Sample viewer

vx.netlux.org/Virus.DOS.Mindless.429

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:05:54.381420533Z 37 PC: 12a67 | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:05:54.384366123Z 37 PC: 12a6b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:05:54.386096662Z 42 PC: 12a73 | Get date 0x12a73: cmp al, 0
0x12a75: jne 0x12ace
0x12a77: jmp 0x12a7a
0x12a79: nop
0x12a7a: mov cx, 0x46
0x12a7d: nop
0x12a7e: mov si, 0x220
0x12a81: mov di, 0x266
0x12a84: mov al, byte ptr [si]
0x12a86: mov byte ptr [0x2ac], al
0x12a89: xor byte ptr [0x2ac], 1
0x12a8e: mov al, byte ptr [0x2ac]
0x12a91: mov byte ptr [di], al
0x12a93: inc si
0x12a94: inc di
0x12a95: loop 0x12a84
0x12a97: cmp byte ptr [0x2ad], 0x1b
0x12a9c: jge 0x12ab5
0x12a9e: pushf
0x12a9f: mov al, byte ptr [0x2ad]
2018-12-17T22:05:54.389072497Z 78 PC: 12b18 | Find first file
2018-12-17T22:05:54.396715341Z 67 PC: 12b21 | Get or set file attributes
2018-12-17T22:05:54.402635619Z 67 PC: 12b2b | Get or set file attributes
2018-12-17T22:05:54.417855395Z 61 PC: 12b33 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:05:54.425357325Z 87 PC: 12b3b | Get or set file date and time
2018-12-17T22:05:54.426707974Z 64 PC: 12b47 | Write file or device (Write 429 bytes on handle 5)
2018-12-17T22:05:54.433349169Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:05:54.435151843Z 62 PC: 12b53 | Close file
2018-12-17T22:05:54.447610127Z 79 PC: 12b57 | Find next file
2018-12-17T22:05:54.450534004Z 67 PC: 12b21 | Get or set file attributes
2018-12-17T22:05:54.46643338Z 67 PC: 12b2b | Get or set file attributes
2018-12-17T22:05:54.48104849Z 61 PC: 12b33 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:05:54.48778174Z 87 PC: 12b3b | Get or set file date and time
2018-12-17T22:05:54.489331062Z 64 PC: 12b47 | Write file or device (Write 429 bytes on handle 5)
2018-12-17T22:05:54.496666093Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:05:54.498509471Z 62 PC: 12b53 | Close file
2018-12-17T22:05:54.506088718Z 79 PC: 12b57 | Find next file
2018-12-17T22:05:54.51006689Z 67 PC: 12b21 | Get or set file attributes
2018-12-17T22:05:54.515601353Z 67 PC: 12b2b | Get or set file attributes
2018-12-17T22:05:54.52557843Z 61 PC: 12b33 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:05:54.532708408Z 87 PC: 12b3b | Get or set file date and time
2018-12-17T22:05:54.534420722Z 64 PC: 12b47 | Write file or device (Write 429 bytes on handle 5)
2018-12-17T22:05:54.541329802Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:05:54.54386999Z 62 PC: 12b53 | Close file
2018-12-17T22:05:54.552351172Z 79 PC: 12b57 | Find next file
2018-12-17T22:05:54.55773146Z 67 PC: 12b21 | Get or set file attributes
2018-12-17T22:05:54.564263381Z 67 PC: 12b2b | Get or set file attributes
2018-12-17T22:05:54.579612309Z 61 PC: 12b33 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:05:54.591336274Z 87 PC: 12b3b | Get or set file date and time
2018-12-17T22:05:54.593139636Z 64 PC: 12b47 | Write file or device (Write 429 bytes on handle 5)
2018-12-17T22:05:54.60000109Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:05:54.601871713Z 62 PC: 12b53 | Close file
2018-12-17T22:05:54.888779335Z 79 PC: 12b57 | Find next file
2018-12-17T22:05:54.892332557Z 67 PC: 12b21 | Get or set file attributes
2018-12-17T22:05:54.898279638Z 67 PC: 12b2b | Get or set file attributes
2018-12-17T22:05:54.946199474Z 61 PC: 12b33 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:05:54.951298867Z 87 PC: 12b3b | Get or set file date and time
2018-12-17T22:05:54.952369994Z 64 PC: 12b47 | Write file or device (Write 429 bytes on handle 5)
2018-12-17T22:05:54.956986267Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:05:54.958814132Z 62 PC: 12b53 | Close file
2018-12-17T22:05:54.964514784Z 79 PC: 12b57 | Find next file
2018-12-17T22:05:54.967463663Z 67 PC: 12b21 | Get or set file attributes
2018-12-17T22:05:54.975156208Z 67 PC: 12b2b | Get or set file attributes
2018-12-17T22:05:54.981817126Z 61 PC: 12b33 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:05:54.988383118Z 87 PC: 12b3b | Get or set file date and time
