Sample viewer

vx.netlux.org/Virus.DOS.Burger.560.q

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:05:39.016186401Z	25	PC: 12a56 \| Get default drive
2018-12-17T23:05:39.018406758Z	71	PC: 12a67 \| Get current directory
2018-12-17T23:05:39.037148407Z	14	PC: 12a6d \| Set default drive (Drive = 'A')
2018-12-17T23:05:39.038705813Z	14	PC: 12ac1 \| Set default drive (Drive = 'A')
2018-12-17T23:05:39.040181932Z	59	PC: 12ac8 \| Change current directory
2018-12-17T23:05:39.045546681Z	78	PC: 12b25 \| Find first file
2018-12-17T23:05:39.052298345Z	42	PC: 12b34 \| Get date 0x12b34: cmp al, 1 0x12b36: je 0x12b3a 0x12b38: jne 0x12b48 0x12b3a: mov ah, 5 0x12b3c: mov ch, 0 0x12b3e: mov cl, 1 0x12b40: mov dh, 0 0x12b42: mov dl, 2 0x12b44: int 0x13 0x12b46: int 0x20 0x12b48: mov ah, 0x3d 0x12b4a: mov al, 2 0x12b4c: mov dx, 0x9e 0x12b4f: int 0x21 0x12b51: mov bx, ax 0x12b53: mov ah, 0x3f 0x12b55: mov cx, 0x230 0x12b58: nop 0x12b59: mov dx, 0xe000 0x12b5c: nop

{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15281,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:43:06.430051345Z	25	PC: 12a56 \| Get default drive
2018-12-25T12:43:06.431840005Z	71	PC: 12a67 \| Get current directory
2018-12-25T12:43:06.434779579Z	14	PC: 12a6d \| Set default drive (Drive = 'A')
2018-12-25T12:43:06.436609029Z	14	PC: 12ac1 \| Set default drive (Drive = 'A')
2018-12-25T12:43:06.439119327Z	59	PC: 12ac8 \| Change current directory
2018-12-25T12:43:06.443167735Z	78	PC: 12b25 \| Find first file
2018-12-25T12:43:06.45453692Z	42	PC: 12b34 \| Get date 0x12b34: cmp al, 1 0x12b36: je 0x12b3a 0x12b38: jne 0x12b48 0x12b3a: mov ah, 5 0x12b3c: mov ch, 0 0x12b3e: mov cl, 1 0x12b40: mov dh, 0 0x12b42: mov dl, 2 0x12b44: int 0x13 0x12b46: int 0x20 0x12b48: mov ah, 0x3d 0x12b4a: mov al, 2 0x12b4c: mov dx, 0x9e 0x12b4f: int 0x21 0x12b51: mov bx, ax 0x12b53: mov ah, 0x3f 0x12b55: mov cx, 0x230 0x12b58: nop 0x12b59: mov dx, 0xe000 0x12b5c: nop

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15281,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:43:06.441611012Z	25	PC: 12a56 \| Get default drive
2018-12-25T12:43:06.443427114Z	71	PC: 12a67 \| Get current directory
2018-12-25T12:43:06.450290538Z	14	PC: 12a6d \| Set default drive (Drive = 'A')
2018-12-25T12:43:06.451463595Z	14	PC: 12ac1 \| Set default drive (Drive = 'A')
2018-12-25T12:43:06.452928363Z	59	PC: 12ac8 \| Change current directory
2018-12-25T12:43:06.45770335Z	78	PC: 12b25 \| Find first file
2018-12-25T12:43:06.469092208Z	42	PC: 12b34 \| Get date 0x12b34: cmp al, 1 0x12b36: je 0x12b3a 0x12b38: jne 0x12b48 0x12b3a: mov ah, 5 0x12b3c: mov ch, 0 0x12b3e: mov cl, 1 0x12b40: mov dh, 0 0x12b42: mov dl, 2 0x12b44: int 0x13 0x12b46: int 0x20 0x12b48: mov ah, 0x3d 0x12b4a: mov al, 2 0x12b4c: mov dx, 0x9e 0x12b4f: int 0x21 0x12b51: mov bx, ax 0x12b53: mov ah, 0x3f 0x12b55: mov cx, 0x230 0x12b58: nop 0x12b59: mov dx, 0xe000 0x12b5c: nop
2018-12-25T12:43:06.471428119Z	61	PC: 12b51 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:43:06.478815457Z	63	PC: 12b5f \| Read file or device (Read 560 bytes on handle 5)
2018-12-25T12:43:06.487665448Z	62	PC: 12b63 \| Close file
2018-12-25T12:43:06.489709403Z	67	PC: 12b77 \| Get or set file attributes
2018-12-25T12:43:06.496934088Z	67	PC: 12b81 \| Get or set file attributes
2018-12-25T12:43:06.513859714Z	61	PC: 12b8a \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:43:06.524318149Z	87	PC: 12b92 \| Get or set file date and time
2018-12-25T12:43:06.529090526Z	64	PC: 12bb8 \| Write file or device (Write 560 bytes on handle 5)
2018-12-25T12:43:06.539075339Z	87	PC: 12bc0 \| Get or set file date and time
2018-12-25T12:43:06.550580307Z	62	PC: 12bc4 \| Close file
2018-12-25T12:43:06.558950144Z	14	PC: 12be2 \| Set default drive (Drive = 'A')
2018-12-25T12:43:06.560208881Z	59	PC: 12be9 \| Change current directory
2018-12-25T12:43:06.564180042Z	0	PC: 12bd9 \| Program terminate