Sample viewer

vx.netlux.org/Virus.DOS.HLLW.DerWurm

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:11:05.490164195Z 74 PC: 134db | Reallocate memory
2018-12-17T23:11:05.492586686Z 48 PC: 13513 | Get DOS version
2018-12-17T23:11:05.495145005Z 74 PC: 143f4 | Reallocate memory
2018-12-17T23:11:05.498954124Z 74 PC: 143f4 | Reallocate memory
2018-12-17T23:11:05.503212778Z 74 PC: 143f4 | Reallocate memory
2018-12-17T23:11:05.506571173Z 42 PC: 13aee | Get date 0x13aee: sub cx, 0x76c
0x13af2: mov ch, al
0x13af4: mov al, cl
0x13af6: xor ah, ah
0x13af8: mov word ptr [bp - 2], dx
0x13afb: mov word ptr [bx + 0xa], ax
0x13afe: mov al, byte ptr [bp - 1]
0x13b01: dec ax
0x13b02: mov word ptr [bx + 8], ax
0x13b05: mov al, byte ptr [bp - 2]
0x13b08: xor ah, ah
0x13b0a: mov word ptr [bx + 6], ax
0x13b0d: mov ah, 0x2c
0x13b0f: int 0x21
0x13b11: mov al, ch
0x13b13: xor ah, ah
0x13b15: mov word ptr [bx + 4], ax
0x13b18: mov al, cl
0x13b1a: mov word ptr [bx + 2], ax
0x13b1d: mov al, dh
2018-12-17T23:11:05.509417543Z 44 PC: 13b11 | Get time 0x13b11: mov al, ch
0x13b13: xor ah, ah
0x13b15: mov word ptr [bx + 4], ax
0x13b18: mov al, cl
0x13b1a: mov word ptr [bx + 2], ax
0x13b1d: mov al, dh
0x13b1f: xor dh, dh
0x13b21: mov si, dx
0x13b23: shl si, 1
0x13b25: shl si, 1
0x13b27: mov word ptr [bx], ax
0x13b29: add si, dx
0x13b2b: mov ah, 0x2a
0x13b2d: int 0x21
0x13b2f: sub cx, 0x76c
0x13b33: mov ch, al
0x13b35: shl si, 1
0x13b37: mov ax, dx
0x13b39: cmp dl, byte ptr [bp - 2]
0x13b3c: je 0x13b56
2018-12-17T23:11:05.512379734Z 42 PC: 13b2f | Get date 0x13b2f: sub cx, 0x76c
0x13b33: mov ch, al
0x13b35: shl si, 1
0x13b37: mov ax, dx
0x13b39: cmp dl, byte ptr [bp - 2]
0x13b3c: je 0x13b56
0x13b3e: cmp word ptr [bx + 4], 0x17
0x13b42: je 0x13b56
0x13b44: mov dl, cl
0x13b46: xor dh, dh
0x13b48: mov word ptr [bx + 0xa], dx
0x13b4b: mov dl, ah
0x13b4d: dec dx
0x13b4e: xor ah, ah
0x13b50: mov word ptr [bx + 8], dx
0x13b53: mov word ptr [bx + 6], ax
0x13b56: mov ax, si
0x13b58: mov word ptr [bx + 0x10], 0xffff
0x13b5d: mov sp, bp
0x13b5f: pop bp
2018-12-17T23:11:05.51819912Z 61 PC: 12d33 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T23:11:05.527309016Z 68 PC: 1363c | I/O control for devices (Set for = '')
2018-12-17T23:11:05.5293301Z 68 PC: 1363c | I/O control for devices (Set for = 'F')
2018-12-17T23:11:05.532305745Z 66 PC: 12ed5 | Move file pointer
2018-12-17T23:11:05.535530459Z 74 PC: 143f4 | Reallocate memory
2018-12-17T23:11:05.538315501Z 66 PC: 12ed5 | Move file pointer
2018-12-17T23:11:05.54140449Z 63 PC: 12fde | Read file or device (Read 10306 bytes on handle 5)
2018-12-17T23:11:05.550203348Z 62 PC: 13a8d | Close file
2018-12-17T23:11:05.552704649Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.554513447Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.561302235Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.563092237Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.567062577Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.568910376Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.572664201Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.574596687Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.581256939Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.582917199Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.586264994Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.589002144Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.593524818Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.59517477Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.602646859Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.604298542Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.608536247Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.611360314Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.614859384Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.616190357Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.623012485Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.624603851Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.627466943Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.628687775Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.633016896Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.634686449Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.648195328Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.650085359Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.65689894Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.658212726Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.667863881Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.670486139Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.677379892Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.679788045Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.683772574Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.685738494Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.690703193Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.692136712Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.698487226Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.700523498Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.704399633Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.705919284Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.709556993Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.71210418Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.719010278Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.720572957Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.724374883Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.72607304Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.730096738Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.732443305Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