Sample viewer

vx.netlux.org/Virus.DOS.Whiplash.3168

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:05:22.470896204Z 42 PC: 13429 | Get date 0x13429: cmp dh, byte ptr cs:[bp + 0xc44]
0x1342e: jne 0x1343a
0x13430: cmp dl, byte ptr cs:[bp + 0xc45]
0x13435: jle 0x1343a
0x13437: jmp 0x1351e
0x1343a: popaw
0x1343b: ret
0x1343c: or cl, byte ptr [di]
0x1343e: or ax, 0xd0a
0x13441: or cl, byte ptr [di]
0x13443: or cl, byte ptr [di]
0x13445: or ah, byte ptr [bx + si]
0x13447: and byte ptr [bx + si], ah
0x13449: and byte ptr [bx + si], ah
0x1344b: and byte ptr [bx + si], ah
0x1344d: and byte ptr [bx + si], ah
0x1344f: and byte ptr [bx + si], ah
0x13451: and byte ptr [bx + si], ah
0x13453: push sp
0x13454: push 0x7369
2018-12-17T23:05:22.473662398Z 74 PC: 12af7 | Reallocate memory
2018-12-17T23:05:22.47528591Z 72 PC: 12b03 | Allocate memory
2018-12-17T23:05:22.477235537Z 30 PC: 12b77 | Reserved
2018-12-17T23:05:22.479522062Z 76 PC: 9e4aa | Terminate with return code (Return code = '24')
2018-12-17T23:05:22.482741137Z 77 PC: 11fe0 | Get program return code
2018-12-17T23:05:22.483899345Z 72 PC: 12174 | Allocate memory
2018-12-17T23:05:22.486229449Z 72 PC: 1218d | Allocate memory
2018-12-17T23:05:22.48821814Z 2 PC: 1268d | Character output (Char = '0d')
2018-12-17T23:05:22.490659334Z 2 PC: 1268d | Character output (Char = '0a')
2018-12-17T23:05:22.494819561Z 2 PC: 1268d | Character output (Char = '4d')
2018-12-17T23:05:22.498267937Z 2 PC: 1268d | Character output (Char = '65')
2018-12-17T23:05:22.503710504Z 2 PC: 1268d | Character output (Char = '6d')
2018-12-17T23:05:22.506369052Z 2 PC: 1268d | Character output (Char = '6f')
2018-12-17T23:05:22.509253318Z 2 PC: 1268d | Character output (Char = '72')
2018-12-17T23:05:22.511667178Z 2 PC: 1268d | Character output (Char = '79')
2018-12-17T23:05:22.513815922Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:05:22.51651544Z 2 PC: 1268d | Character output (Char = '61')
2018-12-17T23:05:22.519100728Z 2 PC: 1268d | Character output (Char = '6c')
2018-12-17T23:05:22.521478651Z 2 PC: 1268d | Character output (Char = '6c')
2018-12-17T23:05:22.524047958Z 2 PC: 1268d | Character output (Char = '6f')
2018-12-17T23:05:22.526899311Z 2 PC: 1268d | Character output (Char = '63')
2018-12-17T23:05:22.52927473Z 2 PC: 1268d | Character output (Char = '61')
2018-12-17T23:05:22.531651486Z 2 PC: 1268d | Character output (Char = '74')
2018-12-17T23:05:22.534862804Z 2 PC: 1268d | Character output (Char = '69')
2018-12-17T23:05:22.537704602Z 2 PC: 1268d | Character output (Char = '6f')
2018-12-17T23:05:22.539949456Z 2 PC: 1268d | Character output (Char = '6e')
2018-12-17T23:05:22.54331566Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:05:22.545423529Z 2 PC: 1268d | Character output (Char = '65')
2018-12-17T23:05:22.547499271Z 2 PC: 1268d | Character output (Char = '72')
2018-12-17T23:05:22.552261009Z 2 PC: 1268d | Character output (Char = '72')
2018-12-17T23:05:22.555060068Z 2 PC: 1268d | Character output (Char = '6f')
