Sample viewer

vx.netlux.org/Virus.DOS.BrPI.Kobrin.492

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:12:26.858593722Z	42	PC: 12a48 \| Get date 0x12a48: cmp dl, 0x17 0x12a4b: jne 0x12a81 0x12a4d: push bp 0x12a4e: mov cx, 0x1d 0x12a51: mov si, 0x230 0x12a54: call 0x12bf9 0x12a57: xor al, al 0x12a59: push ax 0x12a5a: mov cx, 0x28 0x12a5d: xor bx, bx 0x12a5f: xor dx, dx 0x12a61: int 0x26 0x12a63: pop ax 0x12a64: jb 0x12a71 0x12a66: mov cx, 0x1d 0x12a69: mov dx, 0x230 0x12a6c: inc bx 0x12a6d: mov ah, 0x40 0x12a6f: int 0x21 0x12a71: pop ax
2018-12-17T23:12:26.861486792Z	26	PC: 12a88 \| Set disk transfer address
2018-12-17T23:12:26.863263474Z	37	PC: 12a90 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:12:26.864676692Z	78	PC: 12bcd \| Find first file
2018-12-17T23:12:26.87109361Z	67	PC: 12ae5 \| Get or set file attributes
2018-12-17T23:12:27.212978665Z	61	PC: 12aed \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T23:12:27.220270508Z	63	PC: 12afb \| Read file or device (Read 492 bytes on handle 5)
2018-12-17T23:12:27.223101479Z	66	PC: 12b1d \| Move file pointer
2018-12-17T23:12:27.224727246Z	64	PC: 12b34 \| Write file or device (Write 492 bytes on handle 5)
2018-12-17T23:12:27.229452528Z	66	PC: 12b3f \| Move file pointer
2018-12-17T23:12:27.231535625Z	64	PC: 12b49 \| Write file or device (Write 492 bytes on handle 5)
2018-12-17T23:12:27.234563036Z	87	PC: 12b56 \| Get or set file date and time
2018-12-17T23:12:27.235956857Z	62	PC: 12b5a \| Close file
2018-12-17T23:12:27.240981161Z	67	PC: 12b68 \| Get or set file attributes
2018-12-17T23:12:27.249214487Z	79	PC: 12b6f \| Find next file
2018-12-17T23:12:27.251869369Z	78	PC: 12aaf \| Find first file
2018-12-17T23:12:27.258034626Z	67	PC: 12ae5 \| Get or set file attributes
2018-12-17T23:12:27.274977541Z	61	PC: 12aed \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:12:27.281718979Z	63	PC: 12afb \| Read file or device (Read 492 bytes on handle 5)
2018-12-17T23:12:27.288160475Z	66	PC: 12b1d \| Move file pointer
2018-12-17T23:12:27.290586588Z	87	PC: 12b56 \| Get or set file date and time
2018-12-17T23:12:27.292047431Z	62	PC: 12b5a \| Close file
2018-12-17T23:12:27.298917519Z	67	PC: 12b68 \| Get or set file attributes
2018-12-17T23:12:27.31029347Z	79	PC: 12b6f \| Find next file
2018-12-17T23:12:27.313228546Z	67	PC: 12ae5 \| Get or set file attributes
2018-12-17T23:12:27.323064427Z	61	PC: 12aed \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:12:27.329652289Z	63	PC: 12afb \| Read file or device (Read 492 bytes on handle 5)
2018-12-17T23:12:27.336480996Z	66	PC: 12c1e \| Move file pointer
2018-12-17T23:12:27.338139899Z	64	PC: 12c28 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:12:27.34101874Z	87	PC: 12b56 \| Get or set file date and time
2018-12-17T23:12:27.343303642Z	62	PC: 12b5a \| Close file
2018-12-17T23:12:27.356604923Z	67	PC: 12b68 \| Get or set file attributes
2018-12-17T23:12:27.366460933Z	79	PC: 12b6f \| Find next file
2018-12-17T23:12:27.36965479Z	67	PC: 12ae5 \| Get or set file attributes
2018-12-17T23:12:27.379900605Z	61	PC: 12aed \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:12:27.386349802Z	63	PC: 12afb \| Read file or device (Read 492 bytes on handle 5)
2018-12-17T23:12:27.393199435Z	66	PC: 12c1e \| Move file pointer
2018-12-17T23:12:27.394911788Z	64	PC: 12c28 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:12:27.397921282Z	87	PC: 12b56 \| Get or set file date and time
