Sample viewer

vx.netlux.org/Virus.DOS.Virogen.BombTrack.2054

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:13:57.116913908Z 250 PC: 1356f | UNKNOWN!
2018-12-17T22:13:57.118080274Z 42 PC: 13577 | Get date 0x13577: cmp dl, 0x1f
0x1357a: jne 0x13582
0x1357c: mov byte ptr cs:[bp + 0x5d9], 1
0x13582: mov ax, es
0x13584: dec ax
0x13585: mov ds, ax
0x13587: cmp byte ptr [0], 0x5a
0x1358c: jne 0x135d3
0x1358e: sub word ptr [3], 0x140
0x13594: sub word ptr [0x12], 0x140
0x1359a: mov es, word ptr [0x12]
0x1359e: push cs
0x1359f: pop ds
0x135a0: mov si, bp
0x135a2: mov cx, 0x400
0x135a5: xor di, di
0x135a7: rep movsd dword ptr es:[di], dword ptr [si]
0x135a9: xor ax, ax
0x135ab: mov ds, ax
0x135ad: push ds
2018-12-17T22:13:57.120193444Z 44 PC: 139ab | Get time 0x139ab: ret
0x139ac: inc bx
0x139ad: dec ax
0x139ae: dec bx
0x139af: dec sp
0x139b0: dec cx
0x139b1: push bx
0x139b2: push sp
0x139b3: dec bp
0x139b5: push bx
0x139b6: add byte ptr [bp + di + 0x48], al
0x139b9: dec bx
0x139ba: dec sp
0x139bb: dec cx
0x139bc: push bx
0x139bd: push sp
0x139be: inc bx
0x139c0: push ax
0x139c1: push bx
0x139c2: add cl, ch
2018-12-17T22:13:57.129470319Z 9 PC: 133f2 | Display string (Could not find end pointer)
2018-12-17T22:13:57.135506306Z 76 PC: 133f8 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2670,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:46:10.158413638Z 250 PC: 1356f | UNKNOWN!
2018-12-25T11:46:10.166423562Z 42 PC: 13577 | Get date 0x13577: cmp dl, 0x1f
0x1357a: jne 0x13582
0x1357c: mov byte ptr cs:[bp + 0x5d9], 1
0x13582: mov ax, es
0x13584: dec ax
0x13585: mov ds, ax
0x13587: cmp byte ptr [0], 0x5a
0x1358c: jne 0x135d3
0x1358e: sub word ptr [3], 0x140
0x13594: sub word ptr [0x12], 0x140
0x1359a: mov es, word ptr [0x12]
0x1359e: push cs
0x1359f: pop ds
0x135a0: mov si, bp
0x135a2: mov cx, 0x400
0x135a5: xor di, di
0x135a7: rep movsd dword ptr es:[di], dword ptr [si]
0x135a9: xor ax, ax
0x135ab: mov ds, ax
0x135ad: push ds
2018-12-25T11:46:10.168593677Z 44 PC: 139ab | Get time 0x139ab: ret
0x139ac: inc bx
0x139ad: dec ax
0x139ae: dec bx
0x139af: dec sp
0x139b0: dec cx
0x139b1: push bx
0x139b2: push sp
0x139b3: dec bp
0x139b5: push bx
0x139b6: add byte ptr [bp + di + 0x48], al
0x139b9: dec bx
0x139ba: dec sp
0x139bb: dec cx
0x139bc: push bx
0x139bd: push sp
0x139be: inc bx
0x139c0: push ax
0x139c1: push bx
0x139c2: add cl, ch
2018-12-25T11:46:10.170752664Z 9 PC: 133f2 | Display string (Could not find end pointer)
2018-12-25T11:46:10.183434548Z 76 PC: 133f8 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":31,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2670,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:46:10.466558421Z 250 PC: 1356f | UNKNOWN!
2018-12-25T11:46:10.468371314Z 42 PC: 13577 | Get date 0x13577: cmp dl, 0x1f
0x1357a: jne 0x13582
0x1357c: mov byte ptr cs:[bp + 0x5d9], 1
0x13582: mov ax, es
0x13584: dec ax
0x13585: mov ds, ax
0x13587: cmp byte ptr [0], 0x5a
0x1358c: jne 0x135d3
0x1358e: sub word ptr [3], 0x140
0x13594: sub word ptr [0x12], 0x140
0x1359a: mov es, word ptr [0x12]
0x1359e: push cs
0x1359f: pop ds
0x135a0: mov si, bp
0x135a2: mov cx, 0x400
0x135a5: xor di, di
0x135a7: rep movsd dword ptr es:[di], dword ptr [si]
0x135a9: xor ax, ax
0x135ab: mov ds, ax
0x135ad: push ds
2018-12-25T11:46:10.472016001Z 44 PC: 139ab | Get time 0x139ab: ret
0x139ac: inc bx
0x139ad: dec ax
0x139ae: dec bx
0x139af: dec sp
0x139b0: dec cx
0x139b1: push bx
0x139b2: push sp
0x139b3: dec bp
0x139b5: push bx
0x139b6: add byte ptr [bp + di + 0x48], al
0x139b9: dec bx
0x139ba: dec sp
0x139bb: dec cx
0x139bc: push bx
0x139bd: push sp
0x139be: inc bx
0x139c0: push ax
0x139c1: push bx
0x139c2: add cl, ch
2018-12-25T11:46:10.474914582Z 67 PC: 9ee2a | Get or set file attributes
2018-12-25T11:46:11.126207139Z 61 PC: 9ee3f | Open file (Filename = 'OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO')
2018-12-25T11:46:11.133332091Z 64 PC: 9ee4f | Write file or device (Write 46 bytes on handle 5)
2018-12-25T11:46:11.139448048Z 62 PC: 9ee53 | Close file
2018-12-25T11:46:11.146374111Z 67 PC: 9ee5c | Get or set file attributes
2018-12-25T11:46:11.155827288Z 9 PC: 133f2 | Display string (Could not find end pointer)
2018-12-25T11:46:11.161113622Z 76 PC: 133f8 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":31,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2670,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:46:10.772133592Z 250 PC: 1356f | UNKNOWN!
