Sample viewer

vx.netlux.org/Virus.DOS.Put.1939

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:23:15.143703742Z 71 PC: 15488 | Get current directory
2018-12-17T22:23:15.147946461Z 25 PC: 1548c | Get default drive
2018-12-17T22:23:15.158836039Z 59 PC: 154a4 | Change current directory
2018-12-17T22:23:15.163830269Z 26 PC: 154bd | Set disk transfer address
2018-12-17T22:23:15.165389058Z 78 PC: 152be | Find first file
2018-12-17T22:23:15.172739353Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.177309279Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.18688385Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.189939906Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.194268558Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.197891202Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.202440966Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.211031126Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.214470795Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.218086147Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.238143117Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.244009057Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.24723089Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.250992113Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.254265598Z 67 PC: 153fc | Get or set file attributes
2018-12-17T22:23:15.261801334Z 67 PC: 15404 | Get or set file attributes
2018-12-17T22:23:15.601133229Z 61 PC: 1540c | Open file (Filename = 'TEST.EXE')
2018-12-17T22:23:15.610779706Z 87 PC: 15413 | Get or set file date and time
2018-12-17T22:23:15.613020692Z 63 PC: 15353 | Read file or device (Read 48 bytes on handle 5)
2018-12-17T22:23:15.616490835Z 66 PC: 1535c | Move file pointer
2018-12-17T22:23:15.619496526Z 64 PC: 153b0 | Write file or device (Write 1939 bytes on handle 5)
2018-12-17T22:23:15.634570143Z 66 PC: 153ba | Move file pointer
2018-12-17T22:23:15.636915592Z 66 PC: 153e4 | Move file pointer
2018-12-17T22:23:15.640107239Z 64 PC: 153ee | Write file or device (Write 48 bytes on handle 5)
2018-12-17T22:23:15.643338432Z 87 PC: 15435 | Get or set file date and time
2018-12-17T22:23:15.645375791Z 62 PC: 15439 | Close file
2018-12-17T22:23:15.654825026Z 79 PC: 154ea | Find next file
2018-12-17T22:23:15.657644505Z 42 PC: 15521 | Get date 0x15521: cmp cx, 0x7c8
0x15525: ja 0x1552f
0x15527: cmp dh, 0xb
0x1552a: ja 0x1552f
0x1552c: jmp 0x1558b
0x1552e: nop
0x1552f: xor dx, 0xabcd
0x15533: mov word ptr [0x37b], dx
0x15537: mov dx, 0x502
0x1553a: mov ah, 9
0x1553c: int 0x21
0x1553e: mov ah, 8
0x15540: int 0x21
0x15542: mov dx, 0x767
0x15545: mov ah, 9
0x15547: int 0x21
0x15549: mov dx, word ptr [0x37b]
0x1554d: xor ax, ax
0x1554f: mov al, dh
0x15551: call 0x252c2
2018-12-17T22:23:15.660149317Z 9 PC: 1553e | Display string (Could not find end pointer)
2018-12-17T22:23:15.685044309Z 8 PC: 15542 | Console input without echo

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4072,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:50:56.193168886Z 71 PC: 15488 | Get current directory
2018-12-25T11:50:56.195973208Z 25 PC: 1548c | Get default drive
2018-12-25T11:50:56.197175103Z 59 PC: 154a4 | Change current directory
2018-12-25T11:50:56.201146432Z 26 PC: 154bd | Set disk transfer address
2018-12-25T11:50:56.203315219Z 78 PC: 152be | Find first file
2018-12-25T11:50:56.215611698Z 79 PC: 154ea | Find next file
2018-12-25T11:50:56.218022143Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.22084489Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.22321642Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.225650718Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.228612144Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.230993376Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.233322005Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.236229379Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.238592596Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.240882371Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.244668322Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.247089172Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.249476061Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.252828803Z 67 PC: 153fc | Get or set file attributes
