Sample viewer

vx.netlux.org/Virus.DOS.Ash.Pizza.1602

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:08:36.619513014Z 26 PC: 12acc | Set disk transfer address
2018-12-17T23:08:36.621502294Z 78 PC: 12b25 | Find first file
2018-12-17T23:08:36.629975687Z 61 PC: 12b31 | Open file (Filename = 'SLEEP.COM')
2018-12-17T23:08:36.63817373Z 63 PC: 12b40 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:08:36.64677895Z 66 PC: 12b59 | Move file pointer
2018-12-17T23:08:36.649873082Z 64 PC: 12b6e | Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:08:36.653985655Z 64 PC: 12a71 | Write file or device (Write 1598 bytes on handle 5)
2018-12-17T23:08:36.673082682Z 66 PC: 12b92 | Move file pointer
2018-12-17T23:08:36.675377884Z 64 PC: 12bb4 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T23:08:36.682935074Z 62 PC: 12b19 | Close file
2018-12-17T23:08:36.692872434Z 79 PC: 12b25 | Find next file
2018-12-17T23:08:36.695365292Z 61 PC: 12b31 | Open file (Filename = '')
2018-12-17T23:08:36.697162966Z 79 PC: 12b25 | Find next file
2018-12-17T23:08:36.698986684Z 61 PC: 12b31 | Open file (Filename = '')
2018-12-17T23:08:36.706363041Z 79 PC: 12b25 | Find next file
2018-12-17T23:08:36.709405198Z 61 PC: 12b31 | Open file (Filename = '')
2018-12-17T23:08:36.711847257Z 79 PC: 12b25 | Find next file
2018-12-17T23:08:36.714570285Z 61 PC: 12b31 | Open file (Filename = '')
2018-12-17T23:08:36.71733444Z 79 PC: 12b25 | Find next file
2018-12-17T23:08:36.720167413Z 61 PC: 12b31 | Open file (Filename = '')
2018-12-17T23:08:36.722542488Z 79 PC: 12b25 | Find next file
2018-12-17T23:08:36.725963909Z 61 PC: 12b31 | Open file (Filename = '')
2018-12-17T23:08:36.728444405Z 79 PC: 12b25 | Find next file
2018-12-17T23:08:36.731161041Z 61 PC: 12b31 | Open file (Filename = '')
2018-12-17T23:08:36.734531268Z 79 PC: 12b25 | Find next file
2018-12-17T23:08:36.736925154Z 59 PC: 12be7 | Change current directory
2018-12-17T23:08:36.741929541Z 42 PC: 12bf6 | Get date 0x12bf6: cmp dl, 4
0x12bf9: jne 0x12c04
0x12bfb: cmp dh, 7
0x12bfe: jne 0x12c04
0x12c00: xor ax, ax
0x12c02: jmp 0x12c22
0x12c04: mov ah, 0x2c
0x12c06: int 0x21
0x12c08: or cl, cl
0x12c0a: jne 0x12c2f
0x12c0c: cmp ch, 6
0x12c0f: jge 0x12c2f
0x12c11: add cl, ch
0x12c13: mov ax, cx
0x12c15: cwde
0x12c16: add al, dh
0x12c18: adc al, dl
0x12c1a: adc ah, 0
0x12c1d: or ax, ax
0x12c1f: jne 0x12c22
2018-12-17T23:08:36.746396032Z 44 PC: 12c08 | Get time 0x12c08: or cl, cl
0x12c0a: jne 0x12c2f
0x12c0c: cmp ch, 6
0x12c0f: jge 0x12c2f
0x12c11: add cl, ch
0x12c13: mov ax, cx
0x12c15: cwde
0x12c16: add al, dh
0x12c18: adc al, dl
0x12c1a: adc ah, 0
0x12c1d: or ax, ax
0x12c1f: jne 0x12c22
0x12c21: inc ax
0x12c22: mov dx, ax
0x12c24: mov cx, 1
0x12c27: xor bx, bx
0x12c29: mov ah, 0x19
0x12c2b: int 0x21
0x12c2d: int 0x26
0x12c2f: mov bx, 0x3dc
2018-12-17T23:08:36.752191915Z 44 PC: 12c36 | Get time 0x12c36: inc dh
0x12c38: cmp dh, byte ptr [0x404]
0x12c3c: jl 0x12c44
0x12c3e: sub dh, byte ptr [0x404]
0x12c42: jmp 0x12c38
0x12c44: mov al, dh
0x12c46: mov cl, al
0x12c48: cwde
0x12c49: shl ax, 1
0x12c4b: add bx, ax
0x12c4d: mov si, word ptr [bx]
0x12c4f: mov ch, byte ptr [si - 1]
0x12c52: mov dx, si
0x12c54: mov ah, 9
0x12c56: int 0x21
0x12c58: cmp ch, 0
0x12c5b: je 0x12c86
0x12c5d: cmp ch, 1
0x12c60: je 0x12c60
0x12c62: cmp ch, 2
2018-12-17T23:08:36.75497961Z 9 PC: 12c58 | Display string (Could not find end pointer)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16260,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:52:29.351088753Z 26 PC: 12acc | Set disk transfer address
2018-12-25T12:52:29.352191139Z 78 PC: 12b25 | Find first file
2018-12-25T12:52:29.359110085Z 61 PC: 12b31 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:52:29.366503524Z 63 PC: 12b40 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:52:29.373588223Z 66 PC: 12b59 | Move file pointer
2018-12-25T12:52:29.375619806Z 64 PC: 12b6e | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:52:29.38022613Z 64 PC: 12a71 | Write file or device (Write 1598 bytes on handle 5)
