Sample viewer

vx.netlux.org/Virus.DOS.Riot.Immortal.550

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:09:18.150411374Z	26	PC: 12a71 \| Set disk transfer address
2018-12-17T22:09:18.152413744Z	53	PC: 12a77 \| Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:09:18.15388948Z	53	PC: 12a84 \| Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:09:18.155411006Z	44	PC: 12a8f \| Get time 0x12a8f: cmp dl, 0xd 0x12a92: jg 0x12a98 0x12a94: mov al, 0x82 0x12a96: out 0x21, al 0x12a98: lea dx, word ptr [bp + 0x2d0] 0x12a9c: call 0x12b90 0x12a9f: lea dx, word ptr [bp + 0x2e0] 0x12aa3: call 0x12b90 0x12aa6: mov ah, 0x3c 0x12aa8: mov cx, 0 0x12aab: lea dx, word ptr [bp + 0x2f2] 0x12aaf: int 0x21 0x12ab1: lea dx, word ptr [bp + 0x300] 0x12ab5: mov si, 0x1f 0x12ab8: nop 0x12ab9: call 0x12be1 0x12abc: mov bx, ax 0x12abe: mov ax, 0x4000 0x12ac1: mov cx, 0x1f 0x12ac4: nop
2018-12-17T22:09:18.158673674Z	61	PC: 12b95 \| Open file (Filename = '')
2018-12-17T22:09:18.168326431Z	63	PC: 12ba3 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:09:18.174010295Z	66	PC: 12bb2 \| Move file pointer
2018-12-17T22:09:18.176397942Z	64	PC: 12bc4 \| Write file or device (Write 550 bytes on handle 5)
2018-12-17T22:09:18.494694449Z	66	PC: 12bcc \| Move file pointer
2018-12-17T22:09:18.496663102Z	64	PC: 12bd7 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:09:18.500554136Z	62	PC: 12be0 \| Close file
2018-12-17T22:09:18.507707701Z	61	PC: 12b95 \| Open file (Filename = '')
2018-12-17T22:09:18.517948099Z	60	PC: 12ab1 \| Create or truncate file
2018-12-17T22:09:18.52830687Z	64	PC: 12acb \| Write file or device (Write 31 bytes on handle 5)
2018-12-17T22:09:18.536821064Z	62	PC: 12adb \| Close file
2018-12-17T22:09:18.545018061Z	44	PC: 12adf \| Get time 0x12adf: cmp dl, 0x32 0x12ae2: jg 0x12b11 0x12ae4: mov si, 0x12 0x12ae7: lea dx, word ptr [bp + 0x1ba] 0x12aeb: call 0x12be1 0x12aee: mov ah, 9 0x12af0: int 0x21 0x12af2: mov si, 0x12 0x12af5: call 0x12be1 0x12af8: mov ah, 0 0x12afa: int 0x16 0x12afc: jmp 0x12b11 0x12afe: nop 0x12aff: sub byte ptr [si], cl 0x12b01: or al, 0x2e 0x12b03: adc dx, word ptr [di] 0x12b05: and byte ptr [di], cl 0x12b07: outsw dx, word ptr [si] 0x12b08: je 0x12b7e 0x12b0a: jno 0x12b6c
2018-12-17T22:09:18.547259401Z	67	PC: 12bf9 \| Get or set file attributes
2018-12-17T22:09:18.553988018Z	65	PC: 12bfd \| Delete file (Filename = '')
2018-12-17T22:09:18.559964271Z	78	PC: 12b2d \| Find first file
2018-12-17T22:09:18.566025123Z	61	PC: 12b95 \| Open file (Filename = '')
2018-12-17T22:09:18.573767917Z	63	PC: 12ba3 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:09:18.580692563Z	66	PC: 12bb2 \| Move file pointer
2018-12-17T22:09:18.582377191Z	64	PC: 12bc4 \| Write file or device (Write 550 bytes on handle 5)
2018-12-17T22:09:18.597815578Z	66	PC: 12bcc \| Move file pointer
2018-12-17T22:09:18.599407738Z	64	PC: 12bd7 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:09:18.605717231Z	62	PC: 12be0 \| Close file