2018-12-25T11:50:56.258197519Z 67 PC: 15404 | Get or set file attributes
2018-12-25T11:50:56.27334971Z 61 PC: 1540c | Open file (Filename = 'TEST.EXE')
2018-12-25T11:50:56.28085596Z 87 PC: 15413 | Get or set file date and time
2018-12-25T11:50:56.282241724Z 63 PC: 15353 | Read file or device (Read 48 bytes on handle 5)
2018-12-25T11:50:56.284737428Z 66 PC: 1535c | Move file pointer
2018-12-25T11:50:56.287626668Z 64 PC: 153b0 | Write file or device (Write 1939 bytes on handle 5)
2018-12-25T11:50:56.296629642Z 66 PC: 153ba | Move file pointer
2018-12-25T11:50:56.298565179Z 66 PC: 153e4 | Move file pointer
2018-12-25T11:50:56.300102315Z 64 PC: 153ee | Write file or device (Write 48 bytes on handle 5)
2018-12-25T11:50:56.303217788Z 87 PC: 15435 | Get or set file date and time
2018-12-25T11:50:56.3048314Z 62 PC: 15439 | Close file
2018-12-25T11:50:56.312486998Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.315691402Z 42 PC: 15521 | Get date 0x15521: cmp cx, 0x7c8
0x15525: ja 0x1552f
0x15527: cmp dh, 0xb
0x1552a: ja 0x1552f
0x1552c: jmp 0x1558b
0x1552e: nop
0x1552f: xor dx, 0xabcd
0x15533: mov word ptr [0x37b], dx
0x15537: mov dx, 0x502
0x1553a: mov ah, 9
0x1553c: int 0x21
0x1553e: mov ah, 8
0x15540: int 0x21
0x15542: mov dx, 0x767
0x15545: mov ah, 9
0x15547: int 0x21
0x15549: mov dx, word ptr [0x37b]
0x1554d: xor ax, ax
0x1554f: mov al, dh
0x15551: call 0x252c2
2018-12-25T11:50:56.317807163Z 59 PC: 1559d | Change current directory
2018-12-25T11:50:56.322451612Z 26 PC: 155ba | Set disk transfer address
2018-12-25T11:50:56.324666654Z 9 PC: 12a54 | Display string (Could not find end pointer)
2018-12-25T11:50:56.326909628Z 76 PC: 12a59 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4072,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:50:56.286028806Z 71 PC: 15488 | Get current directory
2018-12-25T11:50:56.28992278Z 25 PC: 1548c | Get default drive
2018-12-25T11:50:56.291445568Z 59 PC: 154a4 | Change current directory
2018-12-25T11:50:56.296350621Z 26 PC: 154bd | Set disk transfer address
2018-12-25T11:50:56.298687352Z 78 PC: 152be | Find first file
2018-12-25T11:50:56.306479571Z 79 PC: 154ea | Find next file
2018-12-25T11:50:56.309741294Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.314307753Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.317463204Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.320451973Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.324101423Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.329035089Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.335454643Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.338945413Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.34264947Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.345794204Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.348800472Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.352279586Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.355951586Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.35927056Z 67 PC: 153fc | Get or set file attributes
2018-12-25T11:50:56.36737185Z 67 PC: 15404 | Get or set file attributes
2018-12-25T11:50:56.3864133Z 61 PC: 1540c | Open file (Filename = 'TEST.EXE')
2018-12-25T11:50:56.39523662Z 87 PC: 15413 | Get or set file date and time
2018-12-25T11:50:56.397547475Z 63 PC: 15353 | Read file or device (Read 48 bytes on handle 5)
2018-12-25T11:50:56.402054301Z 66 PC: 1535c | Move file pointer
2018-12-25T11:50:56.405817361Z 64 PC: 153b0 | Write file or device (Write 1939 bytes on handle 5)
2018-12-25T11:50:56.416968721Z 66 PC: 153ba | Move file pointer