2018-12-25T12:52:29.548321297Z 66 PC: 12b92 | Move file pointer
2018-12-25T12:52:29.551353317Z 64 PC: 12bb4 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:52:29.560096493Z 62 PC: 12b19 | Close file
2018-12-25T12:52:29.587385075Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.5909301Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.593759265Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.596658306Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.599488705Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.602736514Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.60498365Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.607809298Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.611677376Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.614715858Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.617464432Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.621165062Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.623928973Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.627247645Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.630564881Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.633399998Z 59 PC: 12be7 | Change current directory
2018-12-25T12:52:29.637905984Z 42 PC: 12bf6 | Get date 0x12bf6: cmp dl, 4
0x12bf9: jne 0x12c04
0x12bfb: cmp dh, 7
0x12bfe: jne 0x12c04
0x12c00: xor ax, ax
0x12c02: jmp 0x12c22
0x12c04: mov ah, 0x2c
0x12c06: int 0x21
0x12c08: or cl, cl
0x12c0a: jne 0x12c2f
0x12c0c: cmp ch, 6
0x12c0f: jge 0x12c2f
0x12c11: add cl, ch
0x12c13: mov ax, cx
0x12c15: cwde
0x12c16: add al, dh
0x12c18: adc al, dl
0x12c1a: adc ah, 0
0x12c1d: or ax, ax
0x12c1f: jne 0x12c22
2018-12-25T12:52:29.64457894Z 44 PC: 12c08 | Get time 0x12c08: or cl, cl
0x12c0a: jne 0x12c2f
0x12c0c: cmp ch, 6
0x12c0f: jge 0x12c2f
0x12c11: add cl, ch
0x12c13: mov ax, cx
0x12c15: cwde
0x12c16: add al, dh
0x12c18: adc al, dl
0x12c1a: adc ah, 0
0x12c1d: or ax, ax
0x12c1f: jne 0x12c22
0x12c21: inc ax
0x12c22: mov dx, ax
0x12c24: mov cx, 1
0x12c27: xor bx, bx
0x12c29: mov ah, 0x19
0x12c2b: int 0x21
0x12c2d: int 0x26
0x12c2f: mov bx, 0x3dc
2018-12-25T12:52:29.646955871Z 25 PC: 12c2d | Get default drive

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16260,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:52:29.53092949Z 26 PC: 12acc | Set disk transfer address
2018-12-25T12:52:29.532534946Z 78 PC: 12b25 | Find first file
2018-12-25T12:52:29.539112892Z 61 PC: 12b31 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:52:29.545878761Z 63 PC: 12b40 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:52:29.553063486Z 66 PC: 12b59 | Move file pointer
2018-12-25T12:52:29.554887681Z 64 PC: 12b6e | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:52:29.558666984Z 64 PC: 12a71 | Write file or device (Write 1598 bytes on handle 5)
2018-12-25T12:52:29.587267123Z 66 PC: 12b92 | Move file pointer
2018-12-25T12:52:29.589045116Z 64 PC: 12bb4 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:52:29.600641975Z 62 PC: 12b19 | Close file
2018-12-25T12:52:29.624682235Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.629330168Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.631896731Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.634556845Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.637375162Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.639921319Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.642075349Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.645748719Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.648090465Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.650756632Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.653501654Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.656164768Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.658308617Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.661812048Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.665126257Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.668597046Z 59 PC: 12be7 | Change current directory
