Sample viewer

vx.netlux.org/Virus.DOS.Riot.Lisa.666

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:07:03.557957011Z 26 PC: 12b26 | Set disk transfer address
2018-12-17T23:07:03.56052798Z 71 PC: 12a9b | Get current directory
2018-12-17T23:07:03.56874701Z 78 PC: 12aa3 | Find first file
2018-12-17T23:07:03.572686277Z 61 PC: 12aae | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:07:03.578042599Z 87 PC: 12ab4 | Get or set file date and time
2018-12-17T23:07:03.579739981Z 63 PC: 12ac1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:07:03.585062118Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.590648894Z 64 PC: 12aeb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:07:03.593515393Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.595343939Z 44 PC: 12af4 | Get time 0x12af4: mov word ptr cs:[bp + 0x12b], dx
0x12af9: call 0x22a52
0x12afc: pop dx
0x12afd: pop cx
0x12afe: mov ax, 0x5701
0x12b01: int 0x21
0x12b03: mov ah, 0x3e
0x12b05: int 0x21
0x12b07: mov ah, 0x4f
0x12b09: jmp 0x12aa1
0x12b0b: mov ah, 0x3b
0x12b0d: lea dx, word ptr [bp + 0x36b]
0x12b11: int 0x21
0x12b13: jb 0x12b17
0x12b15: jmp 0x12a9b
0x12b17: lea dx, word ptr [bp + 0x3c9]
0x12b1b: mov ah, 0x3b
0x12b1d: int 0x21
0x12b1f: mov dx, 0x80
0x12b22: mov ah, 0x1a
2018-12-17T23:07:03.598133459Z 64 PC: 12a67 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:07:03.620826492Z 87 PC: 12b03 | Get or set file date and time
2018-12-17T23:07:03.62231337Z 62 PC: 12b07 | Close file
2018-12-17T23:07:03.630542637Z 79 PC: 12aa3 | Find next file
2018-12-17T23:07:03.634159923Z 61 PC: 12aae | Open file (Filename = 'PRINT.COM')
2018-12-17T23:07:03.640647754Z 87 PC: 12ab4 | Get or set file date and time
2018-12-17T23:07:03.642049751Z 63 PC: 12ac1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:07:03.649183902Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.651185653Z 64 PC: 12aeb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:07:03.654141899Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.656336477Z 44 PC: 12af4 | Get time 0x12af4: mov word ptr cs:[bp + 0x12b], dx
0x12af9: call 0x22a52
0x12afc: pop dx
0x12afd: pop cx
0x12afe: mov ax, 0x5701
0x12b01: int 0x21
0x12b03: mov ah, 0x3e
0x12b05: int 0x21
0x12b07: mov ah, 0x4f
0x12b09: jmp 0x12aa1
0x12b0b: mov ah, 0x3b
0x12b0d: lea dx, word ptr [bp + 0x36b]
0x12b11: int 0x21
0x12b13: jb 0x12b17
0x12b15: jmp 0x12a9b
0x12b17: lea dx, word ptr [bp + 0x3c9]
0x12b1b: mov ah, 0x3b
0x12b1d: int 0x21
0x12b1f: mov dx, 0x80
0x12b22: mov ah, 0x1a
2018-12-17T23:07:03.659006973Z 64 PC: 12a67 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:07:03.667512519Z 87 PC: 12b03 | Get or set file date and time
2018-12-17T23:07:03.669968549Z 62 PC: 12b07 | Close file
2018-12-17T23:07:03.677642536Z 79 PC: 12aa3 | Find next file
2018-12-17T23:07:03.680211865Z 61 PC: 12aae | Open file (Filename = 'HELLO.COM')
2018-12-17T23:07:03.687107044Z 87 PC: 12ab4 | Get or set file date and time
2018-12-17T23:07:03.688733819Z 63 PC: 12ac1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:07:03.695067837Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.697565923Z 64 PC: 12aeb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:07:03.700832554Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.70280728Z 44 PC: 12af4 | Get time 0x12af4: mov word ptr cs:[bp + 0x12b], dx
