Sample viewer

vx.netlux.org/Virus.DOS.Mindless.423

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:52:11.655143547Z 42 PC: 12a58 | Get date 0x12a58: cmp al, 0
0x12a5a: jne 0x12acb
0x12a5c: mov ax, 0x3301
0x12a5f: xor dl, dl
0x12a61: int 0x21
0x12a63: mov cx, 0x46
0x12a66: nop
0x12a67: mov si, 0x21d
0x12a6a: mov di, 0x263
0x12a6d: mov al, byte ptr [si]
0x12a6f: mov byte ptr [0x2a9], al
0x12a72: xor byte ptr [0x2a9], 1
0x12a77: mov al, byte ptr [0x2a9]
0x12a7a: mov byte ptr [di], al
0x12a7c: inc si
0x12a7d: inc di
0x12a7e: loop 0x12a6d
0x12a80: cmp byte ptr [0x215], 0x1b
0x12a85: jge 0x12a9e
0x12a87: pushf
2018-12-17T21:52:11.658406974Z 78 PC: 12b12 | Find first file
2018-12-17T21:52:11.664321055Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:52:11.670050431Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:52:11.6871049Z 61 PC: 12b2d | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:52:11.693920301Z 87 PC: 12b35 | Get or set file date and time
2018-12-17T21:52:11.695664454Z 64 PC: 12b41 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T21:52:11.70323335Z 87 PC: 12b49 | Get or set file date and time
2018-12-17T21:52:11.712863656Z 62 PC: 12b4d | Close file
2018-12-17T21:52:11.72112388Z 79 PC: 12b51 | Find next file
2018-12-17T21:52:11.724065568Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:52:11.730629168Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:52:11.741853363Z 61 PC: 12b2d | Open file (Filename = 'PRINT.COM')
2018-12-17T21:52:11.748782357Z 87 PC: 12b35 | Get or set file date and time
2018-12-17T21:52:11.751007041Z 64 PC: 12b41 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T21:52:11.757931012Z 87 PC: 12b49 | Get or set file date and time
2018-12-17T21:52:11.75957142Z 62 PC: 12b4d | Close file
2018-12-17T21:52:11.768185906Z 79 PC: 12b51 | Find next file
2018-12-17T21:52:11.771097181Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:52:11.776918372Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:52:11.787227899Z 61 PC: 12b2d | Open file (Filename = 'HELLO.COM')
2018-12-17T21:52:11.803026826Z 87 PC: 12b35 | Get or set file date and time
2018-12-17T21:52:11.804646139Z 64 PC: 12b41 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T21:52:11.81210475Z 87 PC: 12b49 | Get or set file date and time
2018-12-17T21:52:11.81359576Z 62 PC: 12b4d | Close file
2018-12-17T21:52:11.820699794Z 79 PC: 12b51 | Find next file
2018-12-17T21:52:11.824001236Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:52:11.829567943Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:52:11.839353299Z 61 PC: 12b2d | Open file (Filename = 'PHANG.COM')
2018-12-17T21:52:11.846434225Z 87 PC: 12b35 | Get or set file date and time
2018-12-17T21:52:11.847820172Z 64 PC: 12b41 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T21:52:11.854298781Z 87 PC: 12b49 | Get or set file date and time
2018-12-17T21:52:11.857084182Z 62 PC: 12b4d | Close file
2018-12-17T21:52:11.86431161Z 79 PC: 12b51 | Find next file
2018-12-17T21:52:11.867541556Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:52:11.873716002Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:52:11.883560697Z 61 PC: 12b2d | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T21:52:11.890336405Z 87 PC: 12b35 | Get or set file date and time
2018-12-17T21:52:11.892624921Z 64 PC: 12b41 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T21:52:11.899490648Z 87 PC: 12b49 | Get or set file date and time
2018-12-17T21:52:11.90127653Z 62 PC: 12b4d | Close file
2018-12-17T21:52:11.909665996Z 79 PC: 12b51 | Find next file
2018-12-17T21:52:11.912516171Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:52:11.918408242Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:52:11.928238553Z 61 PC: 12b2d | Open file (Filename = 'MANDEL.COM')
2018-12-17T21:52:11.93676481Z 87 PC: 12b35 | Get or set file date and time
