Sample viewer

vx.netlux.org/Virus.DOS.Vienna.Violator.4365

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:08:51.300298843Z	48	PC: 12e67 \| Get DOS version
2018-12-17T23:08:51.302077436Z	42	PC: 12e67 \| Get date 0x12e67: ret 0x12e68: int 0x13 0x12e6a: ret 0x12e6b: int 0x26 0x12e6d: ret 0x12e6e: mov ah, 0x2a 0x12e70: mov byte ptr [0x1192], 1 0x12e75: nop 0x12e76: call 0x22e4f 0x12e79: cmp cx, 0x7bc 0x12e7d: jge 0x12e82 0x12e7f: jmp 0x12f4e 0x12e82: cmp dh, byte ptr [0x1185] 0x12e86: je 0x12ea6 0x12e88: jmp 0x12e8b 0x12e8a: nop 0x12e8b: cmp dh, byte ptr [0x1188] 0x12e8f: je 0x12eb8 0x12e91: jmp 0x12e94 0x12e93: nop
2018-12-17T23:08:51.305429997Z	47	PC: 12e67 \| Get disk transfer address
2018-12-17T23:08:51.30718215Z	26	PC: 12e67 \| Set disk transfer address
2018-12-17T23:08:51.30896484Z	78	PC: 12e67 \| Find first file
2018-12-17T23:08:51.316712963Z	67	PC: 12e67 \| Get or set file attributes
2018-12-17T23:08:51.323131967Z	67	PC: 12e67 \| Get or set file attributes
2018-12-17T23:08:51.341095541Z	61	PC: 12e67 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:08:51.349322022Z	87	PC: 12e67 \| Get or set file date and time
2018-12-17T23:08:51.351058736Z	44	PC: 12e67 \| Get time 0x12e67: ret 0x12e68: int 0x13 0x12e6a: ret 0x12e6b: int 0x26 0x12e6d: ret 0x12e6e: mov ah, 0x2a 0x12e70: mov byte ptr [0x1192], 1 0x12e75: nop 0x12e76: call 0x22e4f 0x12e79: cmp cx, 0x7bc 0x12e7d: jge 0x12e82 0x12e7f: jmp 0x12f4e 0x12e82: cmp dh, byte ptr [0x1185] 0x12e86: je 0x12ea6 0x12e88: jmp 0x12e8b 0x12e8a: nop 0x12e8b: cmp dh, byte ptr [0x1188] 0x12e8f: je 0x12eb8 0x12e91: jmp 0x12e94 0x12e93: nop
2018-12-17T23:08:51.353500526Z	63	PC: 12e67 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:08:51.361028715Z	66	PC: 12e67 \| Move file pointer
2018-12-17T23:08:51.363041398Z	64	PC: 12e67 \| Write file or device (Write 4365 bytes on handle 5)
2018-12-17T23:08:51.372823554Z	66	PC: 12e67 \| Move file pointer
2018-12-17T23:08:51.375753751Z	64	PC: 12e67 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:08:51.384020048Z	87	PC: 12e67 \| Get or set file date and time
2018-12-17T23:08:51.385921281Z	62	PC: 12e67 \| Close file
2018-12-17T23:08:51.395675654Z	67	PC: 12e67 \| Get or set file attributes
2018-12-17T23:08:51.407203923Z	26	PC: 12e67 \| Set disk transfer address
2018-12-17T23:08:51.413553416Z	9	PC: 12e26 \| Display string (String= 'BCDEF- This is a 1000 byte COM test, 1994 ')