Sample viewer

vx.netlux.org/Virus.DOS.Exorcist.565

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:09:32.816453742Z 42 PC: 12a55 | Get date 0x12a55: cmp dl, 7
0x12a58: je 0x12a5c
0x12a5a: jne 0x12a6f
0x12a5c: mov ax, 2
0x12a5f: mov cx, 0x3e7
0x12a62: cli
0x12a63: cdq
0x12a64: int 0x26
0x12a66: inc ax
0x12a67: cmp ax, 5
0x12a6a: jne 0x12a64
0x12a6c: sti
0x12a6d: int 0x19
0x12a6f: cmp dl, 5
0x12a72: jg 0x12a7f
0x12a74: mov ax, 0x5f08
0x12a77: mov dl, 0
0x12a79: int 0x21
0x12a7b: mov dl, 1
0x12a7d: int 0x21
2018-12-17T23:09:32.819157319Z 26 PC: 12ab5 | Set disk transfer address
2018-12-17T23:09:32.820308314Z 71 PC: 12aef | Get current directory
2018-12-17T23:09:32.823911526Z 78 PC: 12b1b | Find first file
2018-12-17T23:09:32.831241635Z 67 PC: 12b5c | Get or set file attributes
2018-12-17T23:09:32.836840325Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:32.857275542Z 61 PC: 12b69 | Open file (Filename = '')
2018-12-17T23:09:32.876362156Z 87 PC: 12b74 | Get or set file date and time
2018-12-17T23:09:32.87782286Z 63 PC: 12b81 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:09:32.883934839Z 66 PC: 12c1f | Move file pointer
2018-12-17T23:09:32.885297179Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:32.895743962Z 62 PC: 12beb | Close file
2018-12-17T23:09:32.89746443Z 79 PC: 12b30 | Find next file
2018-12-17T23:09:32.899976269Z 67 PC: 12b5c | Get or set file attributes
2018-12-17T23:09:32.919646007Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:32.926148874Z 61 PC: 12b69 | Open file (Filename = '')
2018-12-17T23:09:32.930183107Z 87 PC: 12b74 | Get or set file date and time
2018-12-17T23:09:32.932140023Z 63 PC: 12b81 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:09:32.936736869Z 66 PC: 12c1f | Move file pointer
2018-12-17T23:09:32.937923231Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:32.948299347Z 62 PC: 12beb | Close file
2018-12-17T23:09:32.953972191Z 79 PC: 12b30 | Find next file
2018-12-17T23:09:32.959434766Z 67 PC: 12b5c | Get or set file attributes
2018-12-17T23:09:32.970967622Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:32.980706161Z 61 PC: 12b69 | Open file (Filename = '')
2018-12-17T23:09:32.99003304Z 87 PC: 12b74 | Get or set file date and time
2018-12-17T23:09:32.992808893Z 63 PC: 12b81 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:09:32.999506353Z 66 PC: 12c1f | Move file pointer
2018-12-17T23:09:33.000978512Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:33.011516931Z 62 PC: 12beb | Close file
2018-12-17T23:09:33.013384637Z 79 PC: 12b30 | Find next file
2018-12-17T23:09:33.016390918Z 67 PC: 12b5c | Get or set file attributes
2018-12-17T23:09:33.024048746Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:33.037123506Z 61 PC: 12b69 | Open file (Filename = '')
2018-12-17T23:09:33.043864018Z 87 PC: 12b74 | Get or set file date and time
2018-12-17T23:09:33.045256749Z 63 PC: 12b81 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:09:33.051653474Z 66 PC: 12c1f | Move file pointer
2018-12-17T23:09:33.052979912Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:33.062674881Z 62 PC: 12beb | Close file
2018-12-17T23:09:33.065232806Z 79 PC: 12b30 | Find next file
2018-12-17T23:09:33.067907324Z 67 PC: 12b5c | Get or set file attributes
2018-12-17T23:09:33.07367754Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:33.084134775Z 61 PC: 12b69 | Open file (Filename = '')
2018-12-17T23:09:33.095490467Z 87 PC: 12b74 | Get or set file date and time
2018-12-17T23:09:33.096901306Z 63 PC: 12b81 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:09:33.10468548Z 66 PC: 12c1f | Move file pointer
