Sample viewer

vx.netlux.org/Virus.DOS.DieHard2.4000.h

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:03:32.716245839Z 53 PC: 12b5a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:03:32.717631388Z 53 PC: 12b5a | Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:03:32.718462738Z 53 PC: 12b5a | Get interrupt vector (Interrupt = '64' AKA 'Write file or device')
2018-12-17T22:03:32.720100063Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:32.721320106Z 61 PC: 1309b | Open file (Filename = 'OP.COM')
2018-12-17T22:03:32.72514666Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.726184945Z 61 PC: 1389a | Open file (Filename = '[^_]�VS�ÈP/��')
2018-12-17T22:03:32.73026952Z 60 PC: 1389a | Create or truncate file
2018-12-17T22:03:32.744054629Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:32.745010042Z 68 PC: 1309b | I/O control for devices (Set for = '���V�؎Ў����̵��� �')
2018-12-17T22:03:32.746749322Z 42 PC: 1309b | Get date 0x1309b: ret
0x1309c: les dx, ptr [si - 5]
0x1309f: mov ax, es
0x130a1: xchg ax, cx
0x130a2: mov ah, 0x42
0x130a4: xor al, al
0x130a6: jmp 0x13095
0x130a8: mov di, 0xc96
0x130ab: mov ah, 0x29
0x130ad: jmp 0x130a4
0x130af: call 0x23085
0x130b2: mov bl, 2
0x130b4: mov dx, 0x2ec
0x130b7: mov cl, 0xc
0x130b9: call 0x130c3
0x130bc: inc cx
0x130bd: mov bl, 4
0x130bf: call 0x130c3
0x130c2: dec bx
0x130c3: mov ah, 0x40
2018-12-17T22:03:32.748852653Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.749848628Z 78 PC: 1309b | Find first file
2018-12-17T22:03:32.756042317Z 41 PC: 1309b | Parse filename
2018-12-17T22:03:32.757317839Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.758872849Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:32.76022208Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.761551942Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.762971529Z 64 PC: 12b51 | Write file or device (Write 272 bytes on handle 5)
2018-12-17T22:03:32.767940095Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:32.786220945Z 87 PC: 1309b | Get or set file date and time
2018-12-17T22:03:32.787542797Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.789735433Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.791127843Z 63 PC: 1309b | Read file or device (Read 256 bytes on handle 5)
2018-12-17T22:03:32.793488768Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.795747258Z 64 PC: 1309b | Write file or device (Write 256 bytes on handle 5)
2018-12-17T22:03:32.80405078Z 64 PC: 1309b | Write file or device (Write 0 bytes on handle 5)
2018-12-17T22:03:32.811766926Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.813365747Z 64 PC: 1309b | Write file or device (Write 256 bytes on handle 5)
2018-12-17T22:03:32.820231241Z 87 PC: 1309b | Get or set file date and time
2018-12-17T22:03:32.821595305Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.823004487Z 62 PC: 12b51 | Close file
2018-12-17T22:03:32.831133194Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:32.832538234Z 61 PC: 1309b | Open file (Filename = 'IP.ASM')
2018-12-17T22:03:32.839121495Z 68 PC: 1309b | I/O control for devices (Set for = '���V�؎Ў����̵��� �')
2018-12-17T22:03:32.840809222Z 62 PC: 1309b | Close file
2018-12-17T22:03:32.842474616Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.84348318Z 78 PC: 1309b | Find first file
2018-12-17T22:03:32.849284313Z 41 PC: 1309b | Parse filename
2018-12-17T22:03:32.8507748Z 67 PC: 1309b | Get or set file attributes
2018-12-17T22:03:32.860483506Z 61 PC: 1309b | Open file (Filename = '��u��<u�~2[W�')
2018-12-17T22:03:32.866892364Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.86811257Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.869282035Z 63 PC: 1309b | Read file or device (Read 256 bytes on handle 5)
2018-12-17T22:03:32.871834916Z 62 PC: 1309b | Close file
2018-12-17T22:03:32.873411638Z 67 PC: 1309b | Get or set file attributes
2018-12-17T22:03:32.882748055Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.884616219Z 61 PC: 1389a | Open file (Filename = '$�T$')
2018-12-17T22:03:32.891545637Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:32.892854435Z 68 PC: 1309b | I/O control for devices (Set for = '���V�؎Ў����̵��� �')
2018-12-17T22:03:32.894457833Z 42 PC: 1309b | Get date 0x1309b: ret
0x1309c: les dx, ptr [si - 5]
0x1309f: mov ax, es
0x130a1: xchg ax, cx
0x130a2: mov ah, 0x42
0x130a4: xor al, al
0x130a6: jmp 0x13095
0x130a8: mov di, 0xc96
0x130ab: mov ah, 0x29
0x130ad: jmp 0x130a4
0x130af: call 0x23085
0x130b2: mov bl, 2
0x130b4: mov dx, 0x2ec
0x130b7: mov cl, 0xc
0x130b9: call 0x130c3
0x130bc: inc cx
0x130bd: mov bl, 4
0x130bf: call 0x130c3
0x130c2: dec bx
0x130c3: mov ah, 0x40
2018-12-17T22:03:32.896623126Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.897842241Z 78 PC: 1309b | Find first file
2018-12-17T22:03:32.903962074Z 41 PC: 1309b | Parse filename
2018-12-17T22:03:32.905508881Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.906895115Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.908402466Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.909619728Z 63 PC: 1309b | Read file or device (Read 256 bytes on handle 5)
2018-12-17T22:03:32.912146543Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.91358164Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.91580213Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:32.916971748Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.91855918Z 62 PC: 12b51 | Close file
2018-12-17T22:03:32.920133331Z 108 PC: 1389a | Extended open/create file
2018-12-17T22:03:32.933684722Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:32.935119196Z 68 PC: 1309b | I/O control for devices (Set for = '���V�؎Ў����̵��� �')
2018-12-17T22:03:32.936408987Z 42 PC: 1309b | Get date 0x1309b: ret
0x1309c: les dx, ptr [si - 5]
0x1309f: mov ax, es
