Sample viewer

vx.netlux.org/Virus.DOS.VCL.Jerk.293

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:25:10.392851406Z 26 PC: 12a5f | Set disk transfer address
2018-12-17T22:25:10.39932146Z 42 PC: 12a63 | Get date 0x12a63: cmp al, 0
0x12a65: jne 0x12a76
0x12a67: lea dx, word ptr [bp + 0x1c5]
0x12a6b: push ax
0x12a6c: mov ax, 0x900
0x12a6f: int 0x21
0x12a71: pop ax
0x12a72: mov ah, 0x4c
0x12a74: int 0x21
0x12a76: mov ah, 0x4e
0x12a78: lea dx, word ptr [bp + 0x1bb]
0x12a7c: int 0x21
0x12a7e: jb 0x12aec
0x12a80: mov ax, 0x3d02
0x12a83: lea dx, word ptr [bp + 0x246]
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x3f
0x12a8d: mov cx, 1
0x12a90: lea dx, word ptr [bp + 0x1c4]
2018-12-17T22:25:10.401902131Z 78 PC: 12a7e | Find first file
2018-12-17T22:25:10.408526168Z 61 PC: 12a89 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:25:10.415561379Z 63 PC: 12a96 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:25:10.421800034Z 66 PC: 12aa7 | Move file pointer
2018-12-17T22:25:10.423505453Z 63 PC: 12ab2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:25:10.426108164Z 66 PC: 12abb | Move file pointer
2018-12-17T22:25:10.427879519Z 64 PC: 12ace | Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:25:10.441215636Z 66 PC: 12ad7 | Move file pointer
2018-12-17T22:25:10.442719834Z 64 PC: 12ae2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:25:10.450840837Z 62 PC: 12ae6 | Close file
2018-12-17T22:25:10.459139225Z 79 PC: 12aea | Find next file
2018-12-17T22:25:10.461681124Z 61 PC: 12a89 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:25:10.466360264Z 63 PC: 12a96 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:25:10.472540087Z 66 PC: 12aa7 | Move file pointer
2018-12-17T22:25:10.473881224Z 63 PC: 12ab2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:25:10.477164737Z 66 PC: 12abb | Move file pointer
2018-12-17T22:25:10.479517307Z 64 PC: 12ace | Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:25:10.481518398Z 66 PC: 12ad7 | Move file pointer
2018-12-17T22:25:10.483388345Z 64 PC: 12ae2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:25:10.48530718Z 62 PC: 12ae6 | Close file
2018-12-17T22:25:10.490972587Z 79 PC: 12aea | Find next file
2018-12-17T22:25:10.493802317Z 61 PC: 12a89 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:25:10.498381963Z 63 PC: 12a96 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:25:10.502914294Z 66 PC: 12aa7 | Move file pointer
2018-12-17T22:25:10.505947916Z 63 PC: 12ab2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:25:10.508357695Z 66 PC: 12abb | Move file pointer
2018-12-17T22:25:10.509951349Z 64 PC: 12ace | Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:25:10.513500838Z 66 PC: 12ad7 | Move file pointer
2018-12-17T22:25:10.515099865Z 64 PC: 12ae2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:25:10.517884715Z 62 PC: 12ae6 | Close file
2018-12-17T22:25:10.529942328Z 79 PC: 12aea | Find next file
2018-12-17T22:25:10.532696853Z 61 PC: 12a89 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:25:10.539819123Z 63 PC: 12a96 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:25:10.547240917Z 66 PC: 12aa7 | Move file pointer
2018-12-17T22:25:10.548773546Z 63 PC: 12ab2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:25:10.551090395Z 66 PC: 12abb | Move file pointer
2018-12-17T22:25:10.552990314Z 64 PC: 12ace | Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:25:10.555632933Z 66 PC: 12ad7 | Move file pointer
2018-12-17T22:25:10.556998779Z 64 PC: 12ae2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:25:10.560616659Z 62 PC: 12ae6 | Close file
2018-12-17T22:25:10.568538957Z 79 PC: 12aea | Find next file
2018-12-17T22:25:10.571446127Z 61 PC: 12a89 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:25:10.577997624Z 63 PC: 12a96 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:25:10.585566047Z 66 PC: 12aa7 | Move file pointer
