Sample viewer

vx.netlux.org/Virus.DOS.SillyC.300

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:19:23.561359888Z	74	PC: 12a55 \| Reallocate memory
2018-12-17T22:19:23.563840112Z	72	PC: 12a5d \| Allocate memory
2018-12-17T22:19:23.565809275Z	47	PC: 12a63 \| Get disk transfer address
2018-12-17T22:19:23.567426513Z	26	PC: 12a70 \| Set disk transfer address
2018-12-17T22:19:23.569487255Z	42	PC: 12a74 \| Get date 0x12a74: cmp al, 3 0x12a76: jne 0x12a88 0x12a78: mov ax, 0x301 0x12a7b: mov dx, 0x80 0x12a7e: mov cx, 1 0x12a81: push cs 0x12a82: pop es 0x12a83: mov bx, 0x224 0x12a86: int 0x13 0x12a88: push cs 0x12a89: pop ds 0x12a8a: mov ah, 0x4e 0x12a8c: mov dx, 0x21e 0x12a8f: mov cx, 0x3f 0x12a92: int 0x21 0x12a94: pop ds 0x12a95: jae 0x12a9a 0x12a97: jmp 0x12b27 0x12a9a: pop es 0x12a9b: push es
2018-12-17T22:19:23.572213186Z	78	PC: 12a94 \| Find first file
2018-12-17T22:19:23.579176875Z	67	PC: 12ad0 \| Get or set file attributes
2018-12-17T22:19:23.597930206Z	61	PC: 12ad5 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:19:23.605335295Z	63	PC: 12ae3 \| Read file or device (Read 300 bytes on handle 5)
2018-12-17T22:19:23.615353977Z	66	PC: 12aec \| Move file pointer
2018-12-17T22:19:23.617658662Z	64	PC: 12af8 \| Write file or device (Write 300 bytes on handle 5)
2018-12-17T22:19:23.624330787Z	66	PC: 12b06 \| Move file pointer
2018-12-17T22:19:23.626292984Z	64	PC: 12b0d \| Write file or device (Write 300 bytes on handle 5)
2018-12-17T22:19:23.635832762Z	87	PC: 12b18 \| Get or set file date and time
2018-12-17T22:19:23.637647467Z	62	PC: 12b1c \| Close file
2018-12-17T22:19:23.646092478Z	79	PC: 12b24 \| Find next file
2018-12-17T22:19:23.649363976Z	79	PC: 12b24 \| Find next file
2018-12-17T22:19:23.655625461Z	79	PC: 12b24 \| Find next file
2018-12-17T22:19:23.658834831Z	79	PC: 12b24 \| Find next file
2018-12-17T22:19:23.662494571Z	79	PC: 12b24 \| Find next file
2018-12-17T22:19:23.666291255Z	67	PC: 12ad0 \| Get or set file attributes
2018-12-17T22:19:23.677534914Z	61	PC: 12ad5 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:19:23.68486551Z	63	PC: 12ae3 \| Read file or device (Read 300 bytes on handle 5)
2018-12-17T22:19:23.692663627Z	66	PC: 12aec \| Move file pointer
2018-12-17T22:19:23.694452187Z	64	PC: 12af8 \| Write file or device (Write 300 bytes on handle 5)
2018-12-17T22:19:23.698046196Z	66	PC: 12b06 \| Move file pointer
2018-12-17T22:19:23.721499708Z	64	PC: 12b0d \| Write file or device (Write 300 bytes on handle 5)
2018-12-17T22:19:23.733515471Z	87	PC: 12b18 \| Get or set file date and time
2018-12-17T22:19:23.735693431Z	62	PC: 12b1c \| Close file
2018-12-17T22:19:23.759968648Z	79	PC: 12b24 \| Find next file
2018-12-17T22:19:23.763512822Z	79	PC: 12b24 \| Find next file
2018-12-17T22:19:23.767079111Z	67	PC: 12ad0 \| Get or set file attributes
2018-12-17T22:19:23.77962138Z	61	PC: 12ad5 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:19:23.787791148Z	63	PC: 12ae3 \| Read file or device (Read 300 bytes on handle 5)
2018-12-17T22:19:23.791617159Z	66	PC: 12aec \| Move file pointer
2018-12-17T22:19:23.795275751Z	64	PC: 12af8 \| Write file or device (Write 300 bytes on handle 5)
2018-12-17T22:19:23.807777871Z	66	PC: 12b06 \| Move file pointer
2018-12-17T22:19:23.80935394Z	64	PC: 12b0d \| Write file or device (Write 300 bytes on handle 5)
2018-12-17T22:19:23.820316377Z	87	PC: 12b18 \| Get or set file date and time
2018-12-17T22:19:23.82228179Z	62	PC: 12b1c \| Close file
2018-12-17T22:19:23.832783044Z	79	PC: 12b24 \| Find next file
2018-12-17T22:19:23.845303825Z	26	PC: 12b2e \| Set disk transfer address
2018-12-17T22:19:23.848313666Z	73	PC: 21f9d \| Release memory
2018-12-17T22:19:23.850232583Z	9	PC: 12a85 \| Display string (String= ' ')
2018-12-17T22:19:23.856736336Z	0	PC: 12a89 \| Program terminate

