Sample viewer

vx.netlux.org/Virus.DOS.VCL.2037

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:04:45.982041591Z	47	PC: 13042 \| Get disk transfer address
2018-12-17T22:04:45.983515498Z	26	PC: 1304a \| Set disk transfer address
2018-12-17T22:04:45.984462029Z	71	PC: 13090 \| Get current directory
2018-12-17T22:04:45.987130813Z	59	PC: 13098 \| Change current directory
2018-12-17T22:04:45.992098565Z	47	PC: 130ad \| Get disk transfer address
2018-12-17T22:04:45.993792003Z	26	PC: 130bb \| Set disk transfer address
2018-12-17T22:04:45.994667772Z	78	PC: 130c6 \| Find first file
2018-12-17T22:04:46.000832684Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.003100769Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.005351989Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.008117153Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.010389751Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.012635064Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.01517666Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.018651511Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.020926908Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.023038279Z	47	PC: 13112 \| Get disk transfer address
2018-12-17T22:04:46.033424286Z	26	PC: 13121 \| Set disk transfer address
2018-12-17T22:04:46.034368873Z	78	PC: 13129 \| Find first file
2018-12-17T22:04:46.04097067Z	47	PC: 13141 \| Get disk transfer address
2018-12-17T22:04:46.042614743Z	61	PC: 13159 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:04:46.048983434Z	63	PC: 13165 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:04:46.055183438Z	66	PC: 1316d \| Move file pointer
2018-12-17T22:04:46.05727432Z	62	PC: 13172 \| Close file
2018-12-17T22:04:46.059066882Z	67	PC: 13192 \| Get or set file attributes
2018-12-17T22:04:46.074916959Z	61	PC: 13197 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:04:46.084793186Z	64	PC: 131a3 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:04:46.088971391Z	66	PC: 131ab \| Move file pointer
2018-12-17T22:04:46.09271425Z	64	PC: 13636 \| Write file or device (Write 2037 bytes on handle 5)
2018-12-17T22:04:46.105200617Z	87	PC: 131bb \| Get or set file date and time
2018-12-17T22:04:46.107169793Z	62	PC: 131bf \| Close file
2018-12-17T22:04:46.115260372Z	67	PC: 131cc \| Get or set file attributes
2018-12-17T22:04:46.126001099Z	26	PC: 1313b \| Set disk transfer address
2018-12-17T22:04:46.128468384Z	26	PC: 130fe \| Set disk transfer address
2018-12-17T22:04:46.129894888Z	59	PC: 130a2 \| Change current directory
2018-12-17T22:04:46.131999364Z	71	PC: 13090 \| Get current directory
2018-12-17T22:04:46.136185115Z	59	PC: 13098 \| Change current directory
2018-12-17T22:04:46.140444066Z	47	PC: 130ad \| Get disk transfer address
2018-12-17T22:04:46.141877629Z	26	PC: 130bb \| Set disk transfer address
2018-12-17T22:04:46.144821912Z	78	PC: 130c6 \| Find first file
2018-12-17T22:04:46.155855816Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.158376707Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.161330409Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.163871795Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.166438939Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.170321916Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.172625795Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.175084498Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.178023389Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.180278638Z	47	PC: 13112 \| Get disk transfer address
2018-12-17T22:04:46.181330949Z	26	PC: 13121 \| Set disk transfer address
2018-12-17T22:04:46.183271027Z	78	PC: 13129 \| Find first file
2018-12-17T22:04:46.18938725Z	47	PC: 13141 \| Get disk transfer address
2018-12-17T22:04:46.191371185Z	61	PC: 13159 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:04:46.198503093Z	63	PC: 13165 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:04:46.20471981Z	66	PC: 1316d \| Move file pointer
2018-12-17T22:04:46.206328468Z	62	PC: 13172 \| Close file
2018-12-17T22:04:46.208677438Z	79	PC: 13129 \| Find next file
2018-12-17T22:04:46.212774606Z	47	PC: 13141 \| Get disk transfer address