2018-12-17T22:25:10.587419718Z 63 PC: 12ab2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:25:10.590096663Z 66 PC: 12abb | Move file pointer
2018-12-17T22:25:10.592349122Z 64 PC: 12ace | Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:25:10.595033866Z 66 PC: 12ad7 | Move file pointer
2018-12-17T22:25:10.596421411Z 64 PC: 12ae2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:25:10.600049174Z 62 PC: 12ae6 | Close file
2018-12-17T22:25:10.608623612Z 79 PC: 12aea | Find next file
2018-12-17T22:25:10.612381328Z 61 PC: 12a89 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:25:10.620020173Z 63 PC: 12a96 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:25:10.626471564Z 66 PC: 12aa7 | Move file pointer
2018-12-17T22:25:10.627930059Z 63 PC: 12ab2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:25:10.638382441Z 66 PC: 12abb | Move file pointer
2018-12-17T22:25:10.639922093Z 64 PC: 12ace | Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:25:10.648009189Z 66 PC: 12ad7 | Move file pointer
2018-12-17T22:25:10.650160801Z 64 PC: 12ae2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:25:10.656719767Z 62 PC: 12ae6 | Close file
2018-12-17T22:25:10.664638642Z 79 PC: 12aea | Find next file
2018-12-17T22:25:10.668194304Z 61 PC: 12a89 | Open file (Filename = 'PAH.COM')
2018-12-17T22:25:10.674678081Z 63 PC: 12a96 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:25:10.680893972Z 66 PC: 12aa7 | Move file pointer
2018-12-17T22:25:10.683247194Z 63 PC: 12ab2 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:25:10.686998403Z 66 PC: 12abb | Move file pointer
2018-12-17T22:25:10.688674046Z 64 PC: 12ace | Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:25:10.692256237Z 66 PC: 12ad7 | Move file pointer
2018-12-17T22:25:10.693925426Z 64 PC: 12ae2 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:25:10.696771651Z 62 PC: 12ae6 | Close file
2018-12-17T22:25:10.704829612Z 79 PC: 12aea | Find next file
2018-12-17T22:25:10.707821657Z 61 PC: 12a89 | Open file (Filename = 'TEST.COM')
2018-12-17T22:25:10.714230095Z 63 PC: 12a96 | Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:25:10.717766141Z 62 PC: 12ae6 | Close file
2018-12-17T22:25:10.719715164Z 79 PC: 12aea | Find next file
2018-12-17T22:25:10.722246677Z 26 PC: 12af3 | Set disk transfer address
2018-12-17T22:25:10.723802692Z 26 PC: 12a5f | Set disk transfer address
2018-12-17T22:25:10.725265821Z 42 PC: 12a63 | Get date 0x12a63: cmp al, 0
0x12a65: jne 0x12a76
0x12a67: lea dx, word ptr [bp + 0x1c5]
0x12a6b: push ax
0x12a6c: mov ax, 0x900
0x12a6f: int 0x21
0x12a71: pop ax
0x12a72: mov ah, 0x4c
0x12a74: int 0x21
0x12a76: mov ah, 0x4e
0x12a78: lea dx, word ptr [bp + 0x1bb]
0x12a7c: int 0x21
0x12a7e: jb 0x12aec
0x12a80: mov ax, 0x3d02
0x12a83: lea dx, word ptr [bp + 0x246]
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x3f
0x12a8d: mov cx, 1
0x12a90: lea dx, word ptr [bp + 0x1c4]
2018-12-17T22:25:10.727421833Z 78 PC: 12a7e | Find first file
2018-12-17T22:25:10.729498046Z 26 PC: 12af3 | Set disk transfer address
2018-12-17T22:25:10.73151184Z 26 PC: 12a5f | Set disk transfer address
2018-12-17T22:25:10.732751047Z 42 PC: 12a63 | Get date 0x12a63: cmp al, 0
0x12a65: jne 0x12a76
0x12a67: lea dx, word ptr [bp + 0x1c5]
0x12a6b: push ax
0x12a6c: mov ax, 0x900
0x12a6f: int 0x21
0x12a71: pop ax
0x12a72: mov ah, 0x4c
0x12a74: int 0x21
0x12a76: mov ah, 0x4e
0x12a78: lea dx, word ptr [bp + 0x1bb]
0x12a7c: int 0x21
0x12a7e: jb 0x12aec
0x12a80: mov ax, 0x3d02
0x12a83: lea dx, word ptr [bp + 0x246]
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x3f
0x12a8d: mov cx, 1
0x12a90: lea dx, word ptr [bp + 0x1c4]
2018-12-17T22:25:10.73520264Z 78 PC: 12a7e | Find first file
2018-12-17T22:25:10.740781643Z 26 PC: 12af3 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4449,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:52.06474227Z 26 PC: 12a5f | Set disk transfer address
