Sample viewer

vx.netlux.org/Virus.DOS.Vampiro.1000.c

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:16:41.872020124Z	250	PC: 12b54 \| UNKNOWN!
2018-12-17T22:16:41.874213995Z	42	PC: 12b58 \| Get date 0x12b58: cmp dh, 6 0x12b5b: jb 0x12b69 0x12b5d: mov ah, 0x2c 0x12b5f: int 0x21 0x12b61: cmp ch, 0x16 0x12b64: jb 0x12b69 0x12b66: jmp 0x12d59 0x12b69: cld 0x12b6a: mov cx, 7 0x12b6d: lea si, word ptr [bp + 0x325] 0x12b71: lea di, word ptr [bp + 0x32c] 0x12b75: rep movsb byte ptr es:[di], byte ptr [si] 0x12b77: mov cx, 0x2b 0x12b7a: lea di, word ptr [bp + 0x35e] 0x12b7e: mov si, 0x80 0x12b81: rep movsb byte ptr es:[di], byte ptr [si] 0x12b83: mov ah, 0x47 0x12b85: mov dl, 0 0x12b87: lea si, word ptr [bp + 0x392] 0x12b8b: int 0x21
2018-12-17T22:16:41.876982646Z	44	PC: 12b61 \| Get time 0x12b61: cmp ch, 0x16 0x12b64: jb 0x12b69 0x12b66: jmp 0x12d59 0x12b69: cld 0x12b6a: mov cx, 7 0x12b6d: lea si, word ptr [bp + 0x325] 0x12b71: lea di, word ptr [bp + 0x32c] 0x12b75: rep movsb byte ptr es:[di], byte ptr [si] 0x12b77: mov cx, 0x2b 0x12b7a: lea di, word ptr [bp + 0x35e] 0x12b7e: mov si, 0x80 0x12b81: rep movsb byte ptr es:[di], byte ptr [si] 0x12b83: mov ah, 0x47 0x12b85: mov dl, 0 0x12b87: lea si, word ptr [bp + 0x392] 0x12b8b: int 0x21 0x12b8d: mov ah, 0x4e 0x12b8f: lea dx, word ptr [bp + 0x439] 0x12b93: mov cx, 0x10 0x12b96: int 0x21
2018-12-17T22:16:41.880217043Z	71	PC: 12b8d \| Get current directory
2018-12-17T22:16:41.883699345Z	78	PC: 12b98 \| Find first file
2018-12-17T22:16:41.890622564Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.894436965Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.897906465Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.90087179Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.904395871Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.908231715Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.911869098Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.914647177Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.917414779Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.920999186Z	59	PC: 12bf5 \| Change current directory
2018-12-17T22:16:41.925459023Z	59	PC: 12d3c \| Change current directory
2018-12-17T22:16:41.929833291Z	250	PC: 12b54 \| UNKNOWN!
2018-12-17T22:16:41.932122314Z	42	PC: 12b58 \| Get date 0x12b58: cmp dh, 6 0x12b5b: jb 0x12b69 0x12b5d: mov ah, 0x2c 0x12b5f: int 0x21 0x12b61: cmp ch, 0x16 0x12b64: jb 0x12b69 0x12b66: jmp 0x12d59 0x12b69: cld 0x12b6a: mov cx, 7 0x12b6d: lea si, word ptr [bp + 0x325] 0x12b71: lea di, word ptr [bp + 0x32c] 0x12b75: rep movsb byte ptr es:[di], byte ptr [si] 0x12b77: mov cx, 0x2b 0x12b7a: lea di, word ptr [bp + 0x35e] 0x12b7e: mov si, 0x80 0x12b81: rep movsb byte ptr es:[di], byte ptr [si] 0x12b83: mov ah, 0x47 0x12b85: mov dl, 0 0x12b87: lea si, word ptr [bp + 0x392] 0x12b8b: int 0x21
2018-12-17T22:16:41.93451862Z	44	PC: 12b61 \| Get time 0x12b61: cmp ch, 0x16 0x12b64: jb 0x12b69 0x12b66: jmp 0x12d59 0x12b69: cld 0x12b6a: mov cx, 7 0x12b6d: lea si, word ptr [bp + 0x325] 0x12b71: lea di, word ptr [bp + 0x32c] 0x12b75: rep movsb byte ptr es:[di], byte ptr [si] 0x12b77: mov cx, 0x2b 0x12b7a: lea di, word ptr [bp + 0x35e] 0x12b7e: mov si, 0x80 0x12b81: rep movsb byte ptr es:[di], byte ptr [si] 0x12b83: mov ah, 0x47 0x12b85: mov dl, 0 0x12b87: lea si, word ptr [bp + 0x392] 0x12b8b: int 0x21 0x12b8d: mov ah, 0x4e 0x12b8f: lea dx, word ptr [bp + 0x439] 0x12b93: mov cx, 0x10 0x12b96: int 0x21
2018-12-17T22:16:41.937049816Z	71	PC: 12b8d \| Get current directory
2018-12-17T22:16:41.941164991Z	78	PC: 12b98 \| Find first file
2018-12-17T22:16:41.952830062Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.961566626Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.969282169Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.972258658Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.975128882Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.978552484Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.981842077Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.985175822Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.9878868Z	79	PC: 12c0b \| Find next file
2018-12-17T22:16:41.991321737Z	59	PC: 12bf5 \| Change current directory
2018-12-17T22:16:41.995711364Z	59	PC: 12d3c \| Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":2966,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:47:55.128863036Z	250	PC: 12b54 \| UNKNOWN!
