Sample viewer

vx.netlux.org/Virus.DOS.Vicky.Demon.304

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:08:14.063885429Z 78 PC: 12a51 | Find first file
2018-12-17T22:08:14.06972775Z 67 PC: 12aa0 | Get or set file attributes
2018-12-17T22:08:14.075980772Z 67 PC: 12ab0 | Get or set file attributes
2018-12-17T22:08:14.091390734Z 61 PC: 12ab8 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:08:14.097780738Z 87 PC: 12ac2 | Get or set file date and time
2018-12-17T22:08:14.099648276Z 64 PC: 12ad9 | Write file or device (Write 304 bytes on handle 5)
2018-12-17T22:08:14.106175438Z 87 PC: 12ae9 | Get or set file date and time
2018-12-17T22:08:14.107640886Z 62 PC: 12aef | Close file
2018-12-17T22:08:14.115533581Z 67 PC: 12afe | Get or set file attributes
2018-12-17T22:08:14.127508918Z 79 PC: 12a69 | Find next file
2018-12-17T22:08:14.130076581Z 67 PC: 12aa0 | Get or set file attributes
2018-12-17T22:08:14.135593825Z 67 PC: 12ab0 | Get or set file attributes
2018-12-17T22:08:14.145665515Z 61 PC: 12ab8 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:08:14.152186666Z 87 PC: 12ac2 | Get or set file date and time
2018-12-17T22:08:14.153682309Z 64 PC: 12ad9 | Write file or device (Write 304 bytes on handle 5)
2018-12-17T22:08:14.162063605Z 87 PC: 12ae9 | Get or set file date and time
2018-12-17T22:08:14.163517942Z 62 PC: 12aef | Close file
2018-12-17T22:08:14.170676988Z 67 PC: 12afe | Get or set file attributes
2018-12-17T22:08:14.183532396Z 79 PC: 12a69 | Find next file
2018-12-17T22:08:14.186118115Z 67 PC: 12aa0 | Get or set file attributes
2018-12-17T22:08:14.191534744Z 67 PC: 12ab0 | Get or set file attributes
2018-12-17T22:08:14.201441477Z 61 PC: 12ab8 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:08:14.207798837Z 87 PC: 12ac2 | Get or set file date and time
2018-12-17T22:08:14.209125934Z 64 PC: 12ad9 | Write file or device (Write 304 bytes on handle 5)
2018-12-17T22:08:14.215870035Z 87 PC: 12ae9 | Get or set file date and time
2018-12-17T22:08:14.217477257Z 62 PC: 12aef | Close file
2018-12-17T22:08:14.224610954Z 67 PC: 12afe | Get or set file attributes
2018-12-17T22:08:14.236518448Z 79 PC: 12a69 | Find next file
2018-12-17T22:08:14.238407372Z 67 PC: 12aa0 | Get or set file attributes
2018-12-17T22:08:14.245195756Z 67 PC: 12ab0 | Get or set file attributes
2018-12-17T22:08:14.252524429Z 61 PC: 12ab8 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:08:14.259531114Z 87 PC: 12ac2 | Get or set file date and time
2018-12-17T22:08:14.261390885Z 64 PC: 12ad9 | Write file or device (Write 304 bytes on handle 5)
2018-12-17T22:08:14.268592456Z 87 PC: 12ae9 | Get or set file date and time
2018-12-17T22:08:14.271167596Z 62 PC: 12aef | Close file
2018-12-17T22:08:14.278254567Z 67 PC: 12afe | Get or set file attributes
2018-12-17T22:08:14.287705352Z 79 PC: 12a69 | Find next file
2018-12-17T22:08:14.290508245Z 67 PC: 12aa0 | Get or set file attributes
2018-12-17T22:08:14.301161994Z 67 PC: 12ab0 | Get or set file attributes
2018-12-17T22:08:14.313411165Z 61 PC: 12ab8 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:08:14.320550676Z 87 PC: 12ac2 | Get or set file date and time
2018-12-17T22:08:14.322016547Z 64 PC: 12ad9 | Write file or device (Write 304 bytes on handle 5)
2018-12-17T22:08:14.328666691Z 87 PC: 12ae9 | Get or set file date and time
2018-12-17T22:08:14.330292362Z 62 PC: 12aef | Close file
