Sample viewer

vx.netlux.org/Virus.DOS.Traven.515

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:24:46.688332087Z 26 PC: 13dee | Set disk transfer address
2018-12-17T22:24:46.69881038Z 53 PC: 13eb4 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:24:46.699956732Z 37 PC: 13ed0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:24:46.701042773Z 78 PC: 13dfe | Find first file
2018-12-17T22:24:46.713485556Z 61 PC: 13e0e | Open file
2018-12-17T22:24:46.720040453Z 63 PC: 13eeb | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:46.727832861Z 62 PC: 13ead | Close file
2018-12-17T22:24:46.731518693Z 79 PC: 13dfe | Find next file
2018-12-17T22:24:46.73441629Z 61 PC: 13e0e | Open file
2018-12-17T22:24:46.741406067Z 63 PC: 13eeb | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:46.748375117Z 62 PC: 13ead | Close file
2018-12-17T22:24:46.750383227Z 79 PC: 13dfe | Find next file
2018-12-17T22:24:46.752938035Z 61 PC: 13e0e | Open file
2018-12-17T22:24:46.761677531Z 63 PC: 13eeb | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:46.768961669Z 62 PC: 13ead | Close file
2018-12-17T22:24:46.771058363Z 79 PC: 13dfe | Find next file
2018-12-17T22:24:46.77402808Z 61 PC: 13e0e | Open file
2018-12-17T22:24:46.781216424Z 63 PC: 13eeb | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:46.787534074Z 62 PC: 13ead | Close file
2018-12-17T22:24:46.789150564Z 79 PC: 13dfe | Find next file
2018-12-17T22:24:46.797731968Z 61 PC: 13e0e | Open file
2018-12-17T22:24:46.804776361Z 63 PC: 13eeb | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:46.811398874Z 62 PC: 13ead | Close file
2018-12-17T22:24:46.814337956Z 79 PC: 13dfe | Find next file
2018-12-17T22:24:46.817363697Z 61 PC: 13e0e | Open file
2018-12-17T22:24:46.824283007Z 63 PC: 13eeb | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:46.831561923Z 62 PC: 13ead | Close file
2018-12-17T22:24:46.833663717Z 79 PC: 13dfe | Find next file
2018-12-17T22:24:46.837319381Z 61 PC: 13e0e | Open file
2018-12-17T22:24:46.845005653Z 63 PC: 13eeb | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:46.851758185Z 62 PC: 13ead | Close file
2018-12-17T22:24:46.854034698Z 79 PC: 13dfe | Find next file
2018-12-17T22:24:46.858012831Z 61 PC: 13e0e | Open file
2018-12-17T22:24:46.864515089Z 63 PC: 13eeb | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:24:46.868159636Z 62 PC: 13ead | Close file
2018-12-17T22:24:46.870395987Z 79 PC: 13dfe | Find next file
2018-12-17T22:24:46.872696878Z 26 PC: 13f67 | Set disk transfer address
2018-12-17T22:24:46.873739106Z 37 PC: 13ed0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:24:46.875416666Z 44 PC: 13f6c | Get time 0x13f6c: cmp dh, 1
0x13f6f: jae 0x13f7b
0x13f71: cmp cl, 0x15
0x13f74: jb 0x13f7b
0x13f76: call 0x23f46
0x13f79: jmp 0x13f8b
0x13f7b: pop ds
0x13f7c: mov di, 0x100
0x13f7f: push di
0x13f80: xor bx, bx
0x13f82: xor dx, dx
0x13f84: xor ax, ax
0x13f86: xor si, si
0x13f88: push ds
0x13f89: pop es
0x13f8a: ret
0x13f8b: mov al, 7
0x13f8d: call 0x13f97
0x13f90: mov al, 0
0x13f92: call 0x13f97
2018-12-17T22:24:46.877793512Z 9 PC: 13dc6 | Display string (String= 'CDEFG-This is a 5000 byte COM test, 1994 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":4377,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:35.908480292Z 26 PC: 13dee | Set disk transfer address
2018-12-25T11:51:35.911963571Z 53 PC: 13eb4 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:35.91346451Z 37 PC: 13ed0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:35.91543184Z 78 PC: 13dfe | Find first file
2018-12-25T11:51:35.924025551Z 61 PC: 13e0e | Open file
2018-12-25T11:51:35.932051093Z 63 PC: 13eeb | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:51:35.944991056Z 62 PC: 13ead | Close file
2018-12-25T11:51:35.947344249Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:35.950243167Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:35.957023008Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:35.963107272Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:35.964972827Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:35.967874041Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:35.974543277Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:35.98181972Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:35.983510892Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:35.986405944Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:35.9940053Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.000715948Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.002480238Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.005887933Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.009984397Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.016216603Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.019051863Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.021584933Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.028597586Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.036126989Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.03814618Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.040944183Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.048198808Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.054602836Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.056380167Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.059831236Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.066612817Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.070336909Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.072098781Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.075333546Z 26 PC: 13f67 | Set disk transfer address
2018-12-25T11:51:36.076373033Z 37 PC: 13ed0 | Set interrupt vector (See above)
2018-12-25T11:51:36.077475796Z 44 PC: 13f6c | Get time 0x13f6c: cmp dh, 1
0x13f6f: jae 0x13f7b
0x13f71: cmp cl, 0x15
0x13f74: jb 0x13f7b
0x13f76: call 0x23f46
0x13f79: jmp 0x13f8b
0x13f7b: pop ds
0x13f7c: mov di, 0x100
0x13f7f: push di
0x13f80: xor bx, bx
0x13f82: xor dx, dx
0x13f84: xor ax, ax
0x13f86: xor si, si
0x13f88: push ds
0x13f89: pop es
0x13f8a: ret
0x13f8b: mov al, 7
0x13f8d: call 0x13f97
0x13f90: mov al, 0
0x13f92: call 0x13f97