2018-12-25T11:50:56.419990859Z 66 PC: 153e4 | Move file pointer
2018-12-25T11:50:56.42194947Z 64 PC: 153ee | Write file or device (Write 48 bytes on handle 5)
2018-12-25T11:50:56.429565365Z 87 PC: 15435 | Get or set file date and time
2018-12-25T11:50:56.431652868Z 62 PC: 15439 | Close file
2018-12-25T11:50:56.440331488Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:56.443502652Z 42 PC: 15521 | Get date 0x15521: cmp cx, 0x7c8
0x15525: ja 0x1552f
0x15527: cmp dh, 0xb
0x1552a: ja 0x1552f
0x1552c: jmp 0x1558b
0x1552e: nop
0x1552f: xor dx, 0xabcd
0x15533: mov word ptr [0x37b], dx
0x15537: mov dx, 0x502
0x1553a: mov ah, 9
0x1553c: int 0x21
0x1553e: mov ah, 8
0x15540: int 0x21
0x15542: mov dx, 0x767
0x15545: mov ah, 9
0x15547: int 0x21
0x15549: mov dx, word ptr [0x37b]
0x1554d: xor ax, ax
0x1554f: mov al, dh
0x15551: call 0x252c2
2018-12-25T11:50:56.446577259Z 9 PC: 1553e | Display string (Could not find end pointer)
2018-12-25T11:50:56.471012235Z 8 PC: 15542 | Console input without echo

{"DateBased":true,"Day":1,"Month":1,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4072,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:50:58.113950641Z 71 PC: 15488 | Get current directory
2018-12-25T11:50:58.118731944Z 25 PC: 1548c | Get default drive
2018-12-25T11:50:58.120734038Z 59 PC: 154a4 | Change current directory
2018-12-25T11:50:58.125647677Z 26 PC: 154bd | Set disk transfer address
2018-12-25T11:50:58.127587734Z 78 PC: 152be | Find first file
2018-12-25T11:50:58.135131945Z 79 PC: 154ea | Find next file
2018-12-25T11:50:58.138283149Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.143331953Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.147128228Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.150642599Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.154117861Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.168166552Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.171997799Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.175486104Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.179368824Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.18404124Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.186975001Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.190615326Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.205474394Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.216155795Z 67 PC: 153fc | Get or set file attributes
2018-12-25T11:50:58.222675315Z 67 PC: 15404 | Get or set file attributes
2018-12-25T11:50:58.2404156Z 61 PC: 1540c | Open file (Filename = 'TEST.EXE')
2018-12-25T11:50:58.248362301Z 87 PC: 15413 | Get or set file date and time
2018-12-25T11:50:58.254173076Z 63 PC: 15353 | Read file or device (Read 48 bytes on handle 5)
2018-12-25T11:50:58.261900777Z 66 PC: 1535c | Move file pointer
2018-12-25T11:50:58.264014771Z 64 PC: 153b0 | Write file or device (Write 1939 bytes on handle 5)
2018-12-25T11:50:58.283121703Z 66 PC: 153ba | Move file pointer
2018-12-25T11:50:58.285620678Z 66 PC: 153e4 | Move file pointer
2018-12-25T11:50:58.287657453Z 64 PC: 153ee | Write file or device (Write 48 bytes on handle 5)
2018-12-25T11:50:58.291189262Z 87 PC: 15435 | Get or set file date and time
2018-12-25T11:50:58.294264841Z 62 PC: 15439 | Close file
2018-12-25T11:50:58.309233134Z 79 PC: 154ea | Find next file (See above)
2018-12-25T11:50:58.312174718Z 42 PC: 15521 | Get date 0x15521: cmp cx, 0x7c8
0x15525: ja 0x1552f
0x15527: cmp dh, 0xb
0x1552a: ja 0x1552f
0x1552c: jmp 0x1558b
0x1552e: nop
0x1552f: xor dx, 0xabcd
0x15533: mov word ptr [0x37b], dx
0x15537: mov dx, 0x502
0x1553a: mov ah, 9
0x1553c: int 0x21
0x1553e: mov ah, 8
0x15540: int 0x21
0x15542: mov dx, 0x767
0x15545: mov ah, 9
0x15547: int 0x21
0x15549: mov dx, word ptr [0x37b]
0x1554d: xor ax, ax
0x1554f: mov al, dh
0x15551: call 0x252c2
2018-12-25T11:50:58.31595879Z 9 PC: 1553e | Display string (Could not find end pointer)
2018-12-25T11:50:58.340155133Z 8 PC: 15542 | Console input without echo