2018-12-17T22:08:14.336185581Z 67 PC: 12afe | Get or set file attributes
2018-12-17T22:08:14.343254234Z 79 PC: 12a69 | Find next file
2018-12-17T22:08:14.34669384Z 67 PC: 12aa0 | Get or set file attributes
2018-12-17T22:08:14.352578093Z 67 PC: 12ab0 | Get or set file attributes
2018-12-17T22:08:14.36456028Z 61 PC: 12ab8 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:08:14.376606643Z 87 PC: 12ac2 | Get or set file date and time
2018-12-17T22:08:14.379479891Z 64 PC: 12ad9 | Write file or device (Write 304 bytes on handle 5)
2018-12-17T22:08:14.385859386Z 87 PC: 12ae9 | Get or set file date and time
2018-12-17T22:08:14.396171357Z 62 PC: 12aef | Close file
2018-12-17T22:08:14.404743374Z 67 PC: 12afe | Get or set file attributes
2018-12-17T22:08:14.414442761Z 79 PC: 12a69 | Find next file
2018-12-17T22:08:14.416928662Z 67 PC: 12aa0 | Get or set file attributes
2018-12-17T22:08:14.423115029Z 67 PC: 12ab0 | Get or set file attributes
2018-12-17T22:08:14.433121057Z 61 PC: 12ab8 | Open file (Filename = 'PAH.COM')
2018-12-17T22:08:14.444583977Z 87 PC: 12ac2 | Get or set file date and time
2018-12-17T22:08:14.446898353Z 64 PC: 12ad9 | Write file or device (Write 304 bytes on handle 5)
2018-12-17T22:08:14.453447067Z 87 PC: 12ae9 | Get or set file date and time
2018-12-17T22:08:14.454965404Z 62 PC: 12aef | Close file
2018-12-17T22:08:14.462427517Z 67 PC: 12afe | Get or set file attributes
2018-12-17T22:08:14.471973557Z 79 PC: 12a69 | Find next file
2018-12-17T22:08:14.474648189Z 42 PC: 12a7a | Get date 0x12a7a: cmp al, 5
0x12a7c: je 0x12a82
0x12a7e: mov ah, 0x4c
0x12a80: int 0x21
0x12a82: mov byte ptr [0x1cb], 0
0x12a87: nop
0x12a88: jmp 0x12a8b
0x12a8a: nop
0x12a8b: mov ah, 9
0x12a8d: mov dx, 0x1fb
0x12a90: int 0x21
0x12a92: mov ah, 0x4c
0x12a94: int 0x21
0x12a96: mov dx, 0x9e
0x12a99: mov ax, 0x4300
0x12a9c: jmp 0x12a9e
0x12a9e: int 0x21
0x12aa0: jmp 0x12aa2
0x12aa2: mov word ptr [0x1c9], cx
0x12aa6: nop
2018-12-17T22:08:14.477916035Z 76 PC: 12a82 | Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2037,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:48.08561788Z 78 PC: 12a51 | Find first file
2018-12-25T11:44:48.090201275Z 67 PC: 12aa0 | Get or set file attributes
2018-12-25T11:44:48.093845847Z 67 PC: 12ab0 | Get or set file attributes
2018-12-25T11:44:48.109840128Z 61 PC: 12ab8 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:48.117186434Z 87 PC: 12ac2 | Get or set file date and time
2018-12-25T11:44:48.118411691Z 64 PC: 12ad9 | Write file or device (Write 304 bytes on handle 5)
2018-12-25T11:44:48.124636074Z 87 PC: 12ae9 | Get or set file date and time
2018-12-25T11:44:48.127273479Z 62 PC: 12aef | Close file
2018-12-25T11:44:48.134372146Z 67 PC: 12afe | Get or set file attributes
2018-12-25T11:44:48.143757733Z 79 PC: 12a69 | Find next file
2018-12-25T11:44:48.14673565Z 67 PC: 12aa0 | Get or set file attributes (See above)
2018-12-25T11:44:48.152115089Z 67 PC: 12ab0 | Get or set file attributes (See above)
2018-12-25T11:44:48.163974593Z 61 PC: 12ab8 | Open file (See above)
2018-12-25T11:44:48.176189458Z 87 PC: 12ac2 | Get or set file date and time (See above)
2018-12-25T11:44:48.181904014Z 64 PC: 12ad9 | Write file or device (See above)
2018-12-25T11:44:48.189148455Z 87 PC: 12ae9 | Get or set file date and time (See above)
2018-12-25T11:44:48.191059377Z 62 PC: 12aef | Close file (See above)