2018-12-25T12:52:29.673098454Z 42 PC: 12bf6 | Get date 0x12bf6: cmp dl, 4
0x12bf9: jne 0x12c04
0x12bfb: cmp dh, 7
0x12bfe: jne 0x12c04
0x12c00: xor ax, ax
0x12c02: jmp 0x12c22
0x12c04: mov ah, 0x2c
0x12c06: int 0x21
0x12c08: or cl, cl
0x12c0a: jne 0x12c2f
0x12c0c: cmp ch, 6
0x12c0f: jge 0x12c2f
0x12c11: add cl, ch
0x12c13: mov ax, cx
0x12c15: cwde
0x12c16: add al, dh
0x12c18: adc al, dl
0x12c1a: adc ah, 0
0x12c1d: or ax, ax
0x12c1f: jne 0x12c22
2018-12-25T12:52:29.675610549Z 44 PC: 12c08 | Get time 0x12c08: or cl, cl
0x12c0a: jne 0x12c2f
0x12c0c: cmp ch, 6
0x12c0f: jge 0x12c2f
0x12c11: add cl, ch
0x12c13: mov ax, cx
0x12c15: cwde
0x12c16: add al, dh
0x12c18: adc al, dl
0x12c1a: adc ah, 0
0x12c1d: or ax, ax
0x12c1f: jne 0x12c22
0x12c21: inc ax
0x12c22: mov dx, ax
0x12c24: mov cx, 1
0x12c27: xor bx, bx
0x12c29: mov ah, 0x19
0x12c2b: int 0x21
0x12c2d: int 0x26
0x12c2f: mov bx, 0x3dc
2018-12-25T12:52:29.677870271Z 25 PC: 12c2d | Get default drive

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":6,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16260,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:52:29.730723981Z 26 PC: 12acc | Set disk transfer address
2018-12-25T12:52:29.73264448Z 78 PC: 12b25 | Find first file
2018-12-25T12:52:29.739442797Z 61 PC: 12b31 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:52:29.746991469Z 63 PC: 12b40 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:52:29.754102516Z 66 PC: 12b59 | Move file pointer
2018-12-25T12:52:29.756670325Z 64 PC: 12b6e | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:52:29.760761619Z 64 PC: 12a71 | Write file or device (Write 1598 bytes on handle 5)
2018-12-25T12:52:29.78923076Z 66 PC: 12b92 | Move file pointer
2018-12-25T12:52:29.791054504Z 64 PC: 12bb4 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:52:29.798017384Z 62 PC: 12b19 | Close file
2018-12-25T12:52:29.831779825Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.835284914Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.84426033Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.847020167Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.849731185Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.852712957Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.855294006Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.858326089Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.860871475Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.863870692Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.866594558Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.870283204Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.872573064Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.875256376Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:29.877991376Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:29.881545831Z 59 PC: 12be7 | Change current directory
2018-12-25T12:52:29.886235961Z 42 PC: 12bf6 | Get date 0x12bf6: cmp dl, 4
0x12bf9: jne 0x12c04
0x12bfb: cmp dh, 7
0x12bfe: jne 0x12c04
0x12c00: xor ax, ax
0x12c02: jmp 0x12c22
0x12c04: mov ah, 0x2c
0x12c06: int 0x21
0x12c08: or cl, cl
0x12c0a: jne 0x12c2f
0x12c0c: cmp ch, 6
0x12c0f: jge 0x12c2f
0x12c11: add cl, ch
0x12c13: mov ax, cx
0x12c15: cwde
0x12c16: add al, dh
0x12c18: adc al, dl
0x12c1a: adc ah, 0
0x12c1d: or ax, ax
0x12c1f: jne 0x12c22
2018-12-25T12:52:29.888977556Z 44 PC: 12c08 | Get time 0x12c08: or cl, cl
0x12c0a: jne 0x12c2f
0x12c0c: cmp ch, 6
0x12c0f: jge 0x12c2f
0x12c11: add cl, ch
0x12c13: mov ax, cx
0x12c15: cwde
0x12c16: add al, dh
0x12c18: adc al, dl
0x12c1a: adc ah, 0
0x12c1d: or ax, ax
0x12c1f: jne 0x12c22
0x12c21: inc ax
0x12c22: mov dx, ax
0x12c24: mov cx, 1
0x12c27: xor bx, bx
0x12c29: mov ah, 0x19
0x12c2b: int 0x21
0x12c2d: int 0x26
0x12c2f: mov bx, 0x3dc
2018-12-25T12:52:29.891454496Z 44 PC: 12c36 | Get time 0x12c36: inc dh