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3336,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:48:57.931614959Z	74	PC: 12a55 \| Reallocate memory
2018-12-25T11:48:57.934740621Z	72	PC: 12a5d \| Allocate memory
2018-12-25T11:48:57.937022813Z	47	PC: 12a63 \| Get disk transfer address
2018-12-25T11:48:57.938708398Z	26	PC: 12a70 \| Set disk transfer address
2018-12-25T11:48:57.940994168Z	42	PC: 12a74 \| Get date 0x12a74: cmp al, 3 0x12a76: jne 0x12a88 0x12a78: mov ax, 0x301 0x12a7b: mov dx, 0x80 0x12a7e: mov cx, 1 0x12a81: push cs 0x12a82: pop es 0x12a83: mov bx, 0x224 0x12a86: int 0x13 0x12a88: push cs 0x12a89: pop ds 0x12a8a: mov ah, 0x4e 0x12a8c: mov dx, 0x21e 0x12a8f: mov cx, 0x3f 0x12a92: int 0x21 0x12a94: pop ds 0x12a95: jae 0x12a9a 0x12a97: jmp 0x12b27 0x12a9a: pop es 0x12a9b: push es
2018-12-25T11:48:57.943779613Z	78	PC: 12a94 \| Find first file
2018-12-25T11:48:57.950793943Z	67	PC: 12ad0 \| Get or set file attributes
2018-12-25T11:48:57.968371025Z	61	PC: 12ad5 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:48:57.977927236Z	63	PC: 12ae3 \| Read file or device (Read 300 bytes on handle 5)
2018-12-25T11:48:57.989523524Z	66	PC: 12aec \| Move file pointer
2018-12-25T11:48:57.99116952Z	64	PC: 12af8 \| Write file or device (Write 300 bytes on handle 5)
2018-12-25T11:48:57.996015735Z	66	PC: 12b06 \| Move file pointer
2018-12-25T11:48:58.000405497Z	64	PC: 12b0d \| Write file or device (Write 300 bytes on handle 5)
2018-12-25T11:48:58.009834273Z	87	PC: 12b18 \| Get or set file date and time
2018-12-25T11:48:58.015303476Z	62	PC: 12b1c \| Close file
2018-12-25T11:48:58.02312338Z	79	PC: 12b24 \| Find next file
2018-12-25T11:48:58.026147891Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.030039923Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.032873759Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.035925058Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.040609909Z	67	PC: 12ad0 \| Get or set file attributes (See above)
2018-12-25T11:48:58.256538978Z	61	PC: 12ad5 \| Open file (See above)
2018-12-25T11:48:58.261115733Z	63	PC: 12ae3 \| Read file or device (See above)
2018-12-25T11:48:58.266277239Z	66	PC: 12aec \| Move file pointer (See above)
2018-12-25T11:48:58.26761326Z	64	PC: 12af8 \| Write file or device (See above)
2018-12-25T11:48:58.27048731Z	66	PC: 12b06 \| Move file pointer (See above)
2018-12-25T11:48:58.272005883Z	64	PC: 12b0d \| Write file or device (See above)
2018-12-25T11:48:58.379838716Z	87	PC: 12b18 \| Get or set file date and time (See above)
2018-12-25T11:48:58.387346733Z	62	PC: 12b1c \| Close file (See above)
2018-12-25T11:48:58.396145913Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.399765067Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.40235858Z	67	PC: 12ad0 \| Get or set file attributes (See above)
2018-12-25T11:48:58.41360761Z	61	PC: 12ad5 \| Open file (See above)
2018-12-25T11:48:58.418785658Z	63	PC: 12ae3 \| Read file or device (See above)
2018-12-25T11:48:58.421510554Z	66	PC: 12aec \| Move file pointer (See above)
2018-12-25T11:48:58.422871422Z	64	PC: 12af8 \| Write file or device (See above)
2018-12-25T11:48:58.426429268Z	66	PC: 12b06 \| Move file pointer (See above)
2018-12-25T11:48:58.427836701Z	64	PC: 12b0d \| Write file or device (See above)
2018-12-25T11:48:58.437085128Z	87	PC: 12b18 \| Get or set file date and time (See above)
2018-12-25T11:48:58.444309047Z	62	PC: 12b1c \| Close file (See above)
2018-12-25T11:48:58.452587935Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.455107615Z	26	PC: 12b2e \| Set disk transfer address
2018-12-25T11:48:58.45670005Z	73	PC: 21f9d \| Release memory
2018-12-25T11:48:58.45815004Z	9	PC: 12a85 \| Display string (String= ' ')
2018-12-25T11:48:58.464454974Z	0	PC: 12a89 \| Program terminate

