Sample viewer

vx.netlux.org/Virus.DOS.Avispa.2048.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:09:42.317317423Z 75 PC: 1347b | Execute program
2018-12-17T22:09:42.320155679Z 74 PC: 12ba5 | Reallocate memory
2018-12-17T22:09:42.321521968Z 53 PC: 12baa | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:09:42.322674365Z 53 PC: 12bb7 | Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:09:42.324302356Z 37 PC: 12bc7 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:09:42.325433959Z 37 PC: 12bcf | Set interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:09:42.326649886Z 75 PC: 12c20 | Execute program
2018-12-17T22:09:42.341715306Z 60 PC: 13ca7 | Create or truncate file
2018-12-17T22:09:42.358901127Z 64 PC: 13cb3 | Write file or device (Write 2208 bytes on handle 5)
2018-12-17T22:09:42.367709264Z 9 PC: 13cba | Display string (String= ' AVISPA-DROOPER (c)1993 Elijah Baley Archivo AVISPA.EXE creado con �xito. ')
2018-12-17T22:09:42.378116069Z 76 PC: 13cbe | Terminate with return code (Return code = '36')
2018-12-17T22:09:42.387872391Z 61 PC: 12cac | Open file (Filename = 'c:\dos\xcopy.exe')
2018-12-17T22:09:42.397588909Z 63 PC: 12cc3 | Read file or device (Read 127 bytes on handle 5)
2018-12-17T22:09:42.403392484Z 62 PC: 12ccf | Close file
2018-12-17T22:09:42.406736352Z 61 PC: 12d00 | Open file (Filename = 'c:\dos\xcopy.exe')
2018-12-17T22:09:42.415517618Z 66 PC: 12d16 | Move file pointer
2018-12-17T22:09:42.418167158Z 66 PC: 12d56 | Move file pointer
2018-12-17T22:09:42.423537465Z 63 PC: 12d64 | Read file or device (Read 52 bytes on handle 5)
2018-12-17T22:09:42.430184877Z 62 PC: 12d6c | Close file
2018-12-17T22:09:42.432356553Z 53 PC: 12d93 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:09:42.434414223Z 37 PC: 12da3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:09:42.435414871Z 67 PC: 12db2 | Get or set file attributes
2018-12-17T22:09:42.439255697Z 67 PC: 12dcf | Get or set file attributes
2018-12-17T22:09:42.777532801Z 37 PC: 12de4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:09:42.77879406Z 61 PC: 12e00 | Open file (Filename = '4')
2018-12-17T22:09:42.786769332Z 87 PC: 12e11 | Get or set file date and time
2018-12-17T22:09:42.789636851Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.791121482Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.794325696Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.796444804Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.799308047Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.800877112Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.804398626Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.805928004Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.808685085Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.810711029Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.813906397Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.815191916Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.818239936Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.819850584Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.823099171Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.824357293Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.827669526Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.82926891Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.832227752Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.834288031Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.837164718Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.838686256Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.841730201Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.843128073Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.845785042Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.847720041Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.850790925Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.852483675Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.856172101Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.858043119Z 72 PC: 12ebc | Allocate memory
2018-12-17T22:09:42.860592518Z 64 PC: 12eea | Write file or device (Write 2048 bytes on handle 5)
2018-12-17T22:09:42.872007576Z 66 PC: 12efc | Move file pointer
2018-12-17T22:09:42.873401702Z 64 PC: 12f0a | Write file or device (Write 30 bytes on handle 5)
2018-12-17T22:09:42.876299738Z 87 PC: 12f1e | Get or set file date and time
2018-12-17T22:09:42.878753327Z 62 PC: 12f26 | Close file
2018-12-17T22:09:42.88631157Z 67 PC: 12f39 | Get or set file attributes
2018-12-17T22:09:42.895965975Z 73 PC: 12f43 | Release memory
2018-12-17T22:09:42.89862455Z 61 PC: 12cac | Open file (Filename = '�8� �8��J��d�^�')
2018-12-17T22:09:42.905731524Z 63 PC: 12cc3 | Read file or device (Read 127 bytes on handle 5)
2018-12-17T22:09:42.911576237Z 62 PC: 12ccf | Close file
2018-12-17T22:09:42.915405829Z 61 PC: 12d00 | Open file (Filename = '�8� �8��J��d�^�')
2018-12-17T22:09:42.922241566Z 66 PC: 12d16 | Move file pointer
