Sample viewer

vx.netlux.org/Virus.DOS.Vbasic.c

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:13:34.999448552Z	51	PC: 13c5d \| Get or set Ctrl-Break
2018-12-17T22:13:35.001126789Z	46	PC: 13c64 \| Set verify flag
2018-12-17T22:13:35.002481002Z	53	PC: 13c69 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:13:35.004472581Z	37	PC: 13c79 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:13:35.00674802Z	44	PC: 13d61 \| Get time 0x13d61: mov bp, sp 0x13d63: mov bp, word ptr [bp + 8] 0x13d66: mov word ptr [bp], ax 0x13d69: mov word ptr [bp + 2], bx 0x13d6c: mov word ptr [bp + 4], cx 0x13d6f: mov word ptr [bp + 6], dx 0x13d72: mov word ptr [bp + 8], si 0x13d75: mov word ptr [bp + 0xa], di 0x13d78: pushf 0x13d79: pop ax 0x13d7a: and ax, 1 0x13d7d: mov word ptr [bp + 0xc], ax 0x13d80: cld 0x13d81: pop di 0x13d82: pop si 0x13d83: pop bp 0x13d84: ret 0x13d85: add byte ptr [di - 0x75], dl 0x13d88: in al, dx 0x13d89: mov ax, 0x4200
2018-12-17T22:13:35.00925081Z	42	PC: 13d61 \| Get date 0x13d61: mov bp, sp 0x13d63: mov bp, word ptr [bp + 8] 0x13d66: mov word ptr [bp], ax 0x13d69: mov word ptr [bp + 2], bx 0x13d6c: mov word ptr [bp + 4], cx 0x13d6f: mov word ptr [bp + 6], dx 0x13d72: mov word ptr [bp + 8], si 0x13d75: mov word ptr [bp + 0xa], di 0x13d78: pushf 0x13d79: pop ax 0x13d7a: and ax, 1 0x13d7d: mov word ptr [bp + 0xc], ax 0x13d80: cld 0x13d81: pop di 0x13d82: pop si 0x13d83: pop bp 0x13d84: ret 0x13d85: add byte ptr [di - 0x75], dl 0x13d88: in al, dx 0x13d89: mov ax, 0x4200
2018-12-17T22:13:35.011638138Z	25	PC: 13d61 \| Get default drive
2018-12-17T22:13:35.014160232Z	71	PC: 13e11 \| Get current directory
2018-12-17T22:13:35.017260976Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.021370458Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.032842077Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.037022433Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.047001386Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.058065842Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.067368208Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.069721238Z	78	PC: 13e37 \| Find first file
2018-12-17T22:13:35.07983407Z	61	PC: 13def \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:13:35.086691373Z	87	PC: 13d61 \| Get or set file date and time
2018-12-17T22:13:35.093059216Z	66	PC: 13d97 \| Move file pointer
2018-12-17T22:13:35.095360406Z	63	PC: 13dac \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:13:35.102819549Z	63	PC: 13dac \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:13:35.105371841Z	66	PC: 13d97 \| Move file pointer
2018-12-17T22:13:35.10724594Z	63	PC: 13dac \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:13:35.113913866Z	66	PC: 13d97 \| Move file pointer
2018-12-17T22:13:35.115419207Z	63	PC: 13dac \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:13:35.117761595Z	66	PC: 13d97 \| Move file pointer
2018-12-17T22:13:35.119861431Z	63	PC: 13dac \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:13:35.122314727Z	66	PC: 13d97 \| Move file pointer
2018-12-17T22:13:35.123633204Z	63	PC: 13dac \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:13:35.126708365Z	62	PC: 13ddf \| Close file
2018-12-17T22:13:35.128318257Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.129146198Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.132707103Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.133781682Z	78	PC: 13e37 \| Find first file
2018-12-17T22:13:35.139955999Z	61	PC: 13def \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:13:35.147365256Z	87	PC: 13d61 \| Get or set file date and time
2018-12-17T22:13:35.14882334Z	66	PC: 13d97 \| Move file pointer
2018-12-17T22:13:35.150254578Z	63	PC: 13dac \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:13:35.157646692Z	62	PC: 13ddf \| Close file
2018-12-17T22:13:35.159392294Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.160375139Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.164370663Z	61	PC: 13def \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:13:35.170858344Z	87	PC: 13d61 \| Get or set file date and time
2018-12-17T22:13:35.172400012Z	66	PC: 13d97 \| Move file pointer
2018-12-17T22:13:35.174593067Z	63	PC: 13dac \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:13:35.181267668Z	62	PC: 13ddf \| Close file
2018-12-17T22:13:35.18353179Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.185162639Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.188646956Z	61	PC: 13def \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:13:35.19518456Z	87	PC: 13d61 \| Get or set file date and time
2018-12-17T22:13:35.197599609Z	66	PC: 13d97 \| Move file pointer
2018-12-17T22:13:35.1991252Z	63	PC: 13dac \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:13:35.20555545Z	62	PC: 13ddf \| Close file
2018-12-17T22:13:35.208022299Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.209344714Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.213691127Z	61	PC: 13def \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:13:35.221796045Z	87	PC: 13d61 \| Get or set file date and time
2018-12-17T22:13:35.224405438Z	66	PC: 13d97 \| Move file pointer
2018-12-17T22:13:35.226032573Z	63	PC: 13dac \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:13:35.232871327Z	62	PC: 13ddf \| Close file
2018-12-17T22:13:35.235533324Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.237204005Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.240872707Z	61	PC: 13def \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:13:35.248709052Z	87	PC: 13d61 \| Get or set file date and time