2018-12-17T23:12:27.400328272Z	62	PC: 12b5a \| Close file
2018-12-17T23:12:27.407857404Z	67	PC: 12b68 \| Get or set file attributes
2018-12-17T23:12:27.417824092Z	79	PC: 12b6f \| Find next file
2018-12-17T23:12:27.421482463Z	67	PC: 12ae5 \| Get or set file attributes
2018-12-17T23:12:27.427852342Z	61	PC: 12aed \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:12:27.434991386Z	63	PC: 12afb \| Read file or device (Read 492 bytes on handle 5)
2018-12-17T23:12:27.439952581Z	66	PC: 12c1e \| Move file pointer
2018-12-17T23:12:27.441047235Z	64	PC: 12c28 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:12:27.442949274Z	87	PC: 12b56 \| Get or set file date and time
2018-12-17T23:12:27.444746857Z	62	PC: 12b5a \| Close file
2018-12-17T23:12:27.449523695Z	67	PC: 12b68 \| Get or set file attributes
2018-12-17T23:12:27.455721566Z	79	PC: 12b6f \| Find next file
2018-12-17T23:12:27.459387966Z	67	PC: 12ae5 \| Get or set file attributes
2018-12-17T23:12:27.469670805Z	61	PC: 12aed \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:12:27.476536475Z	63	PC: 12afb \| Read file or device (Read 492 bytes on handle 5)
2018-12-17T23:12:27.483798231Z	66	PC: 12c1e \| Move file pointer
2018-12-17T23:12:27.485323716Z	64	PC: 12c28 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:12:27.487920272Z	87	PC: 12b56 \| Get or set file date and time
2018-12-17T23:12:27.490045746Z	62	PC: 12b5a \| Close file
2018-12-17T23:12:27.497044135Z	67	PC: 12b68 \| Get or set file attributes
2018-12-17T23:12:27.509565927Z	79	PC: 12b6f \| Find next file
2018-12-17T23:12:27.512696069Z	67	PC: 12ae5 \| Get or set file attributes
2018-12-17T23:12:27.522660282Z	61	PC: 12aed \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:12:27.529220483Z	63	PC: 12afb \| Read file or device (Read 492 bytes on handle 5)
2018-12-17T23:12:27.53575465Z	66	PC: 12c1e \| Move file pointer
2018-12-17T23:12:27.537567776Z	64	PC: 12c28 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:12:27.540153058Z	87	PC: 12b56 \| Get or set file date and time
2018-12-17T23:12:27.542301178Z	62	PC: 12b5a \| Close file
2018-12-17T23:12:27.549532291Z	67	PC: 12b68 \| Get or set file attributes
2018-12-17T23:12:27.559344585Z	79	PC: 12b6f \| Find next file
2018-12-17T23:12:27.563082937Z	67	PC: 12ae5 \| Get or set file attributes
2018-12-17T23:12:27.575812528Z	61	PC: 12aed \| Open file (Filename = 'PAH.COM')
2018-12-17T23:12:27.58232736Z	63	PC: 12afb \| Read file or device (Read 492 bytes on handle 5)
2018-12-17T23:12:27.589299736Z	66	PC: 12c1e \| Move file pointer
2018-12-17T23:12:27.590684764Z	64	PC: 12c28 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T23:12:27.593233315Z	87	PC: 12b56 \| Get or set file date and time
2018-12-17T23:12:27.595786086Z	62	PC: 12b5a \| Close file
2018-12-17T23:12:27.606697684Z	67	PC: 12b68 \| Get or set file attributes
2018-12-17T23:12:27.616414152Z	79	PC: 12b6f \| Find next file
2018-12-17T23:12:27.61952215Z	26	PC: 12ac2 \| Set disk transfer address
2018-12-17T23:12:27.62057006Z	37	PC: 12acc \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17522,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:55:54.077703258Z	42	PC: 12a48 \| Get date 0x12a48: cmp dl, 0x17 0x12a4b: jne 0x12a81 0x12a4d: push bp 0x12a4e: mov cx, 0x1d 0x12a51: mov si, 0x230 0x12a54: call 0x12bf9 0x12a57: xor al, al 0x12a59: push ax 0x12a5a: mov cx, 0x28 0x12a5d: xor bx, bx 0x12a5f: xor dx, dx 0x12a61: int 0x26 0x12a63: pop ax 0x12a64: jb 0x12a71 0x12a66: mov cx, 0x1d 0x12a69: mov dx, 0x230 0x12a6c: inc bx 0x12a6d: mov ah, 0x40 0x12a6f: int 0x21 0x12a71: pop ax