2018-12-25T11:51:36.080702519Z 9 PC: 13dc6 | Display string (String= 'CDEFG-This is a 5000 byte COM test, 1994 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":2,"TimeBased":true,"OriginalID":4377,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:36.011369858Z 26 PC: 13dee | Set disk transfer address
2018-12-25T11:51:36.012872616Z 53 PC: 13eb4 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:36.01425523Z 37 PC: 13ed0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:36.015788563Z 78 PC: 13dfe | Find first file
2018-12-25T11:51:36.023654208Z 61 PC: 13e0e | Open file
2018-12-25T11:51:36.030738619Z 63 PC: 13eeb | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:51:36.038207786Z 62 PC: 13ead | Close file
2018-12-25T11:51:36.045047693Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.048565301Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.057053612Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.064520678Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.066619131Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.069486501Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.076679936Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.084020381Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.085878711Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.088601278Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.096427584Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.10346814Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.105193309Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.108351533Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.11563926Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.123331142Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.126712688Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.129726064Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.136963373Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.145780129Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.147854012Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.150787753Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.158356969Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.167838375Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.16963056Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.172404068Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.180098299Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.183080109Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.185081922Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.188884362Z 26 PC: 13f67 | Set disk transfer address
2018-12-25T11:51:36.190410906Z 37 PC: 13ed0 | Set interrupt vector (See above)
2018-12-25T11:51:36.192140963Z 44 PC: 13f6c | Get time 0x13f6c: cmp dh, 1
0x13f6f: jae 0x13f7b
0x13f71: cmp cl, 0x15
0x13f74: jb 0x13f7b
0x13f76: call 0x23f46
0x13f79: jmp 0x13f8b
0x13f7b: pop ds
0x13f7c: mov di, 0x100
0x13f7f: push di
0x13f80: xor bx, bx
0x13f82: xor dx, dx
0x13f84: xor ax, ax
0x13f86: xor si, si
0x13f88: push ds
0x13f89: pop es
0x13f8a: ret
0x13f8b: mov al, 7
0x13f8d: call 0x13f97
0x13f90: mov al, 0
0x13f92: call 0x13f97
2018-12-25T11:51:36.195132705Z 9 PC: 13dc6 | Display string (String= 'CDEFG-This is a 5000 byte COM test, 1994 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":21,"Second":2,"TimeBased":true,"OriginalID":4377,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:36.463122372Z 26 PC: 13dee | Set disk transfer address
2018-12-25T11:51:36.464464077Z 53 PC: 13eb4 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:36.465372168Z 37 PC: 13ed0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:51:36.466163481Z 78 PC: 13dfe | Find first file
2018-12-25T11:51:36.470380345Z 61 PC: 13e0e | Open file
2018-12-25T11:51:36.474507251Z 63 PC: 13eeb | Read file or device (Read 4 bytes on handle 5)
2018-12-25T11:51:36.478828746Z 62 PC: 13ead | Close file
2018-12-25T11:51:36.49066723Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.492888207Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.502536657Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.507863648Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.509194635Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.511154531Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.516661223Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.521253458Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.522559912Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.524623796Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.544947336Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.549980171Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.551607317Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.554901887Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.561591543Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.567923453Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.569965866Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.57237008Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.578624936Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.585711592Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.587295171Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.589726359Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.59637162Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.602708088Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.604284658Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.607318603Z 61 PC: 13e0e | Open file (See above)
2018-12-25T11:51:36.613727819Z 63 PC: 13eeb | Read file or device (See above)
2018-12-25T11:51:36.619701837Z 62 PC: 13ead | Close file (See above)
2018-12-25T11:51:36.62165558Z 79 PC: 13dfe | Find next file (See above)
2018-12-25T11:51:36.623916795Z 26 PC: 13f67 | Set disk transfer address
2018-12-25T11:51:36.624821637Z 37 PC: 13ed0 | Set interrupt vector (See above)
2018-12-25T11:51:36.626262056Z 44 PC: 13f6c | Get time 0x13f6c: cmp dh, 1
0x13f6f: jae 0x13f7b
0x13f71: cmp cl, 0x15
0x13f74: jb 0x13f7b
0x13f76: call 0x23f46
0x13f79: jmp 0x13f8b
0x13f7b: pop ds
0x13f7c: mov di, 0x100
0x13f7f: push di
0x13f80: xor bx, bx
0x13f82: xor dx, dx
0x13f84: xor ax, ax
0x13f86: xor si, si
0x13f88: push ds
0x13f89: pop es
0x13f8a: ret
0x13f8b: mov al, 7
0x13f8d: call 0x13f97
0x13f90: mov al, 0
0x13f92: call 0x13f97
2018-12-25T11:51:36.62821161Z 9 PC: 13dc6 | Display string (String= 'CDEFG-This is a 5000 byte COM test, 1994 ')