2018-12-17T22:04:46.214309226Z	61	PC: 13159 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:04:46.222154763Z	63	PC: 13165 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:04:46.230197074Z	66	PC: 1316d \| Move file pointer
2018-12-17T22:04:46.231774231Z	62	PC: 13172 \| Close file
2018-12-17T22:04:46.233504102Z	67	PC: 13192 \| Get or set file attributes
2018-12-17T22:04:46.2399171Z	61	PC: 13197 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:04:46.244271512Z	64	PC: 131a3 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:04:46.246853796Z	66	PC: 131ab \| Move file pointer
2018-12-17T22:04:46.248935639Z	64	PC: 13636 \| Write file or device (Write 2037 bytes on handle 5)
2018-12-17T22:04:46.254988822Z	87	PC: 131bb \| Get or set file date and time
2018-12-17T22:04:46.256252966Z	62	PC: 131bf \| Close file
2018-12-17T22:04:46.261501171Z	67	PC: 131cc \| Get or set file attributes
2018-12-17T22:04:46.268416647Z	26	PC: 1313b \| Set disk transfer address
2018-12-17T22:04:46.270535742Z	26	PC: 130fe \| Set disk transfer address
2018-12-17T22:04:46.272400151Z	59	PC: 130a2 \| Change current directory
2018-12-17T22:04:46.273798988Z	71	PC: 13090 \| Get current directory
2018-12-17T22:04:46.27899485Z	59	PC: 13098 \| Change current directory
2018-12-17T22:04:46.286235573Z	47	PC: 130ad \| Get disk transfer address
2018-12-17T22:04:46.287291236Z	26	PC: 130bb \| Set disk transfer address
2018-12-17T22:04:46.288985071Z	78	PC: 130c6 \| Find first file
2018-12-17T22:04:46.298730388Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.30149128Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.303865761Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.306865486Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.309446719Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.311707364Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.314554004Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.316893157Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.319212054Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.322026542Z	47	PC: 13112 \| Get disk transfer address
2018-12-17T22:04:46.323012414Z	26	PC: 13121 \| Set disk transfer address
2018-12-17T22:04:46.323945717Z	78	PC: 13129 \| Find first file
2018-12-17T22:04:46.330710411Z	47	PC: 13141 \| Get disk transfer address
2018-12-17T22:04:46.332212883Z	61	PC: 13159 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:04:46.338810145Z	63	PC: 13165 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:04:46.346785848Z	66	PC: 1316d \| Move file pointer
2018-12-17T22:04:46.348555538Z	62	PC: 13172 \| Close file
2018-12-17T22:04:46.350512856Z	79	PC: 13129 \| Find next file
2018-12-17T22:04:46.354550294Z	47	PC: 13141 \| Get disk transfer address
2018-12-17T22:04:46.355698841Z	61	PC: 13159 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:04:46.362939698Z	63	PC: 13165 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:04:46.370183776Z	66	PC: 1316d \| Move file pointer
2018-12-17T22:04:46.372192179Z	62	PC: 13172 \| Close file
2018-12-17T22:04:46.374279613Z	79	PC: 13129 \| Find next file
2018-12-17T22:04:46.378126704Z	47	PC: 13141 \| Get disk transfer address
2018-12-17T22:04:46.379341812Z	61	PC: 13159 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:04:46.385811658Z	63	PC: 13165 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:04:46.393165553Z	66	PC: 1316d \| Move file pointer
2018-12-17T22:04:46.394503831Z	62	PC: 13172 \| Close file
2018-12-17T22:04:46.396214587Z	67	PC: 13192 \| Get or set file attributes
2018-12-17T22:04:46.406093404Z	61	PC: 13197 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:04:46.412661325Z	64	PC: 131a3 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:04:46.415190259Z	66	PC: 131ab \| Move file pointer
2018-12-17T22:04:46.417442372Z	64	PC: 13636 \| Write file or device (Write 2037 bytes on handle 5)
2018-12-17T22:04:46.427768837Z	87	PC: 131bb \| Get or set file date and time
2018-12-17T22:04:46.429912829Z	62	PC: 131bf \| Close file
2018-12-17T22:04:46.437367391Z	67	PC: 131cc \| Get or set file attributes
2018-12-17T22:04:46.447537928Z	26	PC: 1313b \| Set disk transfer address
2018-12-17T22:04:46.448565115Z	26	PC: 130fe \| Set disk transfer address
2018-12-17T22:04:46.449582473Z	59	PC: 130a2 \| Change current directory
2018-12-17T22:04:46.45221437Z	71	PC: 13090 \| Get current directory
