Sample viewer

vx.netlux.org/Virus.DOS.Orchid.311

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:08:12.35105063Z 26 PC: 2296e | Set disk transfer address
2018-12-17T23:08:12.352250766Z 78 PC: 22978 | Find first file
2018-12-17T23:08:12.359357063Z 61 PC: 22980 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:08:12.366336021Z 63 PC: 2298b | Read file or device (Read 311 bytes on handle 5)
2018-12-17T23:08:12.373580257Z 44 PC: 22999 | Get time 0x22999: mov byte ptr ss:[0x207], dl
0x2299e: mov byte ptr [0x107], dl
0x229a2: mov ax, 0x4202
0x229a5: xor cx, cx
0x229a7: xor dx, dx
0x229a9: int 0x21
0x229ab: cmp ax, 0x137
0x229ae: jae 0x229b6
0x229b0: mov ax, 0x237
0x229b3: jmp 0x229b9
0x229b5: nop
0x229b6: add ax, 0x100
0x229b9: mov word ptr ss:[0x1df], ax
0x229bd: push ss
0x229be: pop es
0x229bf: push es
0x229c0: pop ds
0x229c1: call 0x22a3d
0x229c4: mov ax, 0x4200
0x229c7: xor cx, cx
2018-12-17T23:08:12.376955432Z 66 PC: 229ab | Move file pointer
2018-12-17T23:08:12.37899186Z 66 PC: 229cd | Move file pointer
2018-12-17T23:08:12.38109861Z 64 PC: 229d7 | Write file or device (Write 311 bytes on handle 5)
2018-12-17T23:08:12.385193456Z 66 PC: 229e0 | Move file pointer
2018-12-17T23:08:12.387572598Z 64 PC: 229eb | Write file or device (Write 311 bytes on handle 5)
2018-12-17T23:08:12.402993955Z 62 PC: 229ef | Close file
2018-12-17T23:08:12.412538655Z 9 PC: 12a47 | Display string (String= '(C) 1993 American Eagle Poblications Inc., All Rights Reserved. Unauthorized use will be prosecuted under applicable copyright and software piracy laws. HOST #1 - You have just released a virus!')
2018-12-17T23:08:12.420590991Z 76 PC: 12a4c | Terminate with return code (Return code = '0')