2018-12-17T22:09:18.614222515Z	79	PC: 12b2d \| Find next file
2018-12-17T22:09:18.616955641Z	61	PC: 12b95 \| Open file (Filename = '')
2018-12-17T22:09:18.623636076Z	63	PC: 12ba3 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:09:18.630648754Z	66	PC: 12bb2 \| Move file pointer
2018-12-17T22:09:18.632453844Z	64	PC: 12bc4 \| Write file or device (Write 550 bytes on handle 5)
2018-12-17T22:09:18.640554135Z	66	PC: 12bcc \| Move file pointer
2018-12-17T22:09:18.642661644Z	64	PC: 12bd7 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:09:18.649359917Z	62	PC: 12be0 \| Close file
2018-12-17T22:09:18.657774218Z	79	PC: 12b2d \| Find next file
2018-12-17T22:09:18.660877691Z	61	PC: 12b95 \| Open file (Filename = '')
2018-12-17T22:09:18.668212275Z	63	PC: 12ba3 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:09:18.675161441Z	66	PC: 12bb2 \| Move file pointer
2018-12-17T22:09:18.67734607Z	64	PC: 12bc4 \| Write file or device (Write 550 bytes on handle 5)
2018-12-17T22:09:18.685819133Z	66	PC: 12bcc \| Move file pointer
2018-12-17T22:09:18.687403885Z	64	PC: 12bd7 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:09:18.693961601Z	62	PC: 12be0 \| Close file
2018-12-17T22:09:18.702138425Z	79	PC: 12b2d \| Find next file
2018-12-17T22:09:18.704651502Z	61	PC: 12b95 \| Open file (Filename = '')
2018-12-17T22:09:18.711192921Z	63	PC: 12ba3 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:09:18.719722689Z	66	PC: 12bb2 \| Move file pointer
2018-12-17T22:09:18.721423795Z	64	PC: 12bc4 \| Write file or device (Write 550 bytes on handle 5)
2018-12-17T22:09:18.734336817Z	66	PC: 12bcc \| Move file pointer
2018-12-17T22:09:18.73645361Z	64	PC: 12bd7 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:09:18.742840784Z	62	PC: 12be0 \| Close file
2018-12-17T22:09:18.800808699Z	79	PC: 12b2d \| Find next file
2018-12-17T22:09:18.803371773Z	61	PC: 12b95 \| Open file (Filename = 'm')
2018-12-17T22:09:18.810047472Z	63	PC: 12ba3 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:09:18.816154461Z	66	PC: 12bb2 \| Move file pointer
2018-12-17T22:09:18.819090769Z	64	PC: 12bc4 \| Write file or device (Write 550 bytes on handle 5)
2018-12-17T22:09:18.844676325Z	66	PC: 12bcc \| Move file pointer
2018-12-17T22:09:18.846052811Z	64	PC: 12bd7 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:09:18.862170773Z	62	PC: 12be0 \| Close file
2018-12-17T22:09:18.921700678Z	42	PC: 12b58 \| Get date 0x12b58: cmp dh, 0x11 0x12b5b: jl 0x12b84 0x12b5d: cmp dl, 8 0x12b60: jl 0x12b84 0x12b62: lea dx, word ptr [bp + 0x1ba] 0x12b66: mov si, 0x12 0x12b69: call 0x12be1 0x12b6c: mov bx, dx 0x12b6e: mov ah, 0x19 0x12b70: int 0x21 0x12b72: mov cx, 0x25 0x12b75: mov dx, 0 0x12b78: push ds 0x12b79: pop es 0x12b7a: mov byte ptr [bp + 0x23b], 0x26 0x12b7f: int 0x19 0x12b81: add sp, 2 0x12b84: mov ah, 0x1a 0x12b86: mov dx, 0x80 0x12b89: int 0x21
2018-12-17T22:09:18.923722477Z	26	PC: 12b8b \| Set disk transfer address