2018-12-25T11:47:55.129962526Z	42	PC: 12b58 \| Get date 0x12b58: cmp dh, 6 0x12b5b: jb 0x12b69 0x12b5d: mov ah, 0x2c 0x12b5f: int 0x21 0x12b61: cmp ch, 0x16 0x12b64: jb 0x12b69 0x12b66: jmp 0x12d59 0x12b69: cld 0x12b6a: mov cx, 7 0x12b6d: lea si, word ptr [bp + 0x325] 0x12b71: lea di, word ptr [bp + 0x32c] 0x12b75: rep movsb byte ptr es:[di], byte ptr [si] 0x12b77: mov cx, 0x2b 0x12b7a: lea di, word ptr [bp + 0x35e] 0x12b7e: mov si, 0x80 0x12b81: rep movsb byte ptr es:[di], byte ptr [si] 0x12b83: mov ah, 0x47 0x12b85: mov dl, 0 0x12b87: lea si, word ptr [bp + 0x392] 0x12b8b: int 0x21
2018-12-25T11:47:55.132282018Z	71	PC: 12b8d \| Get current directory
2018-12-25T11:47:55.135169419Z	78	PC: 12b98 \| Find first file
2018-12-25T11:47:55.141569605Z	79	PC: 12c0b \| Find next file
2018-12-25T11:47:55.144411346Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.153473505Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.156237259Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.165981247Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.168591677Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.171042926Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.174698757Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.177324702Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.179642778Z	59	PC: 12bf5 \| Change current directory
2018-12-25T11:47:55.184264738Z	59	PC: 12d3c \| Change current directory
2018-12-25T11:47:55.188478639Z	250	PC: 12b54 \| UNKNOWN! (See above)
2018-12-25T11:47:55.18916029Z	42	PC: 12b58 \| Get date (See above)
2018-12-25T11:47:55.191834909Z	71	PC: 12b8d \| Get current directory (See above)
2018-12-25T11:47:55.193746628Z	78	PC: 12b98 \| Find first file (See above)
2018-12-25T11:47:55.197604645Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.200725686Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.202499629Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.204184115Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.206363477Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.208312783Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.210198501Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.212061775Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.21392901Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.215428973Z	59	PC: 12bf5 \| Change current directory (See above)
2018-12-25T11:47:55.218058207Z	59	PC: 12d3c \| Change current directory (See above)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":2966,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:47:55.341000072Z	250	PC: 12b54 \| UNKNOWN!
2018-12-25T11:47:55.34210355Z	42	PC: 12b58 \| Get date 0x12b58: cmp dh, 6 0x12b5b: jb 0x12b69 0x12b5d: mov ah, 0x2c 0x12b5f: int 0x21 0x12b61: cmp ch, 0x16 0x12b64: jb 0x12b69 0x12b66: jmp 0x12d59 0x12b69: cld 0x12b6a: mov cx, 7 0x12b6d: lea si, word ptr [bp + 0x325] 0x12b71: lea di, word ptr [bp + 0x32c] 0x12b75: rep movsb byte ptr es:[di], byte ptr [si] 0x12b77: mov cx, 0x2b 0x12b7a: lea di, word ptr [bp + 0x35e] 0x12b7e: mov si, 0x80 0x12b81: rep movsb byte ptr es:[di], byte ptr [si] 0x12b83: mov ah, 0x47 0x12b85: mov dl, 0 0x12b87: lea si, word ptr [bp + 0x392] 0x12b8b: int 0x21
2018-12-25T11:47:55.344375902Z	71	PC: 12b8d \| Get current directory
2018-12-25T11:47:55.347152805Z	78	PC: 12b98 \| Find first file
2018-12-25T11:47:55.353805201Z	79	PC: 12c0b \| Find next file
2018-12-25T11:47:55.356373589Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.358913983Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.361600191Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.366150392Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.368728834Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.371254213Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.373855397Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.376199973Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.378303514Z	59	PC: 12bf5 \| Change current directory
2018-12-25T11:47:55.382850192Z	59	PC: 12d3c \| Change current directory
2018-12-25T11:47:55.387106892Z	250	PC: 12b54 \| UNKNOWN! (See above)
2018-12-25T11:47:55.387701135Z	42	PC: 12b58 \| Get date (See above)
2018-12-25T11:47:55.390274481Z	71	PC: 12b8d \| Get current directory (See above)
2018-12-25T11:47:55.398726551Z	78	PC: 12b98 \| Find first file (See above)
2018-12-25T11:47:55.407976931Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.410991067Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.413606911Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.416006541Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.418897646Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.421468954Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.423842612Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.426666356Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.429292934Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.431422054Z	59	PC: 12bf5 \| Change current directory (See above)
2018-12-25T11:47:55.435788507Z	59	PC: 12d3c \| Change current directory (See above)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":22,"Min":0,"Second":0,"TimeBased":true,"OriginalID":2966,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:47:55.465856018Z	250	PC: 12b54 \| UNKNOWN!