.73855245Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.739789338Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.744453251Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.745841382Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.749810077Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.751196648Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.757974137Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.759315312Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.76224002Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.76423806Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.76772994Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.768926517Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.775819418Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.777120152Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.780238135Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.78360842Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.787183091Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.788427987Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.794706037Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.797113599Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.800917608Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.80273988Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.807693311Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.809411293Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.815738592Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.818387373Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.82223035Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.823248429Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.825961257Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.827030535Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.830473299Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.831779166Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.833559615Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.834450697Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.837375923Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.838329233Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.842223694Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.843355755Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.846508853Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.847441905Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.850496836Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.852145997Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.85793324Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.858947945Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.861407415Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.862672888Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.864787484Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.86632641Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.869931649Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.87115102Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.874387695Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.875467046Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.878738517Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.880462597Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.886366073Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.88744144Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.891260186Z 26 PC: 132c2 | Set disk transfer address
2018-12-17T23:11:05.892738714Z 78 PC: 132c8 | Find first file
2018-12-17T23:11:05.90386092Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.904941006Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.908554053Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.909573832Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.913006035Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.914606147Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.918067671Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.919446171Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.934464932Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.935626486Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.942701286Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.944473029Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.948126363Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.949361765Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.95272646Z 26 PC: 132d7 | Set disk transfer address
2018-12-17T23:11:05.953792092Z 79 PC: 132db | Find next file
2018-12-17T23:11:05.957745935Z 61 PC: 12d33 | Open file (Filename = 'C:\WINDOWS\XINTUTOR.EXE')
2018-12-17T23:11:05.970971386Z 60 PC: 12de0 | Create or truncate file
2018-12-17T23:11:06.312697005Z 68 PC: 1363c | I/O control for devices (Set for = 'F')
2018-12-17T23:11:06.315272506Z 64 PC: 13134 | Write file or device (Write 10306 bytes on handle 5)
2018-12-17T23:11:06.350724692Z 62 PC: 13a8d | Close file
2018-12-17T23:11:06.361502444Z 66 PC: 12ed5 | Move file pointer
2018-12-17T23:11:06.363727806Z 66 PC: 12ed5 | Move file pointer
2018-12-17T23:11:06.366729074Z 66 PC: 12ed5 | Move file pointer
2018-12-17T23:11:06.369046213Z 66 PC: 12ed5 | Move file pointer
2018-12-17T23:11:06.371345305Z 66 PC: 12ed5 | Move file pointer
2018-12-17T23:11:06.373750161Z 66 PC: 12ed5 | Move file pointer
2018-12-17T23:11:06.375796747Z 66 PC: 12ed5 | Move file pointer
2018-12-17T23:11:06.377577706Z 66 PC: 12ed5 | Move file pointer
2018-12-17T23:11:06.38016457Z 66 PC: 12ed5 | Move file pointer
2018-12-17T23:11:06.382619264Z 66 PC: 12ed5 | Move file pointer
2018-12-17T23:11:06.385561897Z 76 PC: 1360e | Terminate with return code (Return code = '0')