Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.647

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:23:16.773575801Z	44	PC: 12b84 \| Get time 0x12b84: cmp byte ptr [0x106], 0 0x12b89: je 0x12b90 0x12b8b: cmp dh, 0xf 0x12b8e: jg 0x12b99 0x12b90: cmp dl, 0 0x12b93: je 0x12b80 0x12b95: mov byte ptr [0x106], dl 0x12b99: mov byte ptr [0x235], 0 0x12b9e: mov byte ptr [0x236], 4 0x12ba3: mov byte ptr [0x23f], 0 0x12ba8: mov cx, 0x27 0x12bab: mov dx, 0x13c 0x12bae: mov ah, 0x4e 0x12bb0: int 0x21 0x12bb2: cmp ax, 0x12 0x12bb5: je 0x12bba 0x12bb7: call 0x12bdc 0x12bba: mov cx, 0x27 0x12bbd: mov dx, 0x142 0x12bc0: mov ah, 0x4e
2018-12-17T22:23:16.779582276Z	78	PC: 12bb2 \| Find first file
2018-12-17T22:23:16.78723565Z	67	PC: 12bfd \| Get or set file attributes
2018-12-17T22:23:17.280663518Z	61	PC: 12c03 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:23:17.291605886Z	63	PC: 12c12 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:23:17.293964494Z	62	PC: 12c46 \| Close file
2018-12-17T22:23:17.295936916Z	61	PC: 12c4f \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:23:17.302634152Z	64	PC: 12a5f \| Write file or device (Write 647 bytes on handle 5)
2018-12-17T22:23:17.311435525Z	87	PC: 12c77 \| Get or set file date and time
2018-12-17T22:23:17.31353782Z	62	PC: 12c7f \| Close file
2018-12-17T22:23:17.32228056Z	67	PC: 12c8c \| Get or set file attributes
2018-12-17T22:23:17.328151719Z	79	PC: 12c36 \| Find next file
2018-12-17T22:23:17.332641747Z	78	PC: 12bc4 \| Find first file
2018-12-17T22:23:17.341930546Z	67	PC: 12bfd \| Get or set file attributes
2018-12-17T22:23:17.360788883Z	61	PC: 12c03 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:23:17.365290514Z	63	PC: 12c12 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:23:17.372704397Z	62	PC: 12c46 \| Close file
2018-12-17T22:23:17.375960167Z	61	PC: 12c4f \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:23:17.382467458Z	64	PC: 12a5f \| Write file or device (Write 647 bytes on handle 5)
2018-12-17T22:23:17.389642807Z	87	PC: 12c77 \| Get or set file date and time
2018-12-17T22:23:17.391879733Z	62	PC: 12c7f \| Close file
2018-12-17T22:23:17.398175905Z	67	PC: 12c8c \| Get or set file attributes
2018-12-17T22:23:17.401984892Z	79	PC: 12c36 \| Find next file
2018-12-17T22:23:17.404369738Z	67	PC: 12bfd \| Get or set file attributes
2018-12-17T22:23:17.411748168Z	61	PC: 12c03 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:23:17.41623077Z	63	PC: 12c12 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:23:17.420802481Z	62	PC: 12c46 \| Close file
2018-12-17T22:23:17.42297024Z	61	PC: 12c4f \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:23:17.427386089Z	64	PC: 12a5f \| Write file or device (Write 647 bytes on handle 5)
2018-12-17T22:23:17.44026736Z	87	PC: 12c77 \| Get or set file date and time
2018-12-17T22:23:17.442683936Z	62	PC: 12c7f \| Close file
2018-12-17T22:23:17.451503563Z	67	PC: 12c8c \| Get or set file attributes
2018-12-17T22:23:17.45675718Z	79	PC: 12c36 \| Find next file
2018-12-17T22:23:17.463808589Z	67	PC: 12bfd \| Get or set file attributes
2018-12-17T22:23:17.485455716Z	61	PC: 12c03 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:23:17.493342765Z	63	PC: 12c12 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:23:17.501703669Z	62	PC: 12c46 \| Close file
2018-12-17T22:23:17.503980674Z	61	PC: 12c4f \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:23:17.511770471Z	64	PC: 12a5f \| Write file or device (Write 647 bytes on handle 5)
2018-12-17T22:23:17.522533258Z	87	PC: 12c77 \| Get or set file date and time
2018-12-17T22:23:17.526900435Z	62	PC: 12c7f \| Close file
2018-12-17T22:23:17.537248547Z	67	PC: 12c8c \| Get or set file attributes
2018-12-17T22:23:17.543288254Z	9	PC: 12cbb \| Display string (String= 'Program too big to fit in memory')
2018-12-17T22:23:17.546501702Z	76	PC: 12cbf \| Terminate with return code (Return code = '36')