2018-12-17T22:09:42.92373993Z 66 PC: 12d56 | Move file pointer
2018-12-17T22:09:42.9257642Z 63 PC: 12d64 | Read file or device (Read 52 bytes on handle 5)
2018-12-17T22:09:42.932269311Z 62 PC: 12d6c | Close file
2018-12-17T22:09:42.934259815Z 53 PC: 12d93 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:09:42.936302402Z 37 PC: 12da3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:09:42.937531331Z 67 PC: 12db2 | Get or set file attributes
2018-12-17T22:09:42.943460463Z 67 PC: 12dcf | Get or set file attributes
2018-12-17T22:09:42.953588492Z 37 PC: 12de4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:09:42.954664201Z 61 PC: 12e00 | Open file (Filename = 'WSP�.�0 �X[u����SP�.�0 �tX[���P�  �uX���')
2018-12-17T22:09:42.961867231Z 87 PC: 12e11 | Get or set file date and time
2018-12-17T22:09:42.963541923Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.965046357Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.967744312Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.96938626Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.971482822Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.972463419Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.974978806Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.976089347Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.978052808Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.979639926Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.981648405Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.982738233Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.98478598Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.986256762Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.988163515Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.989427081Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.991528043Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.993033276Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.995159784Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:42.996862198Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:42.99879892Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:43.000198179Z 72 PC: 12ebc | Allocate memory
2018-12-17T22:09:43.002381538Z 64 PC: 12eea | Write file or device (Write 2048 bytes on handle 5)
2018-12-17T22:09:43.007882482Z 66 PC: 12efc | Move file pointer
2018-12-17T22:09:43.008890285Z 64 PC: 12f0a | Write file or device (Write 30 bytes on handle 5)
2018-12-17T22:09:43.011234702Z 87 PC: 12f1e | Get or set file date and time
2018-12-17T22:09:43.01235387Z 62 PC: 12f26 | Close file
2018-12-17T22:09:43.017697647Z 67 PC: 12f39 | Get or set file attributes
2018-12-17T22:09:43.028197144Z 73 PC: 12f43 | Release memory
2018-12-17T22:09:43.029476436Z 61 PC: 12cac | Open file (Filename = '�^�')
2018-12-17T22:09:43.039364619Z 61 PC: 12cac | Open file (Filename = '�^�')
2018-12-17T22:09:43.046734308Z 63 PC: 12cc3 | Read file or device (Read 127 bytes on handle 5)
2018-12-17T22:09:43.052014948Z 62 PC: 12ccf | Close file
2018-12-17T22:09:43.053716584Z 61 PC: 12d00 | Open file (Filename = '�^�')
2018-12-17T22:09:43.068890155Z 66 PC: 12d16 | Move file pointer
2018-12-17T22:09:43.070187749Z 66 PC: 12d56 | Move file pointer
2018-12-17T22:09:43.072283494Z 63 PC: 12d64 | Read file or device (Read 52 bytes on handle 5)
2018-12-17T22:09:43.078436697Z 62 PC: 12d6c | Close file
2018-12-17T22:09:43.080228564Z 53 PC: 12d93 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:09:43.08159405Z 37 PC: 12da3 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:09:43.083631066Z 67 PC: 12db2 | Get or set file attributes
2018-12-17T22:09:43.089764972Z 67 PC: 12dcf | Get or set file attributes
2018-12-17T22:09:43.105858211Z 37 PC: 12de4 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:09:43.108484198Z 61 PC: 12e00 | Open file (Filename = 'tX[���P�  �uX���')
2018-12-17T22:09:43.115440316Z 87 PC: 12e11 | Get or set file date and time
2018-12-17T22:09:43.116835763Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:43.119096895Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:43.122257994Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:43.123557875Z 64 PC: 12e4a | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:09:43.126586389Z 66 PC: 12e2d | Move file pointer
2018-12-17T22:09:43.128013505Z 72 PC: 12ebc | Allocate memory
2018-12-17T22:09:43.130305521Z 64 PC: 12eea | Write file or device (Write 2048 bytes on handle 5)
2018-12-17T22:09:43.140981018Z 66 PC: 12efc | Move file pointer
2018-12-17T22:09:43.143310671Z 64 PC: 12f0a | Write file or device (Write 30 bytes on handle 5)
2018-12-17T22:09:43.145972895Z 87 PC: 12f1e | Get or set file date and time
2018-12-17T22:09:43.148280606Z 62 PC: 12f26 | Close file
2018-12-17T22:09:43.155390475Z 67 PC: 12f39 | Get or set file attributes
2018-12-17T22:09:43.165249674Z 73 PC: 12f43 | Release memory
2018-12-17T22:09:43.167583565Z 73 PC: 12c57 | Release memory
2018-12-17T22:09:43.169009837Z 49 PC: 12c5f | Terminate and stay resident (Return code = '1' | Memory size = '144')