2018-12-25T11:51:52.066047324Z 42 PC: 12a63 | Get date 0x12a63: cmp al, 0
0x12a65: jne 0x12a76
0x12a67: lea dx, word ptr [bp + 0x1c5]
0x12a6b: push ax
0x12a6c: mov ax, 0x900
0x12a6f: int 0x21
0x12a71: pop ax
0x12a72: mov ah, 0x4c
0x12a74: int 0x21
0x12a76: mov ah, 0x4e
0x12a78: lea dx, word ptr [bp + 0x1bb]
0x12a7c: int 0x21
0x12a7e: jb 0x12aec
0x12a80: mov ax, 0x3d02
0x12a83: lea dx, word ptr [bp + 0x246]
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x3f
0x12a8d: mov cx, 1
0x12a90: lea dx, word ptr [bp + 0x1c4]
2018-12-25T11:51:52.069777131Z 78 PC: 12a7e | Find first file
2018-12-25T11:51:52.076443048Z 61 PC: 12a89 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:51:52.083659773Z 63 PC: 12a96 | Read file or device (Read 1 bytes on handle 5)
2018-12-25T11:51:52.091329607Z 66 PC: 12aa7 | Move file pointer
2018-12-25T11:51:52.092839274Z 63 PC: 12ab2 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:51:52.095641143Z 66 PC: 12abb | Move file pointer
2018-12-25T11:51:52.101473403Z 64 PC: 12ace | Write file or device (Write 293 bytes on handle 5)
2018-12-25T11:51:52.120346226Z 66 PC: 12ad7 | Move file pointer
2018-12-25T11:51:52.121881537Z 64 PC: 12ae2 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:51:52.129678918Z 62 PC: 12ae6 | Close file
2018-12-25T11:51:52.139966808Z 79 PC: 12aea | Find next file
2018-12-25T11:51:52.142872Z 61 PC: 12a89 | Open file (See above)
2018-12-25T11:51:52.15061203Z 63 PC: 12a96 | Read file or device (See above)
2018-12-25T11:51:52.158388377Z 66 PC: 12aa7 | Move file pointer (See above)
2018-12-25T11:51:52.160084618Z 63 PC: 12ab2 | Read file or device (See above)
2018-12-25T11:51:52.163935858Z 66 PC: 12abb | Move file pointer (See above)
2018-12-25T11:51:52.165625711Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T11:51:52.168536692Z 66 PC: 12ad7 | Move file pointer (See above)
2018-12-25T11:51:52.170155991Z 64 PC: 12ae2 | Write file or device (See above)
2018-12-25T11:51:52.173026021Z 62 PC: 12ae6 | Close file (See above)
2018-12-25T11:51:52.181962206Z 79 PC: 12aea | Find next file (See above)
2018-12-25T11:51:52.185308161Z 61 PC: 12a89 | Open file (See above)
2018-12-25T11:51:52.192940049Z 63 PC: 12a96 | Read file or device (See above)
2018-12-25T11:51:52.199950989Z 66 PC: 12aa7 | Move file pointer (See above)
2018-12-25T11:51:52.201342586Z 63 PC: 12ab2 | Read file or device (See above)
2018-12-25T11:51:52.212798684Z 66 PC: 12abb | Move file pointer (See above)
2018-12-25T11:51:52.214312767Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T11:51:52.217406674Z 66 PC: 12ad7 | Move file pointer (See above)
2018-12-25T11:51:52.219647339Z 64 PC: 12ae2 | Write file or device (See above)
2018-12-25T11:51:52.222393791Z 62 PC: 12ae6 | Close file (See above)
2018-12-25T11:51:52.230822524Z 79 PC: 12aea | Find next file (See above)
2018-12-25T11:51:52.23403513Z 61 PC: 12a89 | Open file (See above)
2018-12-25T11:51:52.241181631Z 63 PC: 12a96 | Read file or device (See above)
2018-12-25T11:51:52.248113771Z 66 PC: 12aa7 | Move file pointer (See above)
2018-12-25T11:51:52.249953839Z 63 PC: 12ab2 | Read file or device (See above)
2018-12-25T11:51:52.253358409Z 66 PC: 12abb | Move file pointer (See above)
2018-12-25T11:51:52.254632209Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T11:51:52.258199323Z 66 PC: 12ad7 | Move file pointer (See above)
2018-12-25T11:51:52.259826961Z 64 PC: 12ae2 | Write file or device (See above)
2018-12-25T11:51:52.262686128Z 62 PC: 12ae6 | Close file (See above)
2018-12-25T11:51:52.271467894Z 79 PC: 12aea | Find next file (See above)
2018-12-25T11:51:52.274805753Z 61 PC: 12a89 | Open file (See above)
2018-12-25T11:51:52.282080506Z 63 PC: 12a96 | Read file or device (See above)
2018-12-25T11:51:52.28907988Z 66 PC: 12aa7 | Move file pointer (See above)
2018-12-25T11:51:52.291545676Z 63 PC: 12ab2 | Read file or device (See above)