2018-12-17T23:09:33.106435088Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:33.116107099Z 62 PC: 12beb | Close file
2018-12-17T23:09:33.119392414Z 79 PC: 12b30 | Find next file
2018-12-17T23:09:33.122290674Z 67 PC: 12b5c | Get or set file attributes
2018-12-17T23:09:33.128419019Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:33.139913494Z 61 PC: 12b69 | Open file (Filename = '')
2018-12-17T23:09:33.146512662Z 87 PC: 12b74 | Get or set file date and time
2018-12-17T23:09:33.147966122Z 63 PC: 12b81 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:09:33.154349057Z 66 PC: 12c1f | Move file pointer
2018-12-17T23:09:33.157304903Z 64 PC: 12bbd | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:09:33.159964395Z 64 PC: 12bc8 | Write file or device (Write 560 bytes on handle 5)
2018-12-17T23:09:33.169483262Z 66 PC: 12c1f | Move file pointer
2018-12-17T23:09:33.171762678Z 64 PC: 12bd3 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:09:33.178131405Z 87 PC: 12bda | Get or set file date and time
2018-12-17T23:09:33.179596241Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:33.191262992Z 62 PC: 12beb | Close file
2018-12-17T23:09:33.19866683Z 79 PC: 12b30 | Find next file
2018-12-17T23:09:33.201256756Z 67 PC: 12b5c | Get or set file attributes
2018-12-17T23:09:33.208432997Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:33.218534398Z 61 PC: 12b69 | Open file (Filename = '')
2018-12-17T23:09:33.229978159Z 87 PC: 12b74 | Get or set file date and time
2018-12-17T23:09:33.233092608Z 63 PC: 12b81 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:09:33.239997053Z 66 PC: 12c1f | Move file pointer
2018-12-17T23:09:33.241663767Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:33.252082913Z 62 PC: 12beb | Close file
2018-12-17T23:09:33.253826782Z 79 PC: 12b30 | Find next file
2018-12-17T23:09:33.256496029Z 67 PC: 12b5c | Get or set file attributes
2018-12-17T23:09:33.262674732Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:33.272067356Z 61 PC: 12b69 | Open file (Filename = '')
2018-12-17T23:09:33.278706744Z 87 PC: 12b74 | Get or set file date and time
2018-12-17T23:09:33.285409547Z 63 PC: 12b81 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:09:33.292297024Z 67 PC: 12c17 | Get or set file attributes
2018-12-17T23:09:33.304614519Z 62 PC: 12beb | Close file
2018-12-17T23:09:33.306876374Z 79 PC: 12b30 | Find next file
2018-12-17T23:09:33.309422797Z 59 PC: 12b07 | Change current directory
2018-12-17T23:09:33.313392262Z 59 PC: 12b12 | Change current directory
2018-12-17T23:09:33.317384814Z 26 PC: 12ac7 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16571,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:23.57849049Z 42 PC: 12a55 | Get date 0x12a55: cmp dl, 7
0x12a58: je 0x12a5c
0x12a5a: jne 0x12a6f
0x12a5c: mov ax, 2
0x12a5f: mov cx, 0x3e7
0x12a62: cli
0x12a63: cdq
0x12a64: int 0x26
0x12a66: inc ax
0x12a67: cmp ax, 5
0x12a6a: jne 0x12a64
0x12a6c: sti
0x12a6d: int 0x19
0x12a6f: cmp dl, 5
0x12a72: jg 0x12a7f
0x12a74: mov ax, 0x5f08
0x12a77: mov dl, 0
0x12a79: int 0x21
0x12a7b: mov dl, 1
0x12a7d: int 0x21
2018-12-25T12:53:23.580955292Z 95 PC: 12a7b | Network redirection functions
2018-12-25T12:53:23.582470288Z 95 PC: 12a7f | Network redirection functions
2018-12-25T12:53:23.583873647Z 26 PC: 12ab5 | Set disk transfer address
2018-12-25T12:53:23.584961895Z 71 PC: 12aef | Get current directory
2018-12-25T12:53:23.586653321Z 78 PC: 12b1b | Find first file
2018-12-25T12:53:23.589438781Z 59 PC: 12b07 | Change current directory
2018-12-25T12:53:23.59187795Z 59 PC: 12b12 | Change current directory