2018-12-17T23:05:22.557264433Z 2 PC: 1268d | Character output (Char = '72')
2018-12-17T23:05:22.560476173Z 2 PC: 1268d | Character output (Char = '0d')
2018-12-17T23:05:22.56328564Z 2 PC: 1268d | Character output (Char = '0a')
2018-12-17T23:05:22.567178294Z 2 PC: 1268d | Character output (Char = '43')
2018-12-17T23:05:22.570696649Z 2 PC: 1268d | Character output (Char = '61')
2018-12-17T23:05:22.572904242Z 2 PC: 1268d | Character output (Char = '6e')
2018-12-17T23:05:22.575104731Z 2 PC: 1268d | Character output (Char = '6e')
2018-12-17T23:05:22.577858017Z 2 PC: 1268d | Character output (Char = '6f')
2018-12-17T23:05:22.580226647Z 2 PC: 1268d | Character output (Char = '74')
2018-12-17T23:05:22.582685007Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:05:22.585877379Z 2 PC: 1268d | Character output (Char = '6c')
2018-12-17T23:05:22.588680287Z 2 PC: 1268d | Character output (Char = '6f')
2018-12-17T23:05:22.591358024Z 2 PC: 1268d | Character output (Char = '61')
2018-12-17T23:05:22.594798451Z 2 PC: 1268d | Character output (Char = '64')
2018-12-17T23:05:22.597093097Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:05:22.599822916Z 2 PC: 1268d | Character output (Char = '43')
2018-12-17T23:05:22.601756572Z 2 PC: 1268d | Character output (Char = '4f')
2018-12-17T23:05:22.603569365Z 2 PC: 1268d | Character output (Char = '4d')
2018-12-17T23:05:22.605060121Z 2 PC: 1268d | Character output (Char = '4d')
2018-12-17T23:05:22.60667453Z 2 PC: 1268d | Character output (Char = '41')
2018-12-17T23:05:22.609385739Z 2 PC: 1268d | Character output (Char = '4e')
2018-12-17T23:05:22.613667201Z 2 PC: 1268d | Character output (Char = '44')
2018-12-17T23:05:22.616630484Z 2 PC: 1268d | Character output (Char = '2c')
2018-12-17T23:05:22.620618281Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:05:22.623051402Z 2 PC: 1268d | Character output (Char = '73')
2018-12-17T23:05:22.62545396Z 2 PC: 1268d | Character output (Char = '79')
2018-12-17T23:05:22.628952076Z 2 PC: 1268d | Character output (Char = '73')
2018-12-17T23:05:22.631427556Z 2 PC: 1268d | Character output (Char = '74')
2018-12-17T23:05:22.633903138Z 2 PC: 1268d | Character output (Char = '65')
2018-12-17T23:05:22.636829055Z 2 PC: 1268d | Character output (Char = '6d')
2018-12-17T23:05:22.639289253Z 2 PC: 1268d | Character output (Char = '20')
2018-12-17T23:05:22.641777794Z 2 PC: 1268d | Character output (Char = '68')
2018-12-17T23:05:22.644700617Z 2 PC: 1268d | Character output (Char = '61')
2018-12-17T23:05:22.648456142Z 2 PC: 1268d | Character output (Char = '6c')
2018-12-17T23:05:22.650862964Z 2 PC: 1268d | Character output (Char = '74')
2018-12-17T23:05:22.654561284Z 2 PC: 1268d | Character output (Char = '65')
2018-12-17T23:05:22.656618898Z 2 PC: 1268d | Character output (Char = '64')
2018-12-17T23:05:22.658767203Z 2 PC: 1268d | Character output (Char = '0d')
2018-12-17T23:05:22.661642687Z 2 PC: 1268d | Character output (Char = '0a')