Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.615

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:08:27.584339661Z	44	PC: 12b97 \| Get time 0x12b97: cmp byte ptr [0x106], 0 0x12b9c: je 0x12ba3 0x12b9e: cmp dh, 0xf 0x12ba1: jg 0x12bac 0x12ba3: cmp dl, 0 0x12ba6: je 0x12b93 0x12ba8: mov byte ptr [0x106], dl 0x12bac: mov byte ptr [0x248], 0 0x12bb1: mov byte ptr [0x249], 4 0x12bb6: mov byte ptr [0x252], 0 0x12bbb: mov cx, 0x27 0x12bbe: mov dx, 0x131 0x12bc1: mov ah, 0x4e 0x12bc3: int 0x21 0x12bc5: cmp ax, 0x12 0x12bc8: je 0x12bcd 0x12bca: call 0x12bef 0x12bcd: mov cx, 0x27 0x12bd0: mov dx, 0x137 0x12bd3: mov ah, 0x4e
2018-12-17T23:08:27.593976455Z	78	PC: 12bc5 \| Find first file
2018-12-17T23:08:27.603707976Z	78	PC: 12bd7 \| Find first file
2018-12-17T23:08:27.610251955Z	67	PC: 12c10 \| Get or set file attributes
2018-12-17T23:08:27.628621442Z	61	PC: 12c16 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:08:27.636666464Z	63	PC: 12c25 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:08:27.644185076Z	62	PC: 12c59 \| Close file
2018-12-17T23:08:27.646764274Z	61	PC: 12c62 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:08:27.660933306Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:08:27.670312054Z	87	PC: 12c8a \| Get or set file date and time
2018-12-17T23:08:27.672606236Z	62	PC: 12c92 \| Close file
2018-12-17T23:08:27.682732469Z	67	PC: 12c9f \| Get or set file attributes
2018-12-17T23:08:27.688153278Z	79	PC: 12c49 \| Find next file
2018-12-17T23:08:27.691362009Z	67	PC: 12c10 \| Get or set file attributes
2018-12-17T23:08:27.702627864Z	61	PC: 12c16 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:08:27.710098927Z	63	PC: 12c25 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:08:27.71900704Z	62	PC: 12c59 \| Close file
2018-12-17T23:08:27.722003833Z	61	PC: 12c62 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:08:27.73588855Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:08:27.74516154Z	87	PC: 12c8a \| Get or set file date and time
2018-12-17T23:08:27.747380771Z	62	PC: 12c92 \| Close file
2018-12-17T23:08:27.758684387Z	67	PC: 12c9f \| Get or set file attributes
2018-12-17T23:08:27.76410729Z	79	PC: 12c49 \| Find next file
2018-12-17T23:08:27.767233546Z	67	PC: 12c10 \| Get or set file attributes
2018-12-17T23:08:27.778849509Z	61	PC: 12c16 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:08:27.786563038Z	63	PC: 12c25 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:08:27.793980359Z	62	PC: 12c59 \| Close file
2018-12-17T23:08:27.798327981Z	61	PC: 12c62 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:08:27.805978621Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:08:27.814960253Z	87	PC: 12c8a \| Get or set file date and time
2018-12-17T23:08:27.818117327Z	62	PC: 12c92 \| Close file
2018-12-17T23:08:27.827183808Z	67	PC: 12c9f \| Get or set file attributes
2018-12-17T23:08:27.833778734Z	79	PC: 12c49 \| Find next file
2018-12-17T23:08:27.837450966Z	67	PC: 12c10 \| Get or set file attributes
2018-12-17T23:08:27.848759592Z	61	PC: 12c16 \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:08:27.855837555Z	63	PC: 12c25 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:08:27.863391744Z	62	PC: 12c59 \| Close file
2018-12-17T23:08:27.866459259Z	61	PC: 12c62 \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:08:27.875369127Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:08:27.885251481Z	87	PC: 12c8a \| Get or set file date and time
2018-12-17T23:08:27.888451366Z	62	PC: 12c92 \| Close file
2018-12-17T23:08:27.898641499Z	67	PC: 12c9f \| Get or set file attributes
2018-12-17T23:08:27.904482758Z	9	PC: 12cce \| Display string (String= ' Program too big to fit in memory')
2018-12-17T23:08:27.909851289Z	76	PC: 12cd2 \| Terminate with return code (Return code = '36')