0x130a1: xchg ax, cx
0x130a2: mov ah, 0x42
0x130a4: xor al, al
0x130a6: jmp 0x13095
0x130a8: mov di, 0xc96
0x130ab: mov ah, 0x29
0x130ad: jmp 0x130a4
0x130af: call 0x23085
0x130b2: mov bl, 2
0x130b4: mov dx, 0x2ec
0x130b7: mov cl, 0xc
0x130b9: call 0x130c3
0x130bc: inc cx
0x130bd: mov bl, 4
0x130bf: call 0x130c3
0x130c2: dec bx
0x130c3: mov ah, 0x40
2018-12-17T22:03:32.938349201Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.940104313Z 78 PC: 1309b | Find first file
2018-12-17T22:03:32.94590921Z 41 PC: 1309b | Parse filename
2018-12-17T22:03:32.947361188Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.950774682Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:32.951922626Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.953142942Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.954905783Z 64 PC: 12b51 | Write file or device (Write 200 bytes on handle 5)
2018-12-17T22:03:32.959430431Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:32.9607894Z 87 PC: 1309b | Get or set file date and time
2018-12-17T22:03:32.962803771Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.964227756Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.965584908Z 63 PC: 1309b | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:03:32.969357698Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.97074223Z 64 PC: 1309b | Write file or device (Write 4000 bytes on handle 5)
2018-12-17T22:03:32.979167574Z 64 PC: 1309b | Write file or device (Write 0 bytes on handle 5)
2018-12-17T22:03:32.987191669Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:32.988483987Z 64 PC: 1309b | Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:03:32.994705345Z 87 PC: 1309b | Get or set file date and time
2018-12-17T22:03:32.99738163Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:32.999157124Z 62 PC: 12b51 | Close file
2018-12-17T22:03:33.007293646Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:33.009472891Z 61 PC: 1309b | Open file (Filename = 'IP.COM')
2018-12-17T22:03:33.016229996Z 68 PC: 1309b | I/O control for devices (Set for = '���V�؎Ў����̵��� �')
2018-12-17T22:03:33.017628661Z 62 PC: 1309b | Close file
2018-12-17T22:03:33.020316771Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:33.021422826Z 78 PC: 1309b | Find first file
2018-12-17T22:03:33.027326117Z 41 PC: 1309b | Parse filename
2018-12-17T22:03:33.029589627Z 67 PC: 1309b | Get or set file attributes
2018-12-17T22:03:33.039370336Z 61 PC: 1309b | Open file (Filename = 'u�~2[W�')
2018-12-17T22:03:33.046026454Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:33.048398899Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:33.04977311Z 63 PC: 1309b | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:03:33.052386865Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:33.054979086Z 63 PC: 1309b | Read file or device (Read 54 bytes on handle 5)
2018-12-17T22:03:33.05778903Z 62 PC: 1309b | Close file
2018-12-17T22:03:33.059887887Z 67 PC: 1309b | Get or set file attributes
2018-12-17T22:03:33.07314049Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:33.074787891Z 61 PC: 1389a | Open file (Filename = '')
2018-12-17T22:03:33.082076632Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:33.083903295Z 68 PC: 1309b | I/O control for devices (Set for = '���V�؎Ў����̵��� �')
2018-12-17T22:03:33.085269286Z 42 PC: 1309b | Get date 0x1309b: ret
0x1309c: les dx, ptr [si - 5]
0x1309f: mov ax, es
0x130a1: xchg ax, cx
0x130a2: mov ah, 0x42
0x130a4: xor al, al
0x130a6: jmp 0x13095
0x130a8: mov di, 0xc96
0x130ab: mov ah, 0x29
0x130ad: jmp 0x130a4
0x130af: call 0x23085
0x130b2: mov bl, 2
0x130b4: mov dx, 0x2ec
0x130b7: mov cl, 0xc
0x130b9: call 0x130c3
0x130bc: inc cx
0x130bd: mov bl, 4
0x130bf: call 0x130c3
0x130c2: dec bx
0x130c3: mov ah, 0x40
2018-12-17T22:03:33.087343142Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:33.089141649Z 78 PC: 1309b | Find first file
2018-12-17T22:03:33.094981288Z 41 PC: 1309b | Parse filename
2018-12-17T22:03:33.09642941Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:33.098188215Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:33.099639257Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:33.100959154Z 63 PC: 1309b | Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:03:33.107749132Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:33.10908176Z 63 PC: 1309b | Read file or device (Read 54 bytes on handle 5)
2018-12-17T22:03:33.111841088Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:33.114138161Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:33.116799453Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:33.118049599Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:33.120370639Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:33.122184383Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:03:33.124849929Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:33.127568413Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:33.129366944Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:33.131515667Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:03:33.133453281Z 66 PC: 12b51 | Move file pointer
2018-12-17T22:03:33.136360023Z 63 PC: 1389a | Read file or device (Read 200 bytes on handle 5)
2018-12-17T22:03:33.139412926Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:33.140570586Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:33.142994917Z 66 PC: 1309b | Move file pointer
2018-12-17T22:03:33.144253482Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:33.147275353Z 47 PC: 1309b | Get disk transfer address
2018-12-17T22:03:33.149447497Z 26 PC: 1309b | Set disk transfer address
2018-12-17T22:03:33.151779423Z 62 PC: 12b51 | Close file
2018-12-17T22:03:33.153398661Z 76 PC: 12b45 | Terminate with return code (Return code = '1')