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3336,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:48:58.018006452Z	74	PC: 12a55 \| Reallocate memory
2018-12-25T11:48:58.019758654Z	72	PC: 12a5d \| Allocate memory
2018-12-25T11:48:58.021266393Z	47	PC: 12a63 \| Get disk transfer address
2018-12-25T11:48:58.022262618Z	26	PC: 12a70 \| Set disk transfer address
2018-12-25T11:48:58.023868532Z	42	PC: 12a74 \| Get date 0x12a74: cmp al, 3 0x12a76: jne 0x12a88 0x12a78: mov ax, 0x301 0x12a7b: mov dx, 0x80 0x12a7e: mov cx, 1 0x12a81: push cs 0x12a82: pop es 0x12a83: mov bx, 0x224 0x12a86: int 0x13 0x12a88: push cs 0x12a89: pop ds 0x12a8a: mov ah, 0x4e 0x12a8c: mov dx, 0x21e 0x12a8f: mov cx, 0x3f 0x12a92: int 0x21 0x12a94: pop ds 0x12a95: jae 0x12a9a 0x12a97: jmp 0x12b27 0x12a9a: pop es 0x12a9b: push es
2018-12-25T11:48:58.38071925Z	78	PC: 12a94 \| Find first file
2018-12-25T11:48:58.387361609Z	67	PC: 12ad0 \| Get or set file attributes
2018-12-25T11:48:58.404327413Z	61	PC: 12ad5 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:48:58.411575239Z	63	PC: 12ae3 \| Read file or device (Read 300 bytes on handle 5)
2018-12-25T11:48:58.418788985Z	66	PC: 12aec \| Move file pointer
2018-12-25T11:48:58.420646312Z	64	PC: 12af8 \| Write file or device (Write 300 bytes on handle 5)
2018-12-25T11:48:58.42363441Z	66	PC: 12b06 \| Move file pointer
2018-12-25T11:48:58.425233756Z	64	PC: 12b0d \| Write file or device (Write 300 bytes on handle 5)
2018-12-25T11:48:58.435032363Z	87	PC: 12b18 \| Get or set file date and time
2018-12-25T11:48:58.436127014Z	62	PC: 12b1c \| Close file
2018-12-25T11:48:58.444643462Z	79	PC: 12b24 \| Find next file
2018-12-25T11:48:58.447960256Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.450753928Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.453462412Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.456440794Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.468878851Z	67	PC: 12ad0 \| Get or set file attributes (See above)
2018-12-25T11:48:58.479606642Z	61	PC: 12ad5 \| Open file (See above)
2018-12-25T11:48:58.486886553Z	63	PC: 12ae3 \| Read file or device (See above)
2018-12-25T11:48:58.494016894Z	66	PC: 12aec \| Move file pointer (See above)
2018-12-25T11:48:58.495613898Z	64	PC: 12af8 \| Write file or device (See above)
2018-12-25T11:48:58.498593997Z	66	PC: 12b06 \| Move file pointer (See above)
2018-12-25T11:48:58.501398382Z	64	PC: 12b0d \| Write file or device (See above)
2018-12-25T11:48:58.51058414Z	87	PC: 12b18 \| Get or set file date and time (See above)
2018-12-25T11:48:58.512110334Z	62	PC: 12b1c \| Close file (See above)
2018-12-25T11:48:58.524716975Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.527899018Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.531082681Z	67	PC: 12ad0 \| Get or set file attributes (See above)
2018-12-25T11:48:58.542800537Z	61	PC: 12ad5 \| Open file (See above)
2018-12-25T11:48:58.550071469Z	63	PC: 12ae3 \| Read file or device (See above)
2018-12-25T11:48:58.552770746Z	66	PC: 12aec \| Move file pointer (See above)
2018-12-25T11:48:58.554830881Z	64	PC: 12af8 \| Write file or device (See above)
2018-12-25T11:48:58.557622967Z	66	PC: 12b06 \| Move file pointer (See above)
2018-12-25T11:48:58.559036385Z	64	PC: 12b0d \| Write file or device (See above)
2018-12-25T11:48:58.568674094Z	87	PC: 12b18 \| Get or set file date and time (See above)
2018-12-25T11:48:58.570192352Z	62	PC: 12b1c \| Close file (See above)
2018-12-25T11:48:58.579263033Z	79	PC: 12b24 \| Find next file (See above)
2018-12-25T11:48:58.582354616Z	26	PC: 12b2e \| Set disk transfer address
2018-12-25T11:48:58.583823578Z	73	PC: 21f9d \| Release memory
2018-12-25T11:48:58.585320812Z	9	PC: 12a85 \| Display string (String= ' ')
2018-12-25T11:48:58.59180916Z	0	PC: 12a89 \| Program terminate