2018-12-25T12:53:23.594373089Z 26 PC: 12ac7 | Set disk transfer address

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16571,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:23.883808967Z 42 PC: 12a55 | Get date 0x12a55: cmp dl, 7
0x12a58: je 0x12a5c
0x12a5a: jne 0x12a6f
0x12a5c: mov ax, 2
0x12a5f: mov cx, 0x3e7
0x12a62: cli
0x12a63: cdq
0x12a64: int 0x26
0x12a66: inc ax
0x12a67: cmp ax, 5
0x12a6a: jne 0x12a64
0x12a6c: sti
0x12a6d: int 0x19
0x12a6f: cmp dl, 5
0x12a72: jg 0x12a7f
0x12a74: mov ax, 0x5f08
0x12a77: mov dl, 0
0x12a79: int 0x21
0x12a7b: mov dl, 1
0x12a7d: int 0x21
2018-12-25T12:53:23.886393329Z 26 PC: 12ab5 | Set disk transfer address
2018-12-25T12:53:23.887527416Z 71 PC: 12aef | Get current directory
2018-12-25T12:53:23.889975238Z 78 PC: 12b1b | Find first file
2018-12-25T12:53:23.895949543Z 67 PC: 12b5c | Get or set file attributes
2018-12-25T12:53:23.900681247Z 67 PC: 12c17 | Get or set file attributes
2018-12-25T12:53:25.312184755Z 61 PC: 12b69 | Open file (Filename = '')
2018-12-25T12:53:25.32042742Z 87 PC: 12b74 | Get or set file date and time
2018-12-25T12:53:25.32267242Z 63 PC: 12b81 | Read file or device (Read 28 bytes on handle 5)
2018-12-25T12:53:25.329824653Z 66 PC: 12c1f | Move file pointer
2018-12-25T12:53:25.331609801Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:25.367608288Z 62 PC: 12beb | Close file
2018-12-25T12:53:25.369564473Z 79 PC: 12b30 | Find next file
2018-12-25T12:53:25.374909144Z 67 PC: 12b5c | Get or set file attributes (See above)
2018-12-25T12:53:25.38235686Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:25.425318857Z 61 PC: 12b69 | Open file (See above)
2018-12-25T12:53:25.432449649Z 87 PC: 12b74 | Get or set file date and time (See above)
2018-12-25T12:53:25.434762677Z 63 PC: 12b81 | Read file or device (See above)
2018-12-25T12:53:25.44181408Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:53:25.443316942Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:25.485158635Z 62 PC: 12beb | Close file (See above)
2018-12-25T12:53:25.487655959Z 79 PC: 12b30 | Find next file (See above)
2018-12-25T12:53:25.490569437Z 67 PC: 12b5c | Get or set file attributes (See above)
2018-12-25T12:53:25.497285551Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:25.541748602Z 61 PC: 12b69 | Open file (See above)
2018-12-25T12:53:25.54964011Z 87 PC: 12b74 | Get or set file date and time (See above)
2018-12-25T12:53:25.551001542Z 63 PC: 12b81 | Read file or device (See above)
2018-12-25T12:53:25.558816492Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:53:25.560452394Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:25.621784697Z 62 PC: 12beb | Close file (See above)
2018-12-25T12:53:25.625193883Z 79 PC: 12b30 | Find next file (See above)
2018-12-25T12:53:25.628498019Z 67 PC: 12b5c | Get or set file attributes (See above)
2018-12-25T12:53:25.635080879Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:25.691205418Z 61 PC: 12b69 | Open file (See above)
2018-12-25T12:53:25.699004465Z 87 PC: 12b74 | Get or set file date and time (See above)
2018-12-25T12:53:25.700961056Z 63 PC: 12b81 | Read file or device (See above)
2018-12-25T12:53:25.709481782Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:53:25.711909387Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:25.775872284Z 62 PC: 12beb | Close file (See above)
2018-12-25T12:53:25.782807012Z 79 PC: 12b30 | Find next file (See above)
2018-12-25T12:53:25.785513751Z 67 PC: 12b5c | Get or set file attributes (See above)
2018-12-25T12:53:25.791708016Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:25.886608142Z 61 PC: 12b69 | Open file (See above)