2018-12-17T21:52:11.938498808Z 64 PC: 12b41 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T21:52:11.945218411Z 87 PC: 12b49 | Get or set file date and time
2018-12-17T21:52:11.948190974Z 62 PC: 12b4d | Close file
2018-12-17T21:52:11.955288461Z 79 PC: 12b51 | Find next file
2018-12-17T21:52:11.957883094Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:52:11.964267393Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:52:11.974107905Z 61 PC: 12b2d | Open file (Filename = 'PAH.COM')
2018-12-17T21:52:11.980923892Z 87 PC: 12b35 | Get or set file date and time
2018-12-17T21:52:11.983097234Z 64 PC: 12b41 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T21:52:11.989814327Z 87 PC: 12b49 | Get or set file date and time
2018-12-17T21:52:11.991545639Z 62 PC: 12b4d | Close file
2018-12-17T21:52:11.99987499Z 79 PC: 12b51 | Find next file
2018-12-17T21:52:12.00269368Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:52:12.008512712Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:52:12.019455252Z 61 PC: 12b2d | Open file (Filename = 'TEST.COM')
2018-12-17T21:52:12.026216421Z 87 PC: 12b35 | Get or set file date and time
2018-12-17T21:52:12.027913226Z 64 PC: 12b41 | Write file or device (Write 423 bytes on handle 5)
2018-12-17T21:52:12.03493844Z 87 PC: 12b49 | Get or set file date and time
2018-12-17T21:52:12.036990859Z 62 PC: 12b4d | Close file
2018-12-17T21:52:12.044437796Z 79 PC: 12b51 | Find next file

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":220,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:23.084140776Z 42 PC: 12a58 | Get date 0x12a58: cmp al, 0
0x12a5a: jne 0x12acb
0x12a5c: mov ax, 0x3301
0x12a5f: xor dl, dl
0x12a61: int 0x21
0x12a63: mov cx, 0x46
0x12a66: nop
0x12a67: mov si, 0x21d
0x12a6a: mov di, 0x263
0x12a6d: mov al, byte ptr [si]
0x12a6f: mov byte ptr [0x2a9], al
0x12a72: xor byte ptr [0x2a9], 1
0x12a77: mov al, byte ptr [0x2a9]
0x12a7a: mov byte ptr [di], al
0x12a7c: inc si
0x12a7d: inc di
0x12a7e: loop 0x12a6d
0x12a80: cmp byte ptr [0x215], 0x1b
0x12a85: jge 0x12a9e
0x12a87: pushf
2018-12-25T11:40:23.087085571Z 78 PC: 12b12 | Find first file
2018-12-25T11:40:23.093251731Z 67 PC: 12b1b | Get or set file attributes
2018-12-25T11:40:23.098529585Z 67 PC: 12b25 | Get or set file attributes
2018-12-25T11:40:23.165903074Z 61 PC: 12b2d | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:23.172673973Z 87 PC: 12b35 | Get or set file date and time
2018-12-25T11:40:23.173974612Z 64 PC: 12b41 | Write file or device (Write 423 bytes on handle 5)
2018-12-25T11:40:23.181136296Z 87 PC: 12b49 | Get or set file date and time
2018-12-25T11:40:23.1828828Z 62 PC: 12b4d | Close file
2018-12-25T11:40:23.243185187Z 79 PC: 12b51 | Find next file
2018-12-25T11:40:23.246447106Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:23.251927776Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:23.36640874Z 61 PC: 12b2d | Open file (See above)
2018-12-25T11:40:23.372799299Z 87 PC: 12b35 | Get or set file date and time (See above)
2018-12-25T11:40:23.374200558Z 64 PC: 12b41 | Write file or device (See above)
2018-12-25T11:40:23.380778887Z 87 PC: 12b49 | Get or set file date and time (See above)
2018-12-25T11:40:23.382251137Z 62 PC: 12b4d | Close file (See above)
2018-12-25T11:40:23.478512905Z 79 PC: 12b51 | Find next file (See above)
2018-12-25T11:40:23.480997019Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:23.492525477Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:23.56273609Z 61 PC: 12b2d | Open file (See above)
2018-12-25T11:40:24.063624552Z 87 PC: 12b35 | Get or set file date and time (See above)
2018-12-25T11:40:24.065191214Z 64 PC: 12b41 | Write file or device (See above)
2018-12-25T11:40:24.072877988Z 87 PC: 12b49 | Get or set file date and time (See above)
2018-12-25T11:40:24.074321992Z 62 PC: 12b4d | Close file (See above)
2018-12-25T11:40:24.285972599Z 79 PC: 12b51 | Find next file (See above)