2018-12-25T11:44:48.199340331Z 67 PC: 12afe | Get or set file attributes (See above)
2018-12-25T11:44:48.209409512Z 79 PC: 12a69 | Find next file (See above)
2018-12-25T11:44:48.211715947Z 67 PC: 12aa0 | Get or set file attributes (See above)
2018-12-25T11:44:48.215907663Z 67 PC: 12ab0 | Get or set file attributes (See above)
2018-12-25T11:44:48.222115705Z 61 PC: 12ab8 | Open file (See above)
2018-12-25T11:44:48.231115166Z 87 PC: 12ac2 | Get or set file date and time (See above)
2018-12-25T11:44:48.23327673Z 64 PC: 12ad9 | Write file or device (See above)
2018-12-25T11:44:48.24018628Z 87 PC: 12ae9 | Get or set file date and time (See above)
2018-12-25T11:44:48.241973124Z 62 PC: 12aef | Close file (See above)
2018-12-25T11:44:48.250176608Z 67 PC: 12afe | Get or set file attributes (See above)
2018-12-25T11:44:48.273348583Z 79 PC: 12a69 | Find next file (See above)
2018-12-25T11:44:48.275893023Z 67 PC: 12aa0 | Get or set file attributes (See above)
2018-12-25T11:44:48.281654661Z 67 PC: 12ab0 | Get or set file attributes (See above)
2018-12-25T11:44:48.291515394Z 61 PC: 12ab8 | Open file (See above)
2018-12-25T11:44:48.302118139Z 87 PC: 12ac2 | Get or set file date and time (See above)
2018-12-25T11:44:48.303531163Z 64 PC: 12ad9 | Write file or device (See above)
2018-12-25T11:44:48.312227015Z 87 PC: 12ae9 | Get or set file date and time (See above)
2018-12-25T11:44:48.31433964Z 62 PC: 12aef | Close file (See above)
2018-12-25T11:44:48.321509334Z 67 PC: 12afe | Get or set file attributes (See above)
2018-12-25T11:44:48.332098059Z 79 PC: 12a69 | Find next file (See above)
2018-12-25T11:44:48.334608185Z 67 PC: 12aa0 | Get or set file attributes (See above)
2018-12-25T11:44:48.339946886Z 67 PC: 12ab0 | Get or set file attributes (See above)
2018-12-25T11:44:48.349778133Z 61 PC: 12ab8 | Open file (See above)
2018-12-25T11:44:48.361745679Z 87 PC: 12ac2 | Get or set file date and time (See above)
2018-12-25T11:44:48.363128539Z 64 PC: 12ad9 | Write file or device (See above)
2018-12-25T11:44:48.370414538Z 87 PC: 12ae9 | Get or set file date and time (See above)
2018-12-25T11:44:48.37205598Z 62 PC: 12aef | Close file (See above)
2018-12-25T11:44:48.379677279Z 67 PC: 12afe | Get or set file attributes (See above)
2018-12-25T11:44:48.390480945Z 79 PC: 12a69 | Find next file (See above)
2018-12-25T11:44:48.39330075Z 67 PC: 12aa0 | Get or set file attributes (See above)
2018-12-25T11:44:48.398794011Z 67 PC: 12ab0 | Get or set file attributes (See above)
2018-12-25T11:44:48.408549359Z 61 PC: 12ab8 | Open file (See above)
2018-12-25T11:44:48.415514614Z 87 PC: 12ac2 | Get or set file date and time (See above)
2018-12-25T11:44:48.417114945Z 64 PC: 12ad9 | Write file or device (See above)
2018-12-25T11:44:48.424329491Z 87 PC: 12ae9 | Get or set file date and time (See above)
2018-12-25T11:44:48.426413637Z 62 PC: 12aef | Close file (See above)
2018-12-25T11:44:48.433464588Z 67 PC: 12afe | Get or set file attributes (See above)
2018-12-25T11:44:48.447216364Z 79 PC: 12a69 | Find next file (See above)
2018-12-25T11:44:48.449752659Z 67 PC: 12aa0 | Get or set file attributes (See above)
2018-12-25T11:44:48.45596034Z 67 PC: 12ab0 | Get or set file attributes (See above)
2018-12-25T11:44:48.466382588Z 61 PC: 12ab8 | Open file (See above)
2018-12-25T11:44:48.472911765Z 87 PC: 12ac2 | Get or set file date and time (See above)
