Sample viewer

vx.netlux.org/Virus.DOS.SillyC.375.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:19:32.786775253Z	26	PC: 19f95 \| Set disk transfer address
2018-12-17T22:19:32.788365437Z	25	PC: 19f99 \| Get default drive
2018-12-17T22:19:32.789803972Z	14	PC: 19fa6 \| Set default drive (Drive = 'C')
2018-12-17T22:19:32.791086451Z	71	PC: 19fb1 \| Get current directory
2018-12-17T22:19:32.793913921Z	78	PC: 19fc6 \| Find first file
2018-12-17T22:19:32.797533975Z	59	PC: 1a083 \| Change current directory
2018-12-17T22:19:32.800963701Z	14	PC: 1a089 \| Set default drive (Drive = 'C')
2018-12-17T22:19:32.803624078Z	78	PC: 19fc6 \| Find first file
2018-12-17T22:19:32.807660315Z	59	PC: 1a09a \| Change current directory
2018-12-17T22:19:32.809543491Z	14	PC: 1a0ac \| Set default drive (Drive = 'A')
2018-12-17T22:19:32.811361681Z	42	PC: 1a0b0 \| Get date 0x1a0b0: cmp dx, 0x101 0x1a0b4: je 0x1a0c2 0x1a0b6: nop 0x1a0b7: nop 0x1a0b8: cmp dx, 0xc1f 0x1a0bc: je 0x1a0c2 0x1a0be: nop 0x1a0bf: nop 0x1a0c0: jmp 0x1a0d8 0x1a0c2: mov cx, 0x19 0x1a0c5: push si 0x1a0c6: add si, 0x15d 0x1a0ca: add si, cx 0x1a0cc: mov dl, byte ptr [si] 0x1a0ce: add dl, 0x40 0x1a0d1: mov ah, 2 0x1a0d3: int 0x21 0x1a0d5: pop si 0x1a0d6: loop 0x1a0c5 0x1a0d8: mov di, 0x100
2018-12-17T22:19:32.816206658Z	76	PC: 19f70 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3371,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:48:59.254171588Z	26	PC: 19f95 \| Set disk transfer address
2018-12-25T11:48:59.255030874Z	25	PC: 19f99 \| Get default drive
2018-12-25T11:48:59.255757162Z	14	PC: 19fa6 \| Set default drive (Drive = 'C')
2018-12-25T11:48:59.25664255Z	71	PC: 19fb1 \| Get current directory
2018-12-25T11:48:59.258766049Z	78	PC: 19fc6 \| Find first file
2018-12-25T11:48:59.262593983Z	59	PC: 1a083 \| Change current directory
2018-12-25T11:48:59.26587017Z	14	PC: 1a089 \| Set default drive (Drive = 'C')
2018-12-25T11:48:59.266977884Z	78	PC: 19fc6 \| Find first file (See above)
2018-12-25T11:48:59.270807581Z	59	PC: 1a09a \| Change current directory
2018-12-25T11:48:59.272412219Z	14	PC: 1a0ac \| Set default drive (Drive = 'A')
2018-12-25T11:48:59.273511252Z	42	PC: 1a0b0 \| Get date 0x1a0b0: cmp dx, 0x101 0x1a0b4: je 0x1a0c2 0x1a0b6: nop 0x1a0b7: nop 0x1a0b8: cmp dx, 0xc1f 0x1a0bc: je 0x1a0c2 0x1a0be: nop 0x1a0bf: nop 0x1a0c0: jmp 0x1a0d8 0x1a0c2: mov cx, 0x19 0x1a0c5: push si 0x1a0c6: add si, 0x15d 0x1a0ca: add si, cx 0x1a0cc: mov dl, byte ptr [si] 0x1a0ce: add dl, 0x40 0x1a0d1: mov ah, 2 0x1a0d3: int 0x21 0x1a0d5: pop si 0x1a0d6: loop 0x1a0c5 0x1a0d8: mov di, 0x100
2018-12-25T11:48:59.275828305Z	2	PC: 1a0d5 \| Character output (Char = '6e')
2018-12-25T11:48:59.277751428Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.279655823Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.281890598Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.283733589Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.285566504Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.292090787Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.29400757Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.295927519Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.298024533Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.299902954Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.301754919Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.304127846Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.305974785Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.308566092Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.310892586Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.312755182Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.314622308Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.320398168Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.322251723Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.324085849Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.326410427Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.328263678Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.330123848Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.332537795Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.336982637Z	76	PC: 19f70 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3371,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:48:59.294237581Z	26	PC: 19f95 \| Set disk transfer address