2018-12-25T11:51:52.294406196Z 66 PC: 12abb | Move file pointer (See above)
2018-12-25T11:51:52.296069297Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T11:51:52.299917374Z 66 PC: 12ad7 | Move file pointer (See above)
2018-12-25T11:51:52.301711716Z 64 PC: 12ae2 | Write file or device (See above)
2018-12-25T11:51:52.305021721Z 62 PC: 12ae6 | Close file (See above)
2018-12-25T11:51:52.314868131Z 79 PC: 12aea | Find next file (See above)
2018-12-25T11:51:52.317933225Z 61 PC: 12a89 | Open file (See above)
2018-12-25T11:51:52.326157381Z 63 PC: 12a96 | Read file or device (See above)
2018-12-25T11:51:52.333974079Z 66 PC: 12aa7 | Move file pointer (See above)
2018-12-25T11:51:52.336834681Z 63 PC: 12ab2 | Read file or device (See above)
2018-12-25T11:51:52.339896654Z 66 PC: 12abb | Move file pointer (See above)
2018-12-25T11:51:52.341554658Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T11:51:52.350899171Z 66 PC: 12ad7 | Move file pointer (See above)
2018-12-25T11:51:52.352435361Z 64 PC: 12ae2 | Write file or device (See above)
2018-12-25T11:51:52.359613126Z 62 PC: 12ae6 | Close file (See above)
2018-12-25T11:51:52.368909144Z 79 PC: 12aea | Find next file (See above)
2018-12-25T11:51:52.371306816Z 61 PC: 12a89 | Open file (See above)
2018-12-25T11:51:52.377097718Z 63 PC: 12a96 | Read file or device (See above)
2018-12-25T11:51:52.383292657Z 66 PC: 12aa7 | Move file pointer (See above)
2018-12-25T11:51:52.384645068Z 63 PC: 12ab2 | Read file or device (See above)
2018-12-25T11:51:52.387609116Z 66 PC: 12abb | Move file pointer (See above)
2018-12-25T11:51:52.389321499Z 64 PC: 12ace | Write file or device (See above)
2018-12-25T11:51:52.391724815Z 66 PC: 12ad7 | Move file pointer (See above)
2018-12-25T11:51:52.393135843Z 64 PC: 12ae2 | Write file or device (See above)
2018-12-25T11:51:52.396283645Z 62 PC: 12ae6 | Close file (See above)
2018-12-25T11:51:52.40353638Z 79 PC: 12aea | Find next file (See above)
2018-12-25T11:51:52.406074577Z 61 PC: 12a89 | Open file (See above)
2018-12-25T11:51:52.412209131Z 63 PC: 12a96 | Read file or device (See above)
2018-12-25T11:51:52.413982043Z 62 PC: 12ae6 | Close file (See above)
2018-12-25T11:51:52.415250165Z 79 PC: 12aea | Find next file (See above)
2018-12-25T11:51:52.417154337Z 26 PC: 12af3 | Set disk transfer address
2018-12-25T11:51:52.418581228Z 26 PC: 12a5f | Set disk transfer address (See above)
2018-12-25T11:51:52.419427949Z 42 PC: 12a63 | Get date (See above)
2018-12-25T11:51:52.420932655Z 78 PC: 12a7e | Find first file (See above)
2018-12-25T11:51:52.422999176Z 26 PC: 12af3 | Set disk transfer address (See above)
2018-12-25T11:51:52.424003886Z 26 PC: 12a5f | Set disk transfer address (See above)
2018-12-25T11:51:52.424820134Z 42 PC: 12a63 | Get date (See above)
2018-12-25T11:51:52.427175049Z 78 PC: 12a7e | Find first file (See above)
2018-12-25T11:51:52.431347587Z 26 PC: 12af3 | Set disk transfer address (See above)

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4449,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:51:52.379370315Z 26 PC: 12a5f | Set disk transfer address
2018-12-25T11:51:52.380833255Z 42 PC: 12a63 | Get date 0x12a63: cmp al, 0
0x12a65: jne 0x12a76
0x12a67: lea dx, word ptr [bp + 0x1c5]
0x12a6b: push ax
0x12a6c: mov ax, 0x900
0x12a6f: int 0x21
0x12a71: pop ax
0x12a72: mov ah, 0x4c
0x12a74: int 0x21
0x12a76: mov ah, 0x4e
0x12a78: lea dx, word ptr [bp + 0x1bb]
0x12a7c: int 0x21
0x12a7e: jb 0x12aec
0x12a80: mov ax, 0x3d02
0x12a83: lea dx, word ptr [bp + 0x246]
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x3f
0x12a8d: mov cx, 1
0x12a90: lea dx, word ptr [bp + 0x1c4]
2018-12-25T11:51:52.383528624Z 9 PC: 12a71 | Display string (String= 'Je suis votre ordinateur, il est dimanche je refuse donc de travailler !')
2018-12-25T11:51:52.387504048Z 76 PC: 12a76 | Terminate with return code (Return code = '0')