Sample viewer

vx.netlux.org/Virus.DOS.Vienna.679.a

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:08:11.763301815Z	48	PC: 12a6b \| Get DOS version
2018-12-17T22:08:11.765052262Z	47	PC: 12a77 \| Get disk transfer address
2018-12-17T22:08:11.766209581Z	26	PC: 12a8a \| Set disk transfer address
2018-12-17T22:08:11.767700836Z	78	PC: 12b1c \| Find first file
2018-12-17T22:08:11.774447047Z	67	PC: 12b5a \| Get or set file attributes
2018-12-17T22:08:11.780081812Z	67	PC: 12b6c \| Get or set file attributes
2018-12-17T22:08:11.797526266Z	61	PC: 12b77 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:08:11.804696618Z	87	PC: 12b83 \| Get or set file date and time
2018-12-17T22:08:11.806123937Z	42	PC: 12b8f \| Get date 0x12b8f: cmp dh, 2 0x12b92: jne 0x12bb2 0x12b94: mov al, 2 0x12b96: mov cx, 0x96 0x12b99: mov dx, 0 0x12b9c: int 0x26 0x12b9e: mov al, 3 0x12ba0: mov cx, 0x96 0x12ba3: mov dx, 0 0x12ba6: int 0x26 0x12ba8: mov al, 4 0x12baa: mov cx, 0x96 0x12bad: mov dx, 0 0x12bb0: int 0x26 0x12bb2: mov ah, 0x3f 0x12bb4: mov cx, 3 0x12bb7: mov dx, 0x18 0x12bba: nop 0x12bbb: add dx, si 0x12bbd: int 0x21
2018-12-17T22:08:11.808142212Z	63	PC: 12bbf \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:08:11.814419623Z	66	PC: 12bd1 \| Move file pointer
2018-12-17T22:08:11.830660919Z	64	PC: 12bf5 \| Write file or device (Write 679 bytes on handle 5)
2018-12-17T22:08:11.840445498Z	66	PC: 12c07 \| Move file pointer
2018-12-17T22:08:11.842143432Z	64	PC: 12c16 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:08:11.849301941Z	87	PC: 12c29 \| Get or set file date and time
2018-12-17T22:08:11.85099207Z	62	PC: 12c2d \| Close file
2018-12-17T22:08:11.858569895Z	67	PC: 12c3c \| Get or set file attributes
2018-12-17T22:08:11.868788003Z	26	PC: 12c49 \| Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2033,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:44:47.607532129Z	48	PC: 12a6b \| Get DOS version
2018-12-25T11:44:47.610224933Z	47	PC: 12a77 \| Get disk transfer address
2018-12-25T11:44:47.611462175Z	26	PC: 12a8a \| Set disk transfer address
2018-12-25T11:44:47.61281876Z	78	PC: 12b1c \| Find first file
2018-12-25T11:44:47.619592428Z	67	PC: 12b5a \| Get or set file attributes
2018-12-25T11:44:47.625290961Z	67	PC: 12b6c \| Get or set file attributes
2018-12-25T11:44:47.644579752Z	61	PC: 12b77 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:47.657332095Z	87	PC: 12b83 \| Get or set file date and time
2018-12-25T11:44:47.674694032Z	42	PC: 12b8f \| Get date 0x12b8f: cmp dh, 2 0x12b92: jne 0x12bb2 0x12b94: mov al, 2 0x12b96: mov cx, 0x96 0x12b99: mov dx, 0 0x12b9c: int 0x26 0x12b9e: mov al, 3 0x12ba0: mov cx, 0x96 0x12ba3: mov dx, 0 0x12ba6: int 0x26 0x12ba8: mov al, 4 0x12baa: mov cx, 0x96 0x12bad: mov dx, 0 0x12bb0: int 0x26 0x12bb2: mov ah, 0x3f 0x12bb4: mov cx, 3 0x12bb7: mov dx, 0x18 0x12bba: nop 0x12bbb: add dx, si 0x12bbd: int 0x21
2018-12-25T11:44:47.676897341Z	63	PC: 12bbf \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:47.681437925Z	66	PC: 12bd1 \| Move file pointer
2018-12-25T11:44:47.68240776Z	64	PC: 12bf5 \| Write file or device (Write 679 bytes on handle 5)
2018-12-25T11:44:47.687859152Z	66	PC: 12c07 \| Move file pointer
2018-12-25T11:44:47.68926151Z	64	PC: 12c16 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:47.693327445Z	87	PC: 12c29 \| Get or set file date and time
2018-12-25T11:44:47.694370989Z	62	PC: 12c2d \| Close file
2018-12-25T11:44:47.700784907Z	67	PC: 12c3c \| Get or set file attributes
2018-12-25T11:44:47.711231856Z	26	PC: 12c49 \| Set disk transfer address

{"DateBased":true,"Day":1,"Month":2,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2033,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:44:47.666681497Z	48	PC: 12a6b \| Get DOS version
2018-12-25T11:44:47.668061457Z	47	PC: 12a77 \| Get disk transfer address
2018-12-25T11:44:47.668975992Z	26	PC: 12a8a \| Set disk transfer address
2018-12-25T11:44:47.669977768Z	78	PC: 12b1c \| Find first file
2018-12-25T11:44:47.676524136Z	67	PC: 12b5a \| Get or set file attributes
2018-12-25T11:44:47.680536067Z	67	PC: 12b6c \| Get or set file attributes
2018-12-25T11:44:47.695296774Z	61	PC: 12b77 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:47.712959391Z	87	PC: 12b83 \| Get or set file date and time
2018-12-25T11:44:47.71430922Z	42	PC: 12b8f \| Get date 0x12b8f: cmp dh, 2 0x12b92: jne 0x12bb2 0x12b94: mov al, 2 0x12b96: mov cx, 0x96 0x12b99: mov dx, 0 0x12b9c: int 0x26 0x12b9e: mov al, 3 0x12ba0: mov cx, 0x96 0x12ba3: mov dx, 0 0x12ba6: int 0x26 0x12ba8: mov al, 4 0x12baa: mov cx, 0x96 0x12bad: mov dx, 0 0x12bb0: int 0x26 0x12bb2: mov ah, 0x3f 0x12bb4: mov cx, 3 0x12bb7: mov dx, 0x18 0x12bba: nop 0x12bbb: add dx, si 0x12bbd: int 0x21
2018-12-25T11:44:47.7168444Z	63	PC: 12bbf \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:44:47.723486624Z	66	PC: 12bd1 \| Move file pointer
2018-12-25T11:44:47.724976569Z	64	PC: 12bf5 \| Write file or device (Write 679 bytes on handle 5)
2018-12-25T11:44:47.733936062Z	66	PC: 12c07 \| Move file pointer
2018-12-25T11:44:47.735486492Z	64	PC: 12c16 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:44:47.741438689Z	87	PC: 12c29 \| Get or set file date and time
2018-12-25T11:44:47.742634647Z	62	PC: 12c2d \| Close file
2018-12-25T11:44:47.749371998Z	67	PC: 12c3c \| Get or set file attributes
2018-12-25T11:44:47.761110637Z	26	PC: 12c49 \| Set disk transfer address