 12c34 \| Close file (See above)
2018-12-25T12:42:12.887377385Z	67	PC: 12c41 \| Get or set file attributes (See above)
2018-12-25T12:42:12.891888847Z	79	PC: 12beb \| Find next file (See above)
2018-12-25T12:42:12.894317463Z	67	PC: 12bb2 \| Get or set file attributes (See above)
2018-12-25T12:42:12.903831885Z	61	PC: 12bb8 \| Open file (See above)
2018-12-25T12:42:12.910674533Z	63	PC: 12bc7 \| Read file or device (See above)
2018-12-25T12:42:12.916780945Z	62	PC: 12bfb \| Close file (See above)
2018-12-25T12:42:12.91841694Z	61	PC: 12c04 \| Open file (See above)
2018-12-25T12:42:12.930208499Z	64	PC: 12a5a \| Write file or device (See above)
2018-12-25T12:42:12.938856977Z	87	PC: 12c2c \| Get or set file date and time (See above)
2018-12-25T12:42:12.94038413Z	62	PC: 12c34 \| Close file (See above)
2018-12-25T12:42:12.948905731Z	67	PC: 12c41 \| Get or set file attributes (See above)
2018-12-25T12:42:12.953480566Z	9	PC: 12c81 \| Display string (String= ' Program too big to fit in memory')
2018-12-25T12:42:12.957693162Z	76	PC: 12c8f \| Terminate with return code (Return code = '5')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":56,"TimeBased":true,"OriginalID":14936,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:42:12.84459995Z	78	PC: 12b67 \| Find first file
2018-12-25T12:42:12.851245977Z	78	PC: 12b79 \| Find first file
2018-12-25T12:42:12.856864259Z	67	PC: 12bb2 \| Get or set file attributes
2018-12-25T12:42:12.873922468Z	61	PC: 12bb8 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:42:12.885924666Z	63	PC: 12bc7 \| Read file or device (Read 20 bytes on handle 5)
2018-12-25T12:42:12.892286238Z	62	PC: 12bfb \| Close file
2018-12-25T12:42:12.893933852Z	61	PC: 12c04 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:42:12.901341782Z	64	PC: 12a5a \| Write file or device (Write 591 bytes on handle 5)
2018-12-25T12:42:12.909825467Z	87	PC: 12c2c \| Get or set file date and time
2018-12-25T12:42:12.911581865Z	62	PC: 12c34 \| Close file
2018-12-25T12:42:12.920033712Z	67	PC: 12c41 \| Get or set file attributes
2018-12-25T12:42:12.925256992Z	79	PC: 12beb \| Find next file
2018-12-25T12:42:12.928151615Z	67	PC: 12bb2 \| Get or set file attributes (See above)
2018-12-25T12:42:12.941686179Z	61	PC: 12bb8 \| Open file (See above)
2018-12-25T12:42:12.956809024Z	63	PC: 12bc7 \| Read file or device (See above)
2018-12-25T12:42:12.963779057Z	62	PC: 12bfb \| Close file (See above)
2018-12-25T12:42:12.965344989Z	61	PC: 12c04 \| Open file (See above)
2018-12-25T12:42:12.972867866Z	64	PC: 12a5a \| Write file or device (See above)
2018-12-25T12:42:12.981248646Z	87	PC: 12c2c \| Get or set file date and time (See above)
2018-12-25T12:42:12.982646957Z	62	PC: 12c34 \| Close file (See above)
2018-12-25T12:42:12.990863679Z	67	PC: 12c41 \| Get or set file attributes (See above)
2018-12-25T12:42:12.99596672Z	79	PC: 12beb \| Find next file (See above)
2018-12-25T12:42:12.998499277Z	67	PC: 12bb2 \| Get or set file attributes (See above)
2018-12-25T12:42:13.00838233Z	61	PC: 12bb8 \| Open file (See above)
2018-12-25T12:42:13.015736174Z	63	PC: 12bc7 \| Read file or device (See above)
2018-12-25T12:42:13.022325356Z	62	PC: 12bfb \| Close file (See above)
2018-12-25T12:42:13.025447181Z	61	PC: 12c04 \| Open file (See above)
2018-12-25T12:42:13.032476263Z	64	PC: 12a5a \| Write file or device (See above)
2018-12-25T12:42:13.040923494Z	87	PC: 12c2c \| Get or set file date and time (See above)
2018-12-25T12:42:13.043781131Z	62	PC: 12c34 \| Close file (See above)
2018-12-25T12:42:13.051305647Z	67	PC: 12c41 \| Get or set file attributes (See above)
2018-12-25T12:42:13.055903805Z	9	PC: 12c81 \| Display string (String= ' Program too big to fit in memory')
2018-12-25T12:42:13.059128955Z	76	PC: 12c8f \| Terminate with return code (Return code = '5')