2018-12-25T11:47:55.467810534Z	42	PC: 12b58 \| Get date 0x12b58: cmp dh, 6 0x12b5b: jb 0x12b69 0x12b5d: mov ah, 0x2c 0x12b5f: int 0x21 0x12b61: cmp ch, 0x16 0x12b64: jb 0x12b69 0x12b66: jmp 0x12d59 0x12b69: cld 0x12b6a: mov cx, 7 0x12b6d: lea si, word ptr [bp + 0x325] 0x12b71: lea di, word ptr [bp + 0x32c] 0x12b75: rep movsb byte ptr es:[di], byte ptr [si] 0x12b77: mov cx, 0x2b 0x12b7a: lea di, word ptr [bp + 0x35e] 0x12b7e: mov si, 0x80 0x12b81: rep movsb byte ptr es:[di], byte ptr [si] 0x12b83: mov ah, 0x47 0x12b85: mov dl, 0 0x12b87: lea si, word ptr [bp + 0x392] 0x12b8b: int 0x21
2018-12-25T11:47:55.469852176Z	71	PC: 12b8d \| Get current directory
2018-12-25T11:47:55.472495682Z	78	PC: 12b98 \| Find first file
2018-12-25T11:47:55.481524906Z	79	PC: 12c0b \| Find next file
2018-12-25T11:47:55.484122728Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.486549436Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.49600244Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.498442907Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.500660451Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.503072897Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.505952374Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.508454715Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.510702857Z	59	PC: 12bf5 \| Change current directory
2018-12-25T11:47:55.515072015Z	59	PC: 12d3c \| Change current directory
2018-12-25T11:47:55.52005548Z	250	PC: 12b54 \| UNKNOWN! (See above)
2018-12-25T11:47:55.520802554Z	42	PC: 12b58 \| Get date (See above)
2018-12-25T11:47:55.524409525Z	71	PC: 12b8d \| Get current directory (See above)
2018-12-25T11:47:55.527680009Z	78	PC: 12b98 \| Find first file (See above)
2018-12-25T11:47:55.533271116Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.536616573Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.53907332Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.547631305Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.551515402Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.553948947Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.556702528Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.56016379Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.562873846Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.565179035Z	59	PC: 12bf5 \| Change current directory (See above)
2018-12-25T11:47:55.569053345Z	59	PC: 12d3c \| Change current directory (See above)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":22,"Min":0,"Second":0,"TimeBased":true,"OriginalID":2966,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:47:55.894470484Z	250	PC: 12b54 \| UNKNOWN!
2018-12-25T11:47:55.89614973Z	42	PC: 12b58 \| Get date 0x12b58: cmp dh, 6 0x12b5b: jb 0x12b69 0x12b5d: mov ah, 0x2c 0x12b5f: int 0x21 0x12b61: cmp ch, 0x16 0x12b64: jb 0x12b69 0x12b66: jmp 0x12d59 0x12b69: cld 0x12b6a: mov cx, 7 0x12b6d: lea si, word ptr [bp + 0x325] 0x12b71: lea di, word ptr [bp + 0x32c] 0x12b75: rep movsb byte ptr es:[di], byte ptr [si] 0x12b77: mov cx, 0x2b 0x12b7a: lea di, word ptr [bp + 0x35e] 0x12b7e: mov si, 0x80 0x12b81: rep movsb byte ptr es:[di], byte ptr [si] 0x12b83: mov ah, 0x47 0x12b85: mov dl, 0 0x12b87: lea si, word ptr [bp + 0x392] 0x12b8b: int 0x21
2018-12-25T11:47:55.898303884Z	71	PC: 12b8d \| Get current directory
2018-12-25T11:47:55.901037493Z	78	PC: 12b98 \| Find first file
2018-12-25T11:47:55.908623102Z	79	PC: 12c0b \| Find next file
2018-12-25T11:47:55.911084223Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.91395651Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.916487098Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.919292202Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.926857558Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.929303911Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.932758004Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.935496018Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.937986877Z	59	PC: 12bf5 \| Change current directory
2018-12-25T11:47:55.942866002Z	59	PC: 12d3c \| Change current directory
2018-12-25T11:47:55.947072606Z	250	PC: 12b54 \| UNKNOWN! (See above)
2018-12-25T11:47:55.948027855Z	42	PC: 12b58 \| Get date (See above)
2018-12-25T11:47:55.951369682Z	71	PC: 12b8d \| Get current directory (See above)
2018-12-25T11:47:55.954084314Z	78	PC: 12b98 \| Find first file (See above)
2018-12-25T11:47:55.959757948Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.962242434Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.96483977Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.967188794Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.969523481Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.978930902Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.981363789Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.984092587Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.987309212Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T11:47:55.989929609Z	59	PC: 12bf5 \| Change current directory (See above)
2018-12-25T11:47:55.994284169Z	59	PC: 12d3c \| Change current directory (See above)