2018-12-17T22:04:46.454953629Z	59	PC: 13098 \| Change current directory
2018-12-17T22:04:46.458764677Z	47	PC: 130ad \| Get disk transfer address
2018-12-17T22:04:46.460838299Z	26	PC: 130bb \| Set disk transfer address
2018-12-17T22:04:46.461904552Z	78	PC: 130c6 \| Find first file
2018-12-17T22:04:46.467675372Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.471056396Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.473433699Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.475799172Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.479100809Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.481553824Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.491140956Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.494432619Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.496782103Z	79	PC: 130ee \| Find next file
2018-12-17T22:04:46.49965384Z	47	PC: 13112 \| Get disk transfer address
2018-12-17T22:04:46.501921333Z	26	PC: 13121 \| Set disk transfer address
2018-12-17T22:04:46.503391729Z	78	PC: 13129 \| Find first file
2018-12-17T22:04:46.509263307Z	47	PC: 13141 \| Get disk transfer address
2018-12-17T22:04:46.510741447Z	61	PC: 13159 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:04:46.517388151Z	63	PC: 13165 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:04:46.519986688Z	66	PC: 1316d \| Move file pointer
2018-12-17T22:04:46.521746455Z	62	PC: 13172 \| Close file
2018-12-17T22:04:46.524558823Z	79	PC: 13129 \| Find next file
2018-12-17T22:04:46.527414764Z	47	PC: 13141 \| Get disk transfer address
2018-12-17T22:04:46.528773057Z	61	PC: 13159 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:04:46.536233086Z	63	PC: 13165 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:04:46.538786256Z	66	PC: 1316d \| Move file pointer
2018-12-17T22:04:46.540311281Z	62	PC: 13172 \| Close file
2018-12-17T22:04:46.543210429Z	79	PC: 13129 \| Find next file
2018-12-17T22:04:46.545780988Z	47	PC: 13141 \| Get disk transfer address
2018-12-17T22:04:46.546962494Z	61	PC: 13159 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:04:46.55445233Z	63	PC: 13165 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:04:46.561264174Z	66	PC: 1316d \| Move file pointer
2018-12-17T22:04:46.563172662Z	62	PC: 13172 \| Close file
2018-12-17T22:04:46.56592097Z	79	PC: 13129 \| Find next file
2018-12-17T22:04:46.568748661Z	47	PC: 13141 \| Get disk transfer address
2018-12-17T22:04:46.57023363Z	61	PC: 13159 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:04:46.578463307Z	63	PC: 13165 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:04:46.584652384Z	66	PC: 1316d \| Move file pointer
2018-12-17T22:04:46.585953967Z	62	PC: 13172 \| Close file
2018-12-17T22:04:46.588578Z	67	PC: 13192 \| Get or set file attributes
2018-12-17T22:04:46.59847006Z	61	PC: 13197 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:04:46.604933798Z	64	PC: 131a3 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:04:46.608012327Z	66	PC: 131ab \| Move file pointer
2018-12-17T22:04:46.610579523Z	64	PC: 13636 \| Write file or device (Write 2037 bytes on handle 5)
2018-12-17T22:04:46.620447339Z	87	PC: 131bb \| Get or set file date and time
2018-12-17T22:04:46.622419928Z	62	PC: 131bf \| Close file
2018-12-17T22:04:46.630144044Z	67	PC: 131cc \| Get or set file attributes
2018-12-17T22:04:46.640804146Z	26	PC: 1313b \| Set disk transfer address
2018-12-17T22:04:46.643631764Z	26	PC: 130fe \| Set disk transfer address
2018-12-17T22:04:46.645262159Z	59	PC: 130a2 \| Change current directory
2018-12-17T22:04:46.647401204Z	44	PC: 131dd \| Get time 0x131dd: mov al, ch 0x131df: cwde 0x131e0: ret 0x131e1: push bp 0x131e2: mov bp, di 0x131e4: lea si, word ptr [bp + 0x8e8] 0x131e8: xor ah, ah 0x131ea: int 0x1a 0x131ec: mov word ptr [si + 9], dx 0x131ef: xor byte ptr [si + 1], 8 0x131f3: xor byte ptr [si + 8], 1 0x131f7: xor word ptr [si + 0xb], 0x101 0x131fc: lea di, word ptr [bp + 0x8f8] 0x13200: mov cx, 0xf 0x13203: push si 0x13204: push cx 0x13205: rep movsb byte ptr es:[di], byte ptr [si] 0x13207: lea si, word ptr [bp + 0x4fb] 0x1320b: mov cx, 5 0x1320e: rep movsb byte ptr es:[di], byte ptr [si]
2018-12-17T22:04:46.650840106Z	26	PC: 13070 \| Set disk transfer address
2018-12-17T22:04:46.652282007Z	76	PC: 12a45 \| Terminate with return code (Return code = '0')