2018-12-25T12:55:54.080151275Z	26	PC: 12a88 \| Set disk transfer address
2018-12-25T12:55:54.081109461Z	37	PC: 12a90 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:55:54.082212375Z	78	PC: 12bcd \| Find first file
2018-12-25T12:55:54.088524596Z	67	PC: 12ae5 \| Get or set file attributes
2018-12-25T12:55:54.508742926Z	61	PC: 12aed \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-25T12:55:54.51481011Z	63	PC: 12afb \| Read file or device (Read 492 bytes on handle 5)
2018-12-25T12:55:54.518016174Z	66	PC: 12b1d \| Move file pointer
2018-12-25T12:55:54.519951238Z	64	PC: 12b34 \| Write file or device (Write 492 bytes on handle 5)
2018-12-25T12:55:54.527050631Z	66	PC: 12b3f \| Move file pointer
2018-12-25T12:55:54.528319287Z	64	PC: 12b49 \| Write file or device (Write 492 bytes on handle 5)
2018-12-25T12:55:54.531676811Z	87	PC: 12b56 \| Get or set file date and time
2018-12-25T12:55:54.533021256Z	62	PC: 12b5a \| Close file
2018-12-25T12:55:54.539287573Z	67	PC: 12b68 \| Get or set file attributes
2018-12-25T12:55:54.548392215Z	79	PC: 12b6f \| Find next file
2018-12-25T12:55:54.551166713Z	78	PC: 12aaf \| Find first file
2018-12-25T12:55:54.557148085Z	67	PC: 12ae5 \| Get or set file attributes (See above)
2018-12-25T12:55:54.57371947Z	61	PC: 12aed \| Open file (See above)
2018-12-25T12:55:54.580149909Z	63	PC: 12afb \| Read file or device (See above)
2018-12-25T12:55:54.586270835Z	66	PC: 12b1d \| Move file pointer (See above)
2018-12-25T12:55:54.588098808Z	87	PC: 12b56 \| Get or set file date and time (See above)
2018-12-25T12:55:54.589496489Z	62	PC: 12b5a \| Close file (See above)
2018-12-25T12:55:54.597143065Z	67	PC: 12b68 \| Get or set file attributes (See above)
2018-12-25T12:55:54.606963441Z	79	PC: 12b6f \| Find next file (See above)
2018-12-25T12:55:54.609539788Z	67	PC: 12ae5 \| Get or set file attributes (See above)
2018-12-25T12:55:54.618954877Z	61	PC: 12aed \| Open file (See above)
2018-12-25T12:55:54.625692915Z	63	PC: 12afb \| Read file or device (See above)
2018-12-25T12:55:54.631937361Z	66	PC: 12b1d \| Move file pointer (See above)
2018-12-25T12:55:54.633209764Z	87	PC: 12b56 \| Get or set file date and time (See above)
2018-12-25T12:55:54.634707226Z	62	PC: 12b5a \| Close file (See above)
2018-12-25T12:55:54.641793583Z	67	PC: 12b68 \| Get or set file attributes (See above)
2018-12-25T12:55:54.653537641Z	79	PC: 12b6f \| Find next file (See above)
2018-12-25T12:55:54.656607311Z	67	PC: 12ae5 \| Get or set file attributes (See above)
2018-12-25T12:55:54.66646981Z	61	PC: 12aed \| Open file (See above)
2018-12-25T12:55:54.672827294Z	63	PC: 12afb \| Read file or device (See above)
2018-12-25T12:55:54.67905843Z	66	PC: 12b1d \| Move file pointer (See above)
2018-12-25T12:55:54.681068926Z	87	PC: 12b56 \| Get or set file date and time (See above)
2018-12-25T12:55:54.682359404Z	62	PC: 12b5a \| Close file (See above)
2018-12-25T12:55:54.689133811Z	67	PC: 12b68 \| Get or set file attributes (See above)
2018-12-25T12:55:54.69886015Z	79	PC: 12b6f \| Find next file (See above)
2018-12-25T12:55:54.701228491Z	67	PC: 12ae5 \| Get or set file attributes (See above)
2018-12-25T12:55:54.710450596Z	61	PC: 12aed \| Open file (See above)
2018-12-25T12:55:54.722229305Z	63	PC: 12afb \| Read file or device (See above)