2018-12-17T22:05:54.99083412Z 64 PC: 12b47 | Write file or device (Write 429 bytes on handle 5)
2018-12-17T22:05:54.997078536Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:05:54.998989662Z 62 PC: 12b53 | Close file
2018-12-17T22:05:55.007172042Z 79 PC: 12b57 | Find next file
2018-12-17T22:05:55.0097591Z 67 PC: 12b21 | Get or set file attributes
2018-12-17T22:05:55.013578223Z 67 PC: 12b2b | Get or set file attributes
2018-12-17T22:05:55.023838936Z 61 PC: 12b33 | Open file (Filename = 'PAH.COM')
2018-12-17T22:05:55.03140357Z 87 PC: 12b3b | Get or set file date and time
2018-12-17T22:05:55.032577829Z 64 PC: 12b47 | Write file or device (Write 429 bytes on handle 5)
2018-12-17T22:05:55.038126334Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:05:55.03987429Z 62 PC: 12b53 | Close file
2018-12-17T22:05:55.044653181Z 79 PC: 12b57 | Find next file
2018-12-17T22:05:55.047339678Z 67 PC: 12b21 | Get or set file attributes
2018-12-17T22:05:55.051418495Z 67 PC: 12b2b | Get or set file attributes
2018-12-17T22:05:55.058611716Z 61 PC: 12b33 | Open file (Filename = 'TEST.COM')
2018-12-17T22:05:55.065929768Z 87 PC: 12b3b | Get or set file date and time
2018-12-17T22:05:55.068161643Z 64 PC: 12b47 | Write file or device (Write 429 bytes on handle 5)
2018-12-17T22:05:55.075311644Z 87 PC: 12b4f | Get or set file date and time
2018-12-17T22:05:55.077916704Z 62 PC: 12b53 | Close file
2018-12-17T22:05:55.086365586Z 79 PC: 12b57 | Find next file

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1783,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:18.742019033Z 37 PC: 12a67 | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T11:44:18.743648308Z 37 PC: 12a6b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:44:18.745871125Z 42 PC: 12a73 | Get date 0x12a73: cmp al, 0
0x12a75: jne 0x12ace
0x12a77: jmp 0x12a7a
0x12a79: nop
0x12a7a: mov cx, 0x46
0x12a7d: nop
0x12a7e: mov si, 0x220
0x12a81: mov di, 0x266
0x12a84: mov al, byte ptr [si]
0x12a86: mov byte ptr [0x2ac], al
0x12a89: xor byte ptr [0x2ac], 1
0x12a8e: mov al, byte ptr [0x2ac]
0x12a91: mov byte ptr [di], al
0x12a93: inc si
0x12a94: inc di
0x12a95: loop 0x12a84
0x12a97: cmp byte ptr [0x2ad], 0x1b
0x12a9c: jge 0x12ab5
0x12a9e: pushf
0x12a9f: mov al, byte ptr [0x2ad]
2018-12-25T11:44:18.749231561Z 78 PC: 12b18 | Find first file
2018-12-25T11:44:18.756227508Z 67 PC: 12b21 | Get or set file attributes
2018-12-25T11:44:18.762860844Z 67 PC: 12b2b | Get or set file attributes
2018-12-25T11:44:18.96541879Z 61 PC: 12b33 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:18.973548996Z 87 PC: 12b3b | Get or set file date and time
2018-12-25T11:44:18.97645692Z 64 PC: 12b47 | Write file or device (Write 429 bytes on handle 5)
2018-12-25T11:44:18.984340364Z 87 PC: 12b4f | Get or set file date and time
2018-12-25T11:44:18.986544196Z 62 PC: 12b53 | Close file
2018-12-25T11:44:18.9951677Z 79 PC: 12b57 | Find next file
2018-12-25T11:44:18.99803908Z 67 PC: 12b21 | Get or set file attributes (See above)
2018-12-25T11:44:19.005393632Z 67 PC: 12b2b | Get or set file attributes (See above)
2018-12-25T11:44:19.017391478Z 61 PC: 12b33 | Open file (See above)
2018-12-25T11:44:19.025291642Z 87 PC: 12b3b | Get or set file date and time (See above)
2018-12-25T11:44:19.027351539Z 64 PC: 12b47 | Write file or device (See above)
2018-12-25T11:44:19.035711499Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T11:44:19.03742026Z 62 PC: 12b53 | Close file (See above)
2018-12-25T11:44:19.04589096Z 79 PC: 12b57 | Find next file (See above)
2018-12-25T11:44:19.049148635Z 67 PC: 12b21 | Get or set file attributes (See above)
2018-12-25T11:44:19.05622464Z 67 PC: 12b2b | Get or set file attributes (See above)
2018-12-25T11:44:19.067964174Z 61 PC: 12b33 | Open file (See above)
2018-12-25T11:44:19.075839064Z 87 PC: 12b3b | Get or set file date and time (See above)
2018-12-25T11:44:19.080684466Z 64 PC: 12b47 | Write file or device (See above)
2018-12-25T11:44:19.088749354Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T11:44:19.090964177Z 62 PC: 12b53 | Close file (See above)
2018-12-25T11:44:19.100940035Z 79 PC: 12b57 | Find next file (See above)