2018-12-25T11:44:48.474295517Z 64 PC: 12ad9 | Write file or device (See above)
2018-12-25T11:44:48.48142518Z 87 PC: 12ae9 | Get or set file date and time (See above)
2018-12-25T11:44:48.483291367Z 62 PC: 12aef | Close file (See above)
2018-12-25T11:44:48.490835973Z 67 PC: 12afe | Get or set file attributes (See above)
2018-12-25T11:44:48.508477556Z 79 PC: 12a69 | Find next file (See above)
2018-12-25T11:44:48.51275983Z 42 PC: 12a7a | Get date 0x12a7a: cmp al, 5
0x12a7c: je 0x12a82
0x12a7e: mov ah, 0x4c
0x12a80: int 0x21
0x12a82: mov byte ptr [0x1cb], 0
0x12a87: nop
0x12a88: jmp 0x12a8b
0x12a8a: nop
0x12a8b: mov ah, 9
0x12a8d: mov dx, 0x1fb
0x12a90: int 0x21
0x12a92: mov ah, 0x4c
0x12a94: int 0x21
0x12a96: mov dx, 0x9e
0x12a99: mov ax, 0x4300
0x12a9c: jmp 0x12a9e
0x12a9e: int 0x21
0x12aa0: jmp 0x12aa2
0x12aa2: mov word ptr [0x1c9], cx
0x12aa6: nop
2018-12-25T11:44:48.515973952Z 76 PC: 12a82 | Terminate with return code (Return code = '2')

{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2037,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:44:48.094371176Z 78 PC: 12a51 | Find first file
2018-12-25T11:44:48.100329742Z 67 PC: 12aa0 | Get or set file attributes
2018-12-25T11:44:48.104719079Z 67 PC: 12ab0 | Get or set file attributes
2018-12-25T11:44:48.12150099Z 61 PC: 12ab8 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:44:48.133350058Z 87 PC: 12ac2 | Get or set file date and time
2018-12-25T11:44:48.138784095Z 64 PC: 12ad9 | Write file or device (Write 304 bytes on handle 5)
2018-12-25T11:44:48.145715212Z 87 PC: 12ae9 | Get or set file date and time
2018-12-25T11:44:48.147591296Z 62 PC: 12aef | Close file
2018-12-25T11:44:48.155457263Z 67 PC: 12afe | Get or set file attributes
2018-12-25T11:44:48.169073855Z 79 PC: 12a69 | Find next file
2018-12-25T11:44:48.172293086Z 67 PC: 12aa0 | Get or set file attributes (See above)
2018-12-25T11:44:48.17813463Z 67 PC: 12ab0 | Get or set file attributes (See above)
2018-12-25T11:44:48.187723921Z 61 PC: 12ab8 | Open file (See above)
2018-12-25T11:44:48.200079345Z 87 PC: 12ac2 | Get or set file date and time (See above)
2018-12-25T11:44:48.204392025Z 64 PC: 12ad9 | Write file or device (See above)
2018-12-25T11:44:48.211153073Z 87 PC: 12ae9 | Get or set file date and time (See above)
2018-12-25T11:44:48.213034691Z 62 PC: 12aef | Close file (See above)
2018-12-25T11:44:48.221744119Z 67 PC: 12afe | Get or set file attributes (See above)
2018-12-25T11:44:48.231648737Z 79 PC: 12a69 | Find next file (See above)
2018-12-25T11:44:48.23428388Z 67 PC: 12aa0 | Get or set file attributes (See above)
2018-12-25T11:44:48.240868144Z 67 PC: 12ab0 | Get or set file attributes (See above)
2018-12-25T11:44:48.250542314Z 61 PC: 12ab8 | Open file (See above)
2018-12-25T11:44:48.25738265Z 87 PC: 12ac2 | Get or set file date and time (See above)
2018-12-25T11:44:48.259731475Z 64 PC: 12ad9 | Write file or device (See above)
2018-12-25T11:44:48.270941946Z 87 PC: 12ae9 | Get or set file date and time (See above)
2018-12-25T11:44:48.272597769Z 62 PC: 12aef | Close file (See above)
2018-12-25T11:44:48.282115023Z 67 PC: 12afe | Get or set file attributes (See above)
2018-12-25T11:44:48.292113652Z 79 PC: 12a69 | Find next file (See above)
2018-12-25T11:44:48.294916958Z 67 PC: 12aa0 | Get or set file attributes (See above)
2018-12-25T11:44:48.301505262Z 67 PC: 12ab0 | Get or set file attributes (See above)