2018-12-25T12:55:54.728357348Z	66	PC: 12b1d \| Move file pointer (See above)
2018-12-25T12:55:54.729566145Z	87	PC: 12b56 \| Get or set file date and time (See above)
2018-12-25T12:55:54.731401111Z	62	PC: 12b5a \| Close file (See above)
2018-12-25T12:55:54.738265954Z	67	PC: 12b68 \| Get or set file attributes (See above)
2018-12-25T12:55:54.748070902Z	79	PC: 12b6f \| Find next file (See above)
2018-12-25T12:55:54.751266582Z	67	PC: 12ae5 \| Get or set file attributes (See above)
2018-12-25T12:55:54.760883973Z	61	PC: 12aed \| Open file (See above)
2018-12-25T12:55:54.767691821Z	63	PC: 12afb \| Read file or device (See above)
2018-12-25T12:55:54.775004566Z	66	PC: 12b1d \| Move file pointer (See above)
2018-12-25T12:55:54.776413768Z	87	PC: 12b56 \| Get or set file date and time (See above)
2018-12-25T12:55:54.777850539Z	62	PC: 12b5a \| Close file (See above)
2018-12-25T12:55:54.785705756Z	67	PC: 12b68 \| Get or set file attributes (See above)
2018-12-25T12:55:54.795286588Z	79	PC: 12b6f \| Find next file (See above)
2018-12-25T12:55:54.797733502Z	67	PC: 12ae5 \| Get or set file attributes (See above)
2018-12-25T12:55:54.807300446Z	61	PC: 12aed \| Open file (See above)
2018-12-25T12:55:54.814148354Z	63	PC: 12afb \| Read file or device (See above)
2018-12-25T12:55:54.820435854Z	66	PC: 12b1d \| Move file pointer (See above)
2018-12-25T12:55:54.821857307Z	64	PC: 12b34 \| Write file or device (See above)
2018-12-25T12:55:54.830298718Z	66	PC: 12b3f \| Move file pointer (See above)
2018-12-25T12:55:54.831700622Z	64	PC: 12b49 \| Write file or device (See above)
2018-12-25T12:55:54.838092856Z	87	PC: 12b56 \| Get or set file date and time (See above)
2018-12-25T12:55:54.840591182Z	62	PC: 12b5a \| Close file (See above)
2018-12-25T12:55:54.848494764Z	67	PC: 12b68 \| Get or set file attributes (See above)
2018-12-25T12:55:54.858257874Z	79	PC: 12b6f \| Find next file (See above)
2018-12-25T12:55:54.861321451Z	67	PC: 12ae5 \| Get or set file attributes (See above)
2018-12-25T12:55:54.871186523Z	61	PC: 12aed \| Open file (See above)
2018-12-25T12:55:54.881243729Z	63	PC: 12afb \| Read file or device (See above)
2018-12-25T12:55:54.886749165Z	66	PC: 12b1d \| Move file pointer (See above)
2018-12-25T12:55:54.88789975Z	87	PC: 12b56 \| Get or set file date and time (See above)
2018-12-25T12:55:54.889221273Z	62	PC: 12b5a \| Close file (See above)
2018-12-25T12:55:54.897047158Z	67	PC: 12b68 \| Get or set file attributes (See above)
2018-12-25T12:55:54.909467228Z	79	PC: 12b6f \| Find next file (See above)
2018-12-25T12:55:54.91180623Z	26	PC: 12ac2 \| Set disk transfer address
2018-12-25T12:55:54.913087868Z	37	PC: 12acc \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')

{"DateBased":true,"Day":23,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17522,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:55:54.483144414Z	42	PC: 12a48 \| Get date 0x12a48: cmp dl, 0x17 0x12a4b: jne 0x12a81 0x12a4d: push bp 0x12a4e: mov cx, 0x1d 0x12a51: mov si, 0x230 0x12a54: call 0x12bf9 0x12a57: xor al, al 0x12a59: push ax 0x12a5a: mov cx, 0x28 0x12a5d: xor bx, bx 0x12a5f: xor dx, dx 0x12a61: int 0x26 0x12a63: pop ax 0x12a64: jb 0x12a71 0x12a66: mov cx, 0x1d 0x12a69: mov dx, 0x230 0x12a6c: inc bx 0x12a6d: mov ah, 0x40 0x12a6f: int 0x21 0x12a71: pop ax
2018-12-25T12:55:54.511642391Z	64	PC: 12a71 \| Write file or device (Write 29 bytes on handle 1)