2018-12-17T22:13:35.250698435Z	66	PC: 13d97 \| Move file pointer
2018-12-17T22:13:35.252575532Z	63	PC: 13dac \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:13:35.261743393Z	62	PC: 13ddf \| Close file
2018-12-17T22:13:35.263765661Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.265115105Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.269392593Z	61	PC: 13def \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:13:35.275816583Z	87	PC: 13d61 \| Get or set file date and time
2018-12-17T22:13:35.277320474Z	66	PC: 13d97 \| Move file pointer
2018-12-17T22:13:35.27947925Z	63	PC: 13dac \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:13:35.286717551Z	62	PC: 13ddf \| Close file
2018-12-17T22:13:35.288778412Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.290417694Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.294159968Z	61	PC: 13def \| Open file (Filename = 'PAH.COM')
2018-12-17T22:13:35.300978333Z	87	PC: 13d61 \| Get or set file date and time
2018-12-17T22:13:35.309314713Z	66	PC: 13d97 \| Move file pointer
2018-12-17T22:13:35.311040636Z	63	PC: 13dac \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:13:35.317732917Z	62	PC: 13ddf \| Close file
2018-12-17T22:13:35.320213826Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.321556886Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.324318959Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.326031745Z	78	PC: 13e37 \| Find first file
2018-12-17T22:13:35.331842108Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.333129971Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.336465013Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.337894785Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.340586457Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.342044582Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.344936812Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.345889548Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.348341887Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.349808542Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.354610766Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.355693196Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.358848968Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.359843624Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.362249905Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.364495881Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.366940824Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.367934485Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.371540808Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.375573109Z	14	PC: 13d61 \| Set default drive (Drive = 'C')
2018-12-17T22:13:35.376934686Z	25	PC: 13d61 \| Get default drive
2018-12-17T22:13:35.378604927Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.379858805Z	78	PC: 13e37 \| Find first file
2018-12-17T22:13:35.385473668Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.387720507Z	78	PC: 13e37 \| Find first file
2018-12-17T22:13:35.393428798Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.394404009Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.397542255Z	71	PC: 13e11 \| Get current directory
2018-12-17T22:13:35.399989054Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.406079551Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.411302788Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.415107401Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.419059442Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.424202578Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.428019953Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.429229916Z	78	PC: 13e37 \| Find first file
2018-12-17T22:13:35.435821307Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.437446591Z	78	PC: 13e37 \| Find first file
2018-12-17T22:13:35.444979792Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.44733571Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.450079497Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.458916148Z	78	PC: 13e37 \| Find first file
2018-12-17T22:13:35.465652598Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.466691659Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.469772498Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.47237026Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.475570514Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.476844012Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.479669972Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.481441186Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.484175337Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.485212463Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.488531319Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.489767199Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.492351912Z	26	PC: 13e2d \| Set disk transfer address
2018-12-17T22:13:35.494666549Z	79	PC: 13e37 \| Find next file
2018-12-17T22:13:35.496873389Z	59	PC: 13dfb \| Change current directory
2018-12-17T22:13:35.500318694Z	14	PC: 13d61 \| Set default drive (Drive = 'F')
2018-12-17T22:13:35.502321026Z	25	PC: 13d61 \| Get default drive
2018-12-17T22:13:35.503654587Z	14	PC: 13d61 \| Set default drive (Drive = 'A')
2018-12-17T22:13:35.50509475Z	37	PC: 13c8d \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:13:35.507060902Z	26	PC: 13c9b \| Set disk transfer address
2018-12-17T22:13:35.508325206Z	9	PC: 13bc2 \| Display string (Could not find end pointer)
2018-12-17T22:13:35.512484165Z	76	PC: 13bc8 \| Terminate with return code (Return code = '0')