2018-12-25T12:53:25.895055974Z 87 PC: 12b74 | Get or set file date and time (See above)
2018-12-25T12:53:25.896845365Z 63 PC: 12b81 | Read file or device (See above)
2018-12-25T12:53:25.903643536Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:53:25.905668572Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:25.98698285Z 62 PC: 12beb | Close file (See above)
2018-12-25T12:53:25.989058619Z 79 PC: 12b30 | Find next file (See above)
2018-12-25T12:53:25.992454876Z 67 PC: 12b5c | Get or set file attributes (See above)
2018-12-25T12:53:25.998779558Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:26.009984029Z 61 PC: 12b69 | Open file (See above)
2018-12-25T12:53:26.018434715Z 87 PC: 12b74 | Get or set file date and time (See above)
2018-12-25T12:53:26.020579957Z 63 PC: 12b81 | Read file or device (See above)
2018-12-25T12:53:26.028136598Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:53:26.03192577Z 64 PC: 12bbd | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:53:26.035298278Z 64 PC: 12bc8 | Write file or device (Write 560 bytes on handle 5)
2018-12-25T12:53:26.04593966Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:53:26.048758672Z 64 PC: 12bd3 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:53:26.056476172Z 87 PC: 12bda | Get or set file date and time
2018-12-25T12:53:26.058296013Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:26.071219578Z 62 PC: 12beb | Close file (See above)
2018-12-25T12:53:26.078981184Z 79 PC: 12b30 | Find next file (See above)
2018-12-25T12:53:26.081826458Z 67 PC: 12b5c | Get or set file attributes (See above)
2018-12-25T12:53:26.088427488Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:26.099691849Z 61 PC: 12b69 | Open file (See above)
2018-12-25T12:53:26.112789464Z 87 PC: 12b74 | Get or set file date and time (See above)
2018-12-25T12:53:26.114240927Z 63 PC: 12b81 | Read file or device (See above)
2018-12-25T12:53:26.122132281Z 66 PC: 12c1f | Move file pointer (See above)
2018-12-25T12:53:26.123756173Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:26.135138008Z 62 PC: 12beb | Close file (See above)
2018-12-25T12:53:26.138092203Z 79 PC: 12b30 | Find next file (See above)
2018-12-25T12:53:26.141087579Z 67 PC: 12b5c | Get or set file attributes (See above)
2018-12-25T12:53:26.147658025Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:26.159228655Z 61 PC: 12b69 | Open file (See above)
2018-12-25T12:53:26.166666252Z 87 PC: 12b74 | Get or set file date and time (See above)
2018-12-25T12:53:26.168143933Z 63 PC: 12b81 | Read file or device (See above)
2018-12-25T12:53:26.176751739Z 67 PC: 12c17 | Get or set file attributes (See above)
2018-12-25T12:53:26.187893773Z 62 PC: 12beb | Close file (See above)
2018-12-25T12:53:26.189904502Z 79 PC: 12b30 | Find next file (See above)
2018-12-25T12:53:26.19274837Z 59 PC: 12b07 | Change current directory
2018-12-25T12:53:26.197702869Z 59 PC: 12b12 | Change current directory
2018-12-25T12:53:26.202174215Z 26 PC: 12ac7 | Set disk transfer address

{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16571,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:53:25.888657197Z 42 PC: 12a55 | Get date 0x12a55: cmp dl, 7
0x12a58: je 0x12a5c
0x12a5a: jne 0x12a6f
0x12a5c: mov ax, 2
0x12a5f: mov cx, 0x3e7
0x12a62: cli
0x12a63: cdq
0x12a64: int 0x26
0x12a66: inc ax
0x12a67: cmp ax, 5
0x12a6a: jne 0x12a64
0x12a6c: sti
0x12a6d: int 0x19
0x12a6f: cmp dl, 5
0x12a72: jg 0x12a7f
0x12a74: mov ax, 0x5f08
0x12a77: mov dl, 0
0x12a79: int 0x21
0x12a7b: mov dl, 1
0x12a7d: int 0x21