2018-12-25T11:44:48.31184593Z 61 PC: 12ab8 | Open file (See above)
2018-12-25T11:44:48.318583144Z 87 PC: 12ac2 | Get or set file date and time (See above)
2018-12-25T11:44:48.320796998Z 64 PC: 12ad9 | Write file or device (See above)
2018-12-25T11:44:48.328968097Z 87 PC: 12ae9 | Get or set file date and time (See above)
2018-12-25T11:44:48.331026476Z 62 PC: 12aef | Close file (See above)
2018-12-25T11:44:48.339870708Z 67 PC: 12afe | Get or set file attributes (See above)
2018-12-25T11:44:48.35297098Z 79 PC: 12a69 | Find next file (See above)
2018-12-25T11:44:48.355536402Z 67 PC: 12aa0 | Get or set file attributes (See above)
2018-12-25T11:44:48.361908488Z 67 PC: 12ab0 | Get or set file attributes (See above)
2018-12-25T11:44:48.371883882Z 61 PC: 12ab8 | Open file (See above)
2018-12-25T11:44:48.378701857Z 87 PC: 12ac2 | Get or set file date and time (See above)
2018-12-25T11:44:48.381207238Z 64 PC: 12ad9 | Write file or device (See above)
2018-12-25T11:44:48.388139514Z 87 PC: 12ae9 | Get or set file date and time (See above)
2018-12-25T11:44:48.389912807Z 62 PC: 12aef | Close file (See above)
2018-12-25T11:44:48.397722776Z 67 PC: 12afe | Get or set file attributes (See above)
2018-12-25T11:44:48.411532Z 79 PC: 12a69 | Find next file (See above)
2018-12-25T11:44:48.41398054Z 67 PC: 12aa0 | Get or set file attributes (See above)
2018-12-25T11:44:48.419717732Z 67 PC: 12ab0 | Get or set file attributes (See above)
2018-12-25T11:44:48.429713108Z 61 PC: 12ab8 | Open file (See above)
2018-12-25T11:44:48.436170211Z 87 PC: 12ac2 | Get or set file date and time (See above)
2018-12-25T11:44:48.437385775Z 64 PC: 12ad9 | Write file or device (See above)
2018-12-25T11:44:48.443914002Z 87 PC: 12ae9 | Get or set file date and time (See above)
2018-12-25T11:44:48.445625852Z 62 PC: 12aef | Close file (See above)
2018-12-25T11:44:48.459133079Z 67 PC: 12afe | Get or set file attributes (See above)
2018-12-25T11:44:48.475855956Z 79 PC: 12a69 | Find next file (See above)
2018-12-25T11:44:48.482541407Z 67 PC: 12aa0 | Get or set file attributes (See above)
2018-12-25T11:44:48.488098232Z 67 PC: 12ab0 | Get or set file attributes (See above)
2018-12-25T11:44:48.498227405Z 61 PC: 12ab8 | Open file (See above)
2018-12-25T11:44:48.505097828Z 87 PC: 12ac2 | Get or set file date and time (See above)
2018-12-25T11:44:48.50650568Z 64 PC: 12ad9 | Write file or device (See above)
2018-12-25T11:44:48.514521314Z 87 PC: 12ae9 | Get or set file date and time (See above)
2018-12-25T11:44:48.516728061Z 62 PC: 12aef | Close file (See above)
2018-12-25T11:44:48.524101451Z 67 PC: 12afe | Get or set file attributes (See above)
2018-12-25T11:44:48.538049549Z 79 PC: 12a69 | Find next file (See above)
2018-12-25T11:44:48.541509358Z 42 PC: 12a7a | Get date 0x12a7a: cmp al, 5
0x12a7c: je 0x12a82
0x12a7e: mov ah, 0x4c
0x12a80: int 0x21
0x12a82: mov byte ptr [0x1cb], 0
0x12a87: nop
0x12a88: jmp 0x12a8b
0x12a8a: nop
0x12a8b: mov ah, 9
0x12a8d: mov dx, 0x1fb
0x12a90: int 0x21
0x12a92: mov ah, 0x4c
0x12a94: int 0x21
0x12a96: mov dx, 0x9e
0x12a99: mov ax, 0x4300
0x12a9c: jmp 0x12a9e
0x12a9e: int 0x21
0x12aa0: jmp 0x12aa2
0x12aa2: mov word ptr [0x1c9], cx
0x12aa6: nop
2018-12-25T11:44:48.544004347Z 9 PC: 12a92 | Display string (String= ' I love you , Vicky! Come back! I forgived you ! ')
2018-12-25T11:44:48.554790522Z 76 PC: 12a96 | Terminate with return code (Return code = '36')