Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.666.m

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:10:21.426972114Z	44	PC: 12b9f \| Get time 0x12b9f: cmp byte ptr [0x106], 0 0x12ba4: je 0x12bab 0x12ba6: cmp dh, 0xf 0x12ba9: jg 0x12bb4 0x12bab: cmp dl, 0 0x12bae: je 0x12b9b 0x12bb0: mov byte ptr [0x106], dl 0x12bb4: mov byte ptr [0x250], 0 0x12bb9: mov byte ptr [0x251], 4 0x12bbe: mov byte ptr [0x25a], 0 0x12bc3: mov cx, 0x27 0x12bc6: mov dx, 0x131 0x12bc9: mov ah, 0x4e 0x12bcb: int 0x21 0x12bcd: cmp ax, 0x12 0x12bd0: je 0x12bd5 0x12bd2: call 0x12bf7 0x12bd5: mov cx, 0x27 0x12bd8: mov dx, 0x137 0x12bdb: mov ah, 0x4e
2018-12-17T23:10:21.4299392Z	78	PC: 12bcd \| Find first file
2018-12-17T23:10:21.435943422Z	78	PC: 12bdf \| Find first file
2018-12-17T23:10:21.441595781Z	67	PC: 12c18 \| Get or set file attributes
2018-12-17T23:10:21.457321114Z	61	PC: 12c1e \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:10:21.4641711Z	63	PC: 12c2d \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:10:21.470359136Z	62	PC: 12c61 \| Close file
2018-12-17T23:10:21.471986058Z	61	PC: 12c6a \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:10:21.483539815Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:10:21.493451544Z	87	PC: 12c92 \| Get or set file date and time
2018-12-17T23:10:21.494811984Z	62	PC: 12c9a \| Close file
2018-12-17T23:10:21.502615741Z	67	PC: 12ca7 \| Get or set file attributes
2018-12-17T23:10:21.507114649Z	79	PC: 12c51 \| Find next file
2018-12-17T23:10:21.509667433Z	67	PC: 12c18 \| Get or set file attributes
2018-12-17T23:10:21.519872714Z	61	PC: 12c1e \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:10:21.526575865Z	63	PC: 12c2d \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:10:21.532676152Z	62	PC: 12c61 \| Close file
2018-12-17T23:10:21.534891011Z	61	PC: 12c6a \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:10:21.545992468Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:10:21.554789187Z	87	PC: 12c92 \| Get or set file date and time
2018-12-17T23:10:21.56483983Z	62	PC: 12c9a \| Close file
2018-12-17T23:10:21.571595209Z	67	PC: 12ca7 \| Get or set file attributes
2018-12-17T23:10:21.576145284Z	79	PC: 12c51 \| Find next file
2018-12-17T23:10:21.579111235Z	67	PC: 12c18 \| Get or set file attributes
2018-12-17T23:10:21.5886233Z	61	PC: 12c1e \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:10:21.596256889Z	63	PC: 12c2d \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:10:21.605409887Z	62	PC: 12c61 \| Close file
2018-12-17T23:10:21.607485374Z	61	PC: 12c6a \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:10:21.618683037Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:10:21.628956017Z	87	PC: 12c92 \| Get or set file date and time
2018-12-17T23:10:21.645745061Z	62	PC: 12c9a \| Close file
2018-12-17T23:10:21.658228517Z	67	PC: 12ca7 \| Get or set file attributes
2018-12-17T23:10:21.663033058Z	79	PC: 12c51 \| Find next file
2018-12-17T23:10:21.665563307Z	67	PC: 12c18 \| Get or set file attributes
2018-12-17T23:10:21.674989319Z	61	PC: 12c1e \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:10:21.681230952Z	63	PC: 12c2d \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:10:21.68750574Z	62	PC: 12c61 \| Close file
2018-12-17T23:10:21.689121849Z	61	PC: 12c6a \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:10:21.701289926Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:10:21.710141474Z	87	PC: 12c92 \| Get or set file date and time
2018-12-17T23:10:21.711450231Z	62	PC: 12c9a \| Close file
2018-12-17T23:10:21.718863901Z	67	PC: 12ca7 \| Get or set file attributes
2018-12-17T23:10:21.723810324Z	9	PC: 12cd6 \| Display string (String= ' This program requires Microsoft Windows.')
2018-12-17T23:10:21.728621087Z	76	PC: 12cda \| Terminate with return code (Return code = '36')