2018-12-25T11:44:19.103936515Z 67 PC: 12b21 | Get or set file attributes (See above)
2018-12-25T11:44:19.110485626Z 67 PC: 12b2b | Get or set file attributes (See above)
2018-12-25T11:44:19.119497073Z 61 PC: 12b33 | Open file (See above)
2018-12-25T11:44:19.126958035Z 87 PC: 12b3b | Get or set file date and time (See above)
2018-12-25T11:44:19.128254474Z 64 PC: 12b47 | Write file or device (See above)
2018-12-25T11:44:19.13367399Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T11:44:19.134804658Z 62 PC: 12b53 | Close file (See above)
2018-12-25T11:44:19.139669573Z 79 PC: 12b57 | Find next file (See above)
2018-12-25T11:44:19.142179666Z 67 PC: 12b21 | Get or set file attributes (See above)
2018-12-25T11:44:19.14627191Z 67 PC: 12b2b | Get or set file attributes (See above)
2018-12-25T11:44:19.152693865Z 61 PC: 12b33 | Open file (See above)
2018-12-25T11:44:19.157432761Z 87 PC: 12b3b | Get or set file date and time (See above)
2018-12-25T11:44:19.15880428Z 64 PC: 12b47 | Write file or device (See above)
2018-12-25T11:44:19.1632796Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T11:44:19.164771286Z 62 PC: 12b53 | Close file (See above)
2018-12-25T11:44:19.170219881Z 79 PC: 12b57 | Find next file (See above)
2018-12-25T11:44:19.172178994Z 67 PC: 12b21 | Get or set file attributes (See above)
2018-12-25T11:44:19.17911214Z 67 PC: 12b2b | Get or set file attributes (See above)
2018-12-25T11:44:19.193802161Z 61 PC: 12b33 | Open file (See above)
2018-12-25T11:44:19.202374567Z 87 PC: 12b3b | Get or set file date and time (See above)
2018-12-25T11:44:19.204204738Z 64 PC: 12b47 | Write file or device (See above)
2018-12-25T11:44:19.212803886Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T11:44:19.214758573Z 62 PC: 12b53 | Close file (See above)
2018-12-25T11:44:19.223130624Z 79 PC: 12b57 | Find next file (See above)
2018-12-25T11:44:19.22734612Z 67 PC: 12b21 | Get or set file attributes (See above)
2018-12-25T11:44:19.234250535Z 67 PC: 12b2b | Get or set file attributes (See above)
2018-12-25T11:44:19.245375621Z 61 PC: 12b33 | Open file (See above)
2018-12-25T11:44:19.254253018Z 87 PC: 12b3b | Get or set file date and time (See above)
2018-12-25T11:44:19.256175991Z 64 PC: 12b47 | Write file or device (See above)
2018-12-25T11:44:19.264520092Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T11:44:19.267226826Z 62 PC: 12b53 | Close file (See above)
2018-12-25T11:44:19.276285484Z 79 PC: 12b57 | Find next file (See above)
2018-12-25T11:44:19.279442524Z 67 PC: 12b21 | Get or set file attributes (See above)
2018-12-25T11:44:19.286729141Z 67 PC: 12b2b | Get or set file attributes (See above)
2018-12-25T11:44:19.298089287Z 61 PC: 12b33 | Open file (See above)
2018-12-25T11:44:19.305535459Z 87 PC: 12b3b | Get or set file date and time (See above)
2018-12-25T11:44:19.307500927Z 64 PC: 12b47 | Write file or device (See above)
2018-12-25T11:44:19.315654075Z 87 PC: 12b4f | Get or set file date and time (See above)
2018-12-25T11:44:19.317470035Z 62 PC: 12b53 | Close file (See above)
2018-12-25T11:44:19.325907794Z 79 PC: 12b57 | Find next file (See above)

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1783,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:19.162358462Z 37 PC: 12a67 | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T11:44:19.164478483Z 37 PC: 12a6b | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:44:19.166797742Z 42 PC: 12a73 | Get date 0x12a73: cmp al, 0
0x12a75: jne 0x12ace
0x12a77: jmp 0x12a7a
0x12a79: nop
0x12a7a: mov cx, 0x46
0x12a7d: nop
0x12a7e: mov si, 0x220
0x12a81: mov di, 0x266
0x12a84: mov al, byte ptr [si]
0x12a86: mov byte ptr [0x2ac], al
0x12a89: xor byte ptr [0x2ac], 1
0x12a8e: mov al, byte ptr [0x2ac]
0x12a91: mov byte ptr [di], al
0x12a93: inc si
0x12a94: inc di
0x12a95: loop 0x12a84
0x12a97: cmp byte ptr [0x2ad], 0x1b
0x12a9c: jge 0x12ab5
0x12a9e: pushf
0x12a9f: mov al, byte ptr [0x2ad]
2018-12-25T11:44:19.16935373Z 43 PC: 12abf | Set date
2018-12-25T11:44:19.172499553Z 45 PC: 12ac9 | Set time
2018-12-25T11:44:19.17597945Z 76 PC: 12ace | Terminate with return code (Return code = '0')