2018-12-25T11:46:10.77312922Z 42 PC: 13577 | Get date 0x13577: cmp dl, 0x1f
0x1357a: jne 0x13582
0x1357c: mov byte ptr cs:[bp + 0x5d9], 1
0x13582: mov ax, es
0x13584: dec ax
0x13585: mov ds, ax
0x13587: cmp byte ptr [0], 0x5a
0x1358c: jne 0x135d3
0x1358e: sub word ptr [3], 0x140
0x13594: sub word ptr [0x12], 0x140
0x1359a: mov es, word ptr [0x12]
0x1359e: push cs
0x1359f: pop ds
0x135a0: mov si, bp
0x135a2: mov cx, 0x400
0x135a5: xor di, di
0x135a7: rep movsd dword ptr es:[di], dword ptr [si]
0x135a9: xor ax, ax
0x135ab: mov ds, ax
0x135ad: push ds
2018-12-25T11:46:10.775290752Z 44 PC: 139ab | Get time 0x139ab: ret
0x139ac: inc bx
0x139ad: dec ax
0x139ae: dec bx
0x139af: dec sp
0x139b0: dec cx
0x139b1: push bx
0x139b2: push sp
0x139b3: dec bp
0x139b5: push bx
0x139b6: add byte ptr [bp + di + 0x48], al
0x139b9: dec bx
0x139ba: dec sp
0x139bb: dec cx
0x139bc: push bx
0x139bd: push sp
0x139be: inc bx
0x139c0: push ax
0x139c1: push bx
0x139c2: add cl, ch
2018-12-25T11:46:10.777763063Z 67 PC: 9ee2a | Get or set file attributes
2018-12-25T11:46:11.125471978Z 61 PC: 9ee3f | Open file (Filename = 'OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO')
2018-12-25T11:46:11.131294225Z 64 PC: 9ee4f | Write file or device (Write 46 bytes on handle 5)
2018-12-25T11:46:11.137372312Z 62 PC: 9ee53 | Close file
2018-12-25T11:46:11.14508154Z 67 PC: 9ee5c | Get or set file attributes
2018-12-25T11:46:11.153767236Z 9 PC: 133f2 | Display string (Could not find end pointer)
2018-12-25T11:46:11.159217223Z 76 PC: 133f8 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2670,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:46:11.210335641Z 250 PC: 1356f | UNKNOWN!
2018-12-25T11:46:11.212627641Z 42 PC: 13577 | Get date 0x13577: cmp dl, 0x1f
0x1357a: jne 0x13582
0x1357c: mov byte ptr cs:[bp + 0x5d9], 1
0x13582: mov ax, es
0x13584: dec ax
0x13585: mov ds, ax
0x13587: cmp byte ptr [0], 0x5a
0x1358c: jne 0x135d3
0x1358e: sub word ptr [3], 0x140
0x13594: sub word ptr [0x12], 0x140
0x1359a: mov es, word ptr [0x12]
0x1359e: push cs
0x1359f: pop ds
0x135a0: mov si, bp
0x135a2: mov cx, 0x400
0x135a5: xor di, di
0x135a7: rep movsd dword ptr es:[di], dword ptr [si]
0x135a9: xor ax, ax
0x135ab: mov ds, ax
0x135ad: push ds
2018-12-25T11:46:11.214443846Z 44 PC: 139ab | Get time 0x139ab: ret
0x139ac: inc bx
0x139ad: dec ax
0x139ae: dec bx
0x139af: dec sp
0x139b0: dec cx
0x139b1: push bx
0x139b2: push sp
0x139b3: dec bp
0x139b5: push bx
0x139b6: add byte ptr [bp + di + 0x48], al
0x139b9: dec bx
0x139ba: dec sp
0x139bb: dec cx
0x139bc: push bx
0x139bd: push sp
0x139be: inc bx
0x139c0: push ax
0x139c1: push bx
0x139c2: add cl, ch
2018-12-25T11:46:11.216253914Z 9 PC: 133f2 | Display string (Could not find end pointer)
2018-12-25T11:46:11.220067778Z 76 PC: 133f8 | Terminate with return code (Return code = '0')