Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.666.q

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:11:44.944041343Z	44	PC: 12b93 \| Get time 0x12b93: cmp byte ptr [0x106], 0 0x12b98: je 0x12b9f 0x12b9a: cmp dh, 0xf 0x12b9d: jg 0x12ba8 0x12b9f: cmp dl, 0 0x12ba2: je 0x12b8f 0x12ba4: mov byte ptr [0x106], dl 0x12ba8: mov byte ptr [0x244], 0 0x12bad: mov byte ptr [0x245], 4 0x12bb2: mov byte ptr [0x24e], 0 0x12bb7: mov cx, 0x27 0x12bba: mov dx, 0x131 0x12bbd: mov ah, 0x4e 0x12bbf: int 0x21 0x12bc1: cmp ax, 0x12 0x12bc4: je 0x12bc9 0x12bc6: call 0x12beb 0x12bc9: mov cx, 0x27 0x12bcc: mov dx, 0x137 0x12bcf: mov ah, 0x4e
2018-12-17T23:11:44.949520872Z	78	PC: 12bc1 \| Find first file
2018-12-17T23:11:44.956921108Z	78	PC: 12bd3 \| Find first file
2018-12-17T23:11:44.963668605Z	67	PC: 12c0c \| Get or set file attributes
2018-12-17T23:11:44.989080587Z	61	PC: 12c12 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:11:45.001279109Z	63	PC: 12c21 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:11:45.016602699Z	62	PC: 12c55 \| Close file
2018-12-17T23:11:45.019770644Z	61	PC: 12c5e \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:11:45.029058011Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:11:45.038493596Z	87	PC: 12c86 \| Get or set file date and time
2018-12-17T23:11:45.055237719Z	62	PC: 12c8e \| Close file
2018-12-17T23:11:45.065725682Z	67	PC: 12c9b \| Get or set file attributes
2018-12-17T23:11:45.071202146Z	79	PC: 12c45 \| Find next file
2018-12-17T23:11:45.075552985Z	67	PC: 12c0c \| Get or set file attributes
2018-12-17T23:11:45.088343851Z	61	PC: 12c12 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:11:45.096570014Z	63	PC: 12c21 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:11:45.103829783Z	62	PC: 12c55 \| Close file
2018-12-17T23:11:45.107485689Z	61	PC: 12c5e \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:11:45.115813695Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:11:45.125462428Z	87	PC: 12c86 \| Get or set file date and time
2018-12-17T23:11:45.127655026Z	62	PC: 12c8e \| Close file
2018-12-17T23:11:45.137850112Z	67	PC: 12c9b \| Get or set file attributes
2018-12-17T23:11:45.144588333Z	79	PC: 12c45 \| Find next file
2018-12-17T23:11:45.148046471Z	67	PC: 12c0c \| Get or set file attributes
2018-12-17T23:11:45.160538743Z	61	PC: 12c12 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:11:45.169333584Z	63	PC: 12c21 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:11:45.177336355Z	62	PC: 12c55 \| Close file
2018-12-17T23:11:45.181048036Z	61	PC: 12c5e \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:11:45.190188275Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:11:45.199894851Z	87	PC: 12c86 \| Get or set file date and time
2018-12-17T23:11:45.202655703Z	62	PC: 12c8e \| Close file
2018-12-17T23:11:45.212078386Z	67	PC: 12c9b \| Get or set file attributes
2018-12-17T23:11:45.21778381Z	79	PC: 12c45 \| Find next file
2018-12-17T23:11:45.22205296Z	67	PC: 12c0c \| Get or set file attributes
2018-12-17T23:11:45.233912653Z	61	PC: 12c12 \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:11:45.242240596Z	63	PC: 12c21 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:11:45.2501595Z	62	PC: 12c55 \| Close file
2018-12-17T23:11:45.253039456Z	61	PC: 12c5e \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:11:45.261308183Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T23:11:45.271667957Z	87	PC: 12c86 \| Get or set file date and time
2018-12-17T23:11:45.275779661Z	62	PC: 12c8e \| Close file
2018-12-17T23:11:45.282124391Z	67	PC: 12c9b \| Get or set file attributes
2018-12-17T23:11:45.285636788Z	9	PC: 12cca \| Display string (String= ' Program too big to fit in memory')
2018-12-17T23:11:45.290725607Z	76	PC: 12cce \| Terminate with return code (Return code = '36')