0x12af9: call 0x22a52
0x12afc: pop dx
0x12afd: pop cx
0x12afe: mov ax, 0x5701
0x12b01: int 0x21
0x12b03: mov ah, 0x3e
0x12b05: int 0x21
0x12b07: mov ah, 0x4f
0x12b09: jmp 0x12aa1
0x12b0b: mov ah, 0x3b
0x12b0d: lea dx, word ptr [bp + 0x36b]
0x12b11: int 0x21
0x12b13: jb 0x12b17
0x12b15: jmp 0x12a9b
0x12b17: lea dx, word ptr [bp + 0x3c9]
0x12b1b: mov ah, 0x3b
0x12b1d: int 0x21
0x12b1f: mov dx, 0x80
0x12b22: mov ah, 0x1a
2018-12-17T23:07:03.706519098Z 64 PC: 12a67 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:07:03.714827419Z 87 PC: 12b03 | Get or set file date and time
2018-12-17T23:07:03.717114396Z 62 PC: 12b07 | Close file
2018-12-17T23:07:03.724944604Z 79 PC: 12aa3 | Find next file
2018-12-17T23:07:03.727881665Z 61 PC: 12aae | Open file (Filename = 'PHANG.COM')
2018-12-17T23:07:03.734332075Z 87 PC: 12ab4 | Get or set file date and time
2018-12-17T23:07:03.735696732Z 63 PC: 12ac1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:07:03.74259405Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.743919574Z 64 PC: 12aeb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:07:03.746536413Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.749466705Z 44 PC: 12af4 | Get time 0x12af4: mov word ptr cs:[bp + 0x12b], dx
0x12af9: call 0x22a52
0x12afc: pop dx
0x12afd: pop cx
0x12afe: mov ax, 0x5701
0x12b01: int 0x21
0x12b03: mov ah, 0x3e
0x12b05: int 0x21
0x12b07: mov ah, 0x4f
0x12b09: jmp 0x12aa1
0x12b0b: mov ah, 0x3b
0x12b0d: lea dx, word ptr [bp + 0x36b]
0x12b11: int 0x21
0x12b13: jb 0x12b17
0x12b15: jmp 0x12a9b
0x12b17: lea dx, word ptr [bp + 0x3c9]
0x12b1b: mov ah, 0x3b
0x12b1d: int 0x21
0x12b1f: mov dx, 0x80
0x12b22: mov ah, 0x1a
2018-12-17T23:07:03.753123662Z 64 PC: 12a67 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:07:03.761321904Z 87 PC: 12b03 | Get or set file date and time
2018-12-17T23:07:03.764160087Z 62 PC: 12b07 | Close file
2018-12-17T23:07:03.772152074Z 79 PC: 12aa3 | Find next file
2018-12-17T23:07:03.774836835Z 61 PC: 12aae | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:07:03.782140742Z 87 PC: 12ab4 | Get or set file date and time
2018-12-17T23:07:03.783443926Z 63 PC: 12ac1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:07:03.789903661Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.791779401Z 64 PC: 12aeb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:07:03.794880585Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.796582875Z 44 PC: 12af4 | Get time 0x12af4: mov word ptr cs:[bp + 0x12b], dx
0x12af9: call 0x22a52
0x12afc: pop dx
0x12afd: pop cx
0x12afe: mov ax, 0x5701
0x12b01: int 0x21
0x12b03: mov ah, 0x3e
0x12b05: int 0x21
0x12b07: mov ah, 0x4f
0x12b09: jmp 0x12aa1
0x12b0b: mov ah, 0x3b
0x12b0d: lea dx, word ptr [bp + 0x36b]
0x12b11: int 0x21
0x12b13: jb 0x12b17
0x12b15: jmp 0x12a9b
0x12b17: lea dx, word ptr [bp + 0x3c9]
0x12b1b: mov ah, 0x3b
0x12b1d: int 0x21
0x12b1f: mov dx, 0x80
0x12b22: mov ah, 0x1a
2018-12-17T23:07:03.7999073Z 64 PC: 12a67 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:07:03.808310325Z 87 PC: 12b03 | Get or set file date and time
2018-12-17T23:07:03.810064106Z 62 PC: 12b07 | Close file