0x12c38: cmp dh, byte ptr [0x404]
0x12c3c: jl 0x12c44
0x12c3e: sub dh, byte ptr [0x404]
0x12c42: jmp 0x12c38
0x12c44: mov al, dh
0x12c46: mov cl, al
0x12c48: cwde
0x12c49: shl ax, 1
0x12c4b: add bx, ax
0x12c4d: mov si, word ptr [bx]
0x12c4f: mov ch, byte ptr [si - 1]
0x12c52: mov dx, si
0x12c54: mov ah, 9
0x12c56: int 0x21
0x12c58: cmp ch, 0
0x12c5b: je 0x12c86
0x12c5d: cmp ch, 1
0x12c60: je 0x12c60
0x12c62: cmp ch, 2
2018-12-25T12:52:29.894081984Z 9 PC: 12c58 | Display string (Could not find end pointer)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":6,"Min":0,"Second":0,"TimeBased":true,"OriginalID":16260,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:52:29.956463861Z 26 PC: 12acc | Set disk transfer address
2018-12-25T12:52:29.958514163Z 78 PC: 12b25 | Find first file
2018-12-25T12:52:29.965361164Z 61 PC: 12b31 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:52:29.97256853Z 63 PC: 12b40 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:52:29.979692559Z 66 PC: 12b59 | Move file pointer
2018-12-25T12:52:29.981481334Z 64 PC: 12b6e | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:52:29.98514506Z 64 PC: 12a71 | Write file or device (Write 1598 bytes on handle 5)
2018-12-25T12:52:30.026652434Z 66 PC: 12b92 | Move file pointer
2018-12-25T12:52:30.028237486Z 64 PC: 12bb4 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:52:30.035647022Z 62 PC: 12b19 | Close file
2018-12-25T12:52:30.084932385Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:30.087841595Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:30.090266125Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:30.09307457Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:30.096308425Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:30.098135147Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:30.099656953Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:30.101834778Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:30.103731458Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:30.105592581Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:30.109871412Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:30.111706979Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:30.113289197Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:30.115072885Z 61 PC: 12b31 | Open file (See above)
2018-12-25T12:52:30.117096655Z 79 PC: 12b25 | Find next file (See above)
2018-12-25T12:52:30.118941982Z 59 PC: 12be7 | Change current directory
2018-12-25T12:52:30.122200337Z 42 PC: 12bf6 | Get date 0x12bf6: cmp dl, 4
0x12bf9: jne 0x12c04
0x12bfb: cmp dh, 7
0x12bfe: jne 0x12c04
0x12c00: xor ax, ax
0x12c02: jmp 0x12c22
0x12c04: mov ah, 0x2c
0x12c06: int 0x21
0x12c08: or cl, cl
0x12c0a: jne 0x12c2f
0x12c0c: cmp ch, 6
0x12c0f: jge 0x12c2f
0x12c11: add cl, ch
0x12c13: mov ax, cx
0x12c15: cwde
0x12c16: add al, dh
0x12c18: adc al, dl
0x12c1a: adc ah, 0
0x12c1d: or ax, ax
0x12c1f: jne 0x12c22
2018-12-25T12:52:30.124471417Z 44 PC: 12c08 | Get time 0x12c08: or cl, cl
0x12c0a: jne 0x12c2f
0x12c0c: cmp ch, 6
0x12c0f: jge 0x12c2f
0x12c11: add cl, ch
0x12c13: mov ax, cx
0x12c15: cwde
0x12c16: add al, dh
0x12c18: adc al, dl
0x12c1a: adc ah, 0
0x12c1d: or ax, ax
0x12c1f: jne 0x12c22
0x12c21: inc ax
0x12c22: mov dx, ax
0x12c24: mov cx, 1
0x12c27: xor bx, bx
0x12c29: mov ah, 0x19
0x12c2b: int 0x21
0x12c2d: int 0x26
0x12c2f: mov bx, 0x3dc
2018-12-25T12:52:30.126543137Z 44 PC: 12c36 | Get time 0x12c36: inc dh
0x12c38: cmp dh, byte ptr [0x404]
0x12c3c: jl 0x12c44
0x12c3e: sub dh, byte ptr [0x404]
0x12c42: jmp 0x12c38
0x12c44: mov al, dh
0x12c46: mov cl, al
0x12c48: cwde
0x12c49: shl ax, 1
0x12c4b: add bx, ax
0x12c4d: mov si, word ptr [bx]
0x12c4f: mov ch, byte ptr [si - 1]
0x12c52: mov dx, si
0x12c54: mov ah, 9
0x12c56: int 0x21
0x12c58: cmp ch, 0
0x12c5b: je 0x12c86
0x12c5d: cmp ch, 1
0x12c60: je 0x12c60
0x12c62: cmp ch, 2
2018-12-25T12:52:30.130631012Z 9 PC: 12c58 | Display string (Could not find end pointer)