2018-12-25T11:40:24.290726531Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:24.296315125Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:24.453992367Z 61 PC: 12b2d | Open file (See above)
2018-12-25T11:40:24.460890172Z 87 PC: 12b35 | Get or set file date and time (See above)
2018-12-25T11:40:24.461982887Z 64 PC: 12b41 | Write file or device (See above)
2018-12-25T11:40:24.466435424Z 87 PC: 12b49 | Get or set file date and time (See above)
2018-12-25T11:40:24.468351774Z 62 PC: 12b4d | Close file (See above)
2018-12-25T11:40:24.618187948Z 79 PC: 12b51 | Find next file (See above)
2018-12-25T11:40:24.620841583Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:24.627486986Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:24.808143383Z 61 PC: 12b2d | Open file (See above)
2018-12-25T11:40:24.812873209Z 87 PC: 12b35 | Get or set file date and time (See above)
2018-12-25T11:40:24.815912509Z 64 PC: 12b41 | Write file or device (See above)
2018-12-25T11:40:24.822702847Z 87 PC: 12b49 | Get or set file date and time (See above)
2018-12-25T11:40:24.824115799Z 62 PC: 12b4d | Close file (See above)
2018-12-25T11:40:24.831573276Z 79 PC: 12b51 | Find next file (See above)
2018-12-25T11:40:24.834215224Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:24.840007759Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:24.849836605Z 61 PC: 12b2d | Open file (See above)
2018-12-25T11:40:24.865543426Z 87 PC: 12b35 | Get or set file date and time (See above)
2018-12-25T11:40:24.866973935Z 64 PC: 12b41 | Write file or device (See above)
2018-12-25T11:40:24.874200658Z 87 PC: 12b49 | Get or set file date and time (See above)
2018-12-25T11:40:24.875877722Z 62 PC: 12b4d | Close file (See above)
2018-12-25T11:40:24.883083876Z 79 PC: 12b51 | Find next file (See above)
2018-12-25T11:40:24.886167358Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:24.891865891Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:24.901845528Z 61 PC: 12b2d | Open file (See above)
2018-12-25T11:40:24.908797784Z 87 PC: 12b35 | Get or set file date and time (See above)
2018-12-25T11:40:24.910074822Z 64 PC: 12b41 | Write file or device (See above)
2018-12-25T11:40:24.916534607Z 87 PC: 12b49 | Get or set file date and time (See above)
2018-12-25T11:40:24.91851072Z 62 PC: 12b4d | Close file (See above)
2018-12-25T11:40:24.926291366Z 79 PC: 12b51 | Find next file (See above)
2018-12-25T11:40:24.929106992Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:24.935725298Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:24.943207584Z 61 PC: 12b2d | Open file (See above)
2018-12-25T11:40:24.94735827Z 87 PC: 12b35 | Get or set file date and time (See above)
2018-12-25T11:40:24.948664244Z 64 PC: 12b41 | Write file or device (See above)
2018-12-25T11:40:24.953384747Z 87 PC: 12b49 | Get or set file date and time (See above)
2018-12-25T11:40:24.954576442Z 62 PC: 12b4d | Close file (See above)
2018-12-25T11:40:24.959700793Z 79 PC: 12b51 | Find next file (See above)

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":220,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:23.137098031Z 42 PC: 12a58 | Get date 0x12a58: cmp al, 0
0x12a5a: jne 0x12acb
0x12a5c: mov ax, 0x3301
0x12a5f: xor dl, dl
0x12a61: int 0x21
0x12a63: mov cx, 0x46
0x12a66: nop
0x12a67: mov si, 0x21d
0x12a6a: mov di, 0x263
0x12a6d: mov al, byte ptr [si]
0x12a6f: mov byte ptr [0x2a9], al
0x12a72: xor byte ptr [0x2a9], 1
0x12a77: mov al, byte ptr [0x2a9]
0x12a7a: mov byte ptr [di], al
0x12a7c: inc si
0x12a7d: inc di
0x12a7e: loop 0x12a6d
0x12a80: cmp byte ptr [0x215], 0x1b
0x12a85: jge 0x12a9e
0x12a87: pushf
2018-12-25T11:40:23.139340739Z 51 PC: 12a63 | Get or set Ctrl-Break
2018-12-25T11:40:23.158414894Z 2 PC: 12aa2 | Character output (Char = '2c')
2018-12-25T11:40:23.159872312Z 43 PC: 12ab3 | Set date
2018-12-25T11:40:23.160958472Z 45 PC: 12abd | Set time
2018-12-25T11:40:23.163145219Z 51 PC: 12ac4 | Get or set Ctrl-Break
2018-12-25T11:40:23.163781789Z 76 PC: 12ac9 | Terminate with return code (Return code = '0')