Sample viewer

vx.netlux.org/Virus.DOS.Big.506

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:04:54.109286911Z	44	PC: 12b11 \| Get time 0x12b11: cmp byte ptr [0x106], 0 0x12b16: je 0x12b18 0x12b18: cmp dl, 0 0x12b1b: je 0x12b0d 0x12b1d: mov byte ptr [0x106], dl 0x12b21: mov byte ptr [0x107], dh 0x12b25: mov byte ptr [0x1c2], 0 0x12b2a: mov byte ptr [0x1c3], 4 0x12b2f: mov byte ptr [0x1cc], 0 0x12b34: mov cx, 0x27 0x12b37: mov dx, 0x141 0x12b3a: mov ah, 0x4e 0x12b3c: int 0x21 0x12b3e: cmp ax, 0x12 0x12b41: je 0x12b46 0x12b43: call 0x12b68 0x12b46: mov cx, 0x27 0x12b49: mov dx, 0x147 0x12b4c: mov ah, 0x4e 0x12b4e: int 0x21
2018-12-17T22:04:54.111823391Z	78	PC: 12b3e \| Find first file
2018-12-17T22:04:54.117539558Z	78	PC: 12b50 \| Find first file
2018-12-17T22:04:54.121242228Z	67	PC: 12b89 \| Get or set file attributes
2018-12-17T22:04:54.144347204Z	61	PC: 12b8f \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:04:54.156840475Z	63	PC: 12b9e \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:04:54.163385313Z	62	PC: 12bd2 \| Close file
2018-12-17T22:04:54.166013139Z	61	PC: 12bdb \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:04:54.173651279Z	64	PC: 12a5b \| Write file or device (Write 506 bytes on handle 5)
2018-12-17T22:04:54.176623199Z	87	PC: 12c03 \| Get or set file date and time
2018-12-17T22:04:54.17867144Z	62	PC: 12c0b \| Close file
2018-12-17T22:04:54.185918735Z	67	PC: 12c18 \| Get or set file attributes
2018-12-17T22:04:54.190715041Z	79	PC: 12bc2 \| Find next file
2018-12-17T22:04:54.195651941Z	67	PC: 12b89 \| Get or set file attributes
2018-12-17T22:04:54.205633058Z	61	PC: 12b8f \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:04:54.212165156Z	63	PC: 12b9e \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:04:54.218660885Z	62	PC: 12bd2 \| Close file
2018-12-17T22:04:54.220637146Z	61	PC: 12bdb \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:04:54.227634266Z	64	PC: 12a5b \| Write file or device (Write 506 bytes on handle 5)
2018-12-17T22:04:54.230630105Z	87	PC: 12c03 \| Get or set file date and time
2018-12-17T22:04:54.232493839Z	62	PC: 12c0b \| Close file
2018-12-17T22:04:54.240106586Z	67	PC: 12c18 \| Get or set file attributes
2018-12-17T22:04:54.24480163Z	79	PC: 12bc2 \| Find next file
2018-12-17T22:04:54.259230434Z	67	PC: 12b89 \| Get or set file attributes
2018-12-17T22:04:54.269577516Z	61	PC: 12b8f \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:04:54.276461092Z	63	PC: 12b9e \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:04:54.28969396Z	62	PC: 12bd2 \| Close file
2018-12-17T22:04:54.292448677Z	61	PC: 12bdb \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:04:54.299641548Z	64	PC: 12a5b \| Write file or device (Write 506 bytes on handle 5)
2018-12-17T22:04:54.303635712Z	87	PC: 12c03 \| Get or set file date and time
2018-12-17T22:04:54.30538032Z	62	PC: 12c0b \| Close file
2018-12-17T22:04:54.314308336Z	67	PC: 12c18 \| Get or set file attributes
2018-12-17T22:04:54.321335521Z	79	PC: 12bc2 \| Find next file
2018-12-17T22:04:54.327379618Z	67	PC: 12b89 \| Get or set file attributes
2018-12-17T22:04:54.337737546Z	61	PC: 12b8f \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:04:54.34574315Z	63	PC: 12b9e \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:04:54.352279815Z	62	PC: 12bd2 \| Close file
2018-12-17T22:04:54.354070318Z	61	PC: 12bdb \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:04:54.361636838Z	64	PC: 12a5b \| Write file or device (Write 506 bytes on handle 5)
2018-12-17T22:04:54.364701922Z	87	PC: 12c03 \| Get or set file date and time
2018-12-17T22:04:54.366317534Z	62	PC: 12c0b \| Close file
2018-12-17T22:04:54.374646751Z	67	PC: 12c18 \| Get or set file attributes
2018-12-17T22:04:54.384580259Z	9	PC: 12c36 \| Display string (String= ' Program too big to fit in memory')
2018-12-17T22:04:54.388846265Z	76	PC: 12c3a \| Terminate with return code (Return code = '36')