2018-12-25T11:48:59.296499316Z	25	PC: 19f99 \| Get default drive
2018-12-25T11:48:59.298544593Z	14	PC: 19fa6 \| Set default drive (Drive = 'C')
2018-12-25T11:48:59.299913443Z	71	PC: 19fb1 \| Get current directory
2018-12-25T11:48:59.302988396Z	78	PC: 19fc6 \| Find first file
2018-12-25T11:48:59.30714987Z	59	PC: 1a083 \| Change current directory
2018-12-25T11:48:59.311036389Z	14	PC: 1a089 \| Set default drive (Drive = 'C')
2018-12-25T11:48:59.312557033Z	78	PC: 19fc6 \| Find first file (See above)
2018-12-25T11:48:59.31733994Z	59	PC: 1a09a \| Change current directory
2018-12-25T11:48:59.319360355Z	14	PC: 1a0ac \| Set default drive (Drive = 'A')
2018-12-25T11:48:59.320544225Z	42	PC: 1a0b0 \| Get date 0x1a0b0: cmp dx, 0x101 0x1a0b4: je 0x1a0c2 0x1a0b6: nop 0x1a0b7: nop 0x1a0b8: cmp dx, 0xc1f 0x1a0bc: je 0x1a0c2 0x1a0be: nop 0x1a0bf: nop 0x1a0c0: jmp 0x1a0d8 0x1a0c2: mov cx, 0x19 0x1a0c5: push si 0x1a0c6: add si, 0x15d 0x1a0ca: add si, cx 0x1a0cc: mov dl, byte ptr [si] 0x1a0ce: add dl, 0x40 0x1a0d1: mov ah, 2 0x1a0d3: int 0x21 0x1a0d5: pop si 0x1a0d6: loop 0x1a0c5 0x1a0d8: mov di, 0x100
2018-12-25T11:48:59.326289579Z	76	PC: 19f70 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":31,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3371,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:48:59.347320098Z	26	PC: 19f95 \| Set disk transfer address
2018-12-25T11:48:59.349706553Z	25	PC: 19f99 \| Get default drive
2018-12-25T11:48:59.350748366Z	14	PC: 19fa6 \| Set default drive (Drive = 'C')
2018-12-25T11:48:59.351906841Z	71	PC: 19fb1 \| Get current directory
2018-12-25T11:48:59.355168718Z	78	PC: 19fc6 \| Find first file
2018-12-25T11:48:59.35884629Z	59	PC: 1a083 \| Change current directory
2018-12-25T11:48:59.362175068Z	14	PC: 1a089 \| Set default drive (Drive = 'C')
2018-12-25T11:48:59.363935399Z	78	PC: 19fc6 \| Find first file (See above)
2018-12-25T11:48:59.368018944Z	59	PC: 1a09a \| Change current directory
2018-12-25T11:48:59.369993438Z	14	PC: 1a0ac \| Set default drive (Drive = 'A')
2018-12-25T11:48:59.372265464Z	42	PC: 1a0b0 \| Get date 0x1a0b0: cmp dx, 0x101 0x1a0b4: je 0x1a0c2 0x1a0b6: nop 0x1a0b7: nop 0x1a0b8: cmp dx, 0xc1f 0x1a0bc: je 0x1a0c2 0x1a0be: nop 0x1a0bf: nop 0x1a0c0: jmp 0x1a0d8 0x1a0c2: mov cx, 0x19 0x1a0c5: push si 0x1a0c6: add si, 0x15d 0x1a0ca: add si, cx 0x1a0cc: mov dl, byte ptr [si] 0x1a0ce: add dl, 0x40 0x1a0d1: mov ah, 2 0x1a0d3: int 0x21 0x1a0d5: pop si 0x1a0d6: loop 0x1a0c5 0x1a0d8: mov di, 0x100
2018-12-25T11:48:59.374685811Z	2	PC: 1a0d5 \| Character output (Char = '6e')
2018-12-25T11:48:59.37671433Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.378946476Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.381356881Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.384171196Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.386186771Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.388320613Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.398829509Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.400795987Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.403530945Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.405522045Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.407532821Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.410573144Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.413793856Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.41584515Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.418498483Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.420471047Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.422489576Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.425198409Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.427477921Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.429454027Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.432100431Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.434350863Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.436548038Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.446870954Z	2	PC: 1a0d5 \| Character output (See above)
2018-12-25T11:48:59.451734082Z	76	PC: 19f70 \| Terminate with return code (Return code = '0')