2018-12-17T23:07:03.818395812Z 79 PC: 12aa3 | Find next file
2018-12-17T23:07:03.821532162Z 61 PC: 12aae | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:07:03.827955165Z 87 PC: 12ab4 | Get or set file date and time
2018-12-17T23:07:03.830335865Z 63 PC: 12ac1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:07:03.836721757Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.838058532Z 64 PC: 12aeb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:07:03.840664647Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.842276877Z 44 PC: 12af4 | Get time 0x12af4: mov word ptr cs:[bp + 0x12b], dx
0x12af9: call 0x22a52
0x12afc: pop dx
0x12afd: pop cx
0x12afe: mov ax, 0x5701
0x12b01: int 0x21
0x12b03: mov ah, 0x3e
0x12b05: int 0x21
0x12b07: mov ah, 0x4f
0x12b09: jmp 0x12aa1
0x12b0b: mov ah, 0x3b
0x12b0d: lea dx, word ptr [bp + 0x36b]
0x12b11: int 0x21
0x12b13: jb 0x12b17
0x12b15: jmp 0x12a9b
0x12b17: lea dx, word ptr [bp + 0x3c9]
0x12b1b: mov ah, 0x3b
0x12b1d: int 0x21
0x12b1f: mov dx, 0x80
0x12b22: mov ah, 0x1a
2018-12-17T23:07:03.844677553Z 64 PC: 12a67 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:07:03.854025779Z 87 PC: 12b03 | Get or set file date and time
2018-12-17T23:07:03.85709976Z 62 PC: 12b07 | Close file
2018-12-17T23:07:03.865320706Z 79 PC: 12aa3 | Find next file
2018-12-17T23:07:03.868136791Z 61 PC: 12aae | Open file (Filename = 'PAH.COM')
2018-12-17T23:07:03.875230136Z 87 PC: 12ab4 | Get or set file date and time
2018-12-17T23:07:03.876539832Z 63 PC: 12ac1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:07:03.882574847Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.884674137Z 64 PC: 12aeb | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:07:03.887192116Z 66 PC: 12b2e | Move file pointer
2018-12-17T23:07:03.88844557Z 44 PC: 12af4 | Get time 0x12af4: mov word ptr cs:[bp + 0x12b], dx
0x12af9: call 0x22a52
0x12afc: pop dx
0x12afd: pop cx
0x12afe: mov ax, 0x5701
0x12b01: int 0x21
0x12b03: mov ah, 0x3e
0x12b05: int 0x21
0x12b07: mov ah, 0x4f
0x12b09: jmp 0x12aa1
0x12b0b: mov ah, 0x3b
0x12b0d: lea dx, word ptr [bp + 0x36b]
0x12b11: int 0x21
0x12b13: jb 0x12b17
0x12b15: jmp 0x12a9b
0x12b17: lea dx, word ptr [bp + 0x3c9]
0x12b1b: mov ah, 0x3b
0x12b1d: int 0x21
0x12b1f: mov dx, 0x80
0x12b22: mov ah, 0x1a
2018-12-17T23:07:03.891510503Z 64 PC: 12a67 | Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:07:03.899237607Z 87 PC: 12b03 | Get or set file date and time
2018-12-17T23:07:03.900594165Z 62 PC: 12b07 | Close file
2018-12-17T23:07:03.908363958Z 79 PC: 12aa3 | Find next file
2018-12-17T23:07:03.91173631Z 61 PC: 12aae | Open file (Filename = 'TEST.COM')
2018-12-17T23:07:03.918220904Z 87 PC: 12ab4 | Get or set file date and time
2018-12-17T23:07:03.920127179Z 63 PC: 12ac1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:07:03.92355694Z 87 PC: 12b03 | Get or set file date and time
2018-12-17T23:07:03.92529242Z 62 PC: 12b07 | Close file
2018-12-17T23:07:03.932509389Z 79 PC: 12aa3 | Find next file
2018-12-17T23:07:03.935441734Z 59 PC: 12b13 | Change current directory
2018-12-17T23:07:03.939383209Z 59 PC: 12b1f | Change current directory
2018-12-17T23:07:03.940991213Z 26 PC: 12b26 | Set disk transfer address