Sample viewer

vx.netlux.org/Virus.DOS.Vienna.648.j

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:25:46.323636662Z 48 PC: 12abd | Get DOS version
2018-12-17T22:25:46.325275481Z 47 PC: 12ac9 | Get disk transfer address
2018-12-17T22:25:46.327002474Z 26 PC: 12adc | Set disk transfer address
2018-12-17T22:25:46.328104991Z 78 PC: 12b68 | Find first file
2018-12-17T22:25:46.335806117Z 79 PC: 12b6e | Find next file
2018-12-17T22:25:46.33961455Z 67 PC: 12ba6 | Get or set file attributes
2018-12-17T22:25:46.345861633Z 67 PC: 12bb9 | Get or set file attributes
2018-12-17T22:25:46.358999362Z 61 PC: 12bc4 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:25:46.371615333Z 87 PC: 12bd0 | Get or set file date and time
2018-12-17T22:25:46.373301081Z 44 PC: 12bdc | Get time 0x12bdc: and dh, 7
0x12bdf: jne 0x12bf1
0x12be1: mov ah, 0x40
0x12be3: mov cx, 5
0x12be6: mov dx, si
0x12be8: add dx, 0x8a
0x12bec: int 0x21
0x12bee: jmp 0x12c55
0x12bf0: nop
0x12bf1: mov ah, 0x3f
0x12bf3: mov cx, 3
0x12bf6: mov dx, 0xa
0x12bf9: nop
0x12bfa: add dx, si
0x12bfc: int 0x21
0x12bfe: jb 0x12c55
0x12c00: cmp ax, 3
0x12c03: jne 0x12c55
0x12c05: mov ax, 0x4202
0x12c08: mov cx, 0
2018-12-17T22:25:46.375534132Z 63 PC: 12bfe | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:25:46.382910981Z 66 PC: 12c10 | Move file pointer
2018-12-17T22:25:46.391901119Z 64 PC: 12c34 | Write file or device (Write 648 bytes on handle 5)
2018-12-17T22:25:46.400195715Z 66 PC: 12c46 | Move file pointer
2018-12-17T22:25:46.40196776Z 64 PC: 12c55 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:25:46.409602362Z 87 PC: 12c6a | Get or set file date and time
2018-12-17T22:25:46.410794461Z 62 PC: 12c6e | Close file
2018-12-17T22:25:46.417481122Z 67 PC: 12c7d | Get or set file attributes
2018-12-17T22:25:46.432891628Z 26 PC: 12c8a | Set disk transfer address
2018-12-17T22:25:46.434297219Z 9 PC: 12aa2 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":4561,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:09.477139224Z 48 PC: 12abd | Get DOS version
2018-12-25T11:52:09.479507299Z 47 PC: 12ac9 | Get disk transfer address
2018-12-25T11:52:09.481074851Z 26 PC: 12adc | Set disk transfer address
2018-12-25T11:52:09.482848845Z 78 PC: 12b68 | Find first file
2018-12-25T11:52:09.490221213Z 79 PC: 12b6e | Find next file
2018-12-25T11:52:09.493437071Z 67 PC: 12ba6 | Get or set file attributes
2018-12-25T11:52:09.499255907Z 67 PC: 12bb9 | Get or set file attributes
2018-12-25T11:52:09.521741833Z 61 PC: 12bc4 | Open file (Filename = 'PRINT.COM')
2018-12-25T11:52:09.528212277Z 87 PC: 12bd0 | Get or set file date and time
2018-12-25T11:52:09.529446757Z 44 PC: 12bdc | Get time 0x12bdc: and dh, 7
0x12bdf: jne 0x12bf1
0x12be1: mov ah, 0x40
0x12be3: mov cx, 5
0x12be6: mov dx, si
0x12be8: add dx, 0x8a
0x12bec: int 0x21
0x12bee: jmp 0x12c55
0x12bf0: nop
0x12bf1: mov ah, 0x3f
0x12bf3: mov cx, 3
0x12bf6: mov dx, 0xa
0x12bf9: nop
0x12bfa: add dx, si
0x12bfc: int 0x21
0x12bfe: jb 0x12c55
0x12c00: cmp ax, 3
0x12c03: jne 0x12c55
0x12c05: mov ax, 0x4202
0x12c08: mov cx, 0
2018-12-25T11:52:09.532187647Z 63 PC: 12bfe | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:52:09.538416261Z 66 PC: 12c10 | Move file pointer
2018-12-25T11:52:09.539768159Z 64 PC: 12c34 | Write file or device (Write 648 bytes on handle 5)
2018-12-25T11:52:09.548422771Z 66 PC: 12c46 | Move file pointer
2018-12-25T11:52:09.550686546Z 64 PC: 12c55 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:52:09.55526655Z 87 PC: 12c6a | Get or set file date and time
2018-12-25T11:52:09.556465143Z 62 PC: 12c6e | Close file
2018-12-25T11:52:09.561889092Z 67 PC: 12c7d | Get or set file attributes
2018-12-25T11:52:09.569332623Z 26 PC: 12c8a | Set disk transfer address
2018-12-25T11:52:09.570354402Z 9 PC: 12aa2 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":7,"TimeBased":true,"OriginalID":4561,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:09.703946899Z 48 PC: 12abd | Get DOS version
2018-12-25T11:52:09.707915762Z 47 PC: 12ac9 | Get disk transfer address
2018-12-25T11:52:09.709115277Z 26 PC: 12adc | Set disk transfer address
2018-12-25T11:52:09.710379679Z 78 PC: 12b68 | Find first file
2018-12-25T11:52:09.718262656Z 79 PC: 12b6e | Find next file
2018-12-25T11:52:09.721290918Z 67 PC: 12ba6 | Get or set file attributes
2018-12-25T11:52:09.727018845Z 67 PC: 12bb9 | Get or set file attributes
2018-12-25T11:52:09.74673187Z 61 PC: 12bc4 | Open file (Filename = 'PRINT.COM')
2018-12-25T11:52:09.766282183Z 87 PC: 12bd0 | Get or set file date and time
2018-12-25T11:52:09.769120611Z 44 PC: 12bdc | Get time 0x12bdc: and dh, 7
0x12bdf: jne 0x12bf1
0x12be1: mov ah, 0x40
0x12be3: mov cx, 5
0x12be6: mov dx, si
0x12be8: add dx, 0x8a
0x12bec: int 0x21
0x12bee: jmp 0x12c55
0x12bf0: nop
0x12bf1: mov ah, 0x3f
0x12bf3: mov cx, 3
0x12bf6: mov dx, 0xa
0x12bf9: nop
0x12bfa: add dx, si
0x12bfc: int 0x21
0x12bfe: jb 0x12c55
0x12c00: cmp ax, 3
0x12c03: jne 0x12c55
0x12c05: mov ax, 0x4202
0x12c08: mov cx, 0
2018-12-25T11:52:09.771460417Z 63 PC: 12bfe | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:52:09.778681845Z 66 PC: 12c10 | Move file pointer
2018-12-25T11:52:09.780077565Z 64 PC: 12c34 | Write file or device (Write 648 bytes on handle 5)
2018-12-25T11:52:09.788529749Z 66 PC: 12c46 | Move file pointer
2018-12-25T11:52:09.805538241Z 64 PC: 12c55 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:52:09.812053019Z 87 PC: 12c6a | Get or set file date and time
2018-12-25T11:52:09.813410583Z 62 PC: 12c6e | Close file
2018-12-25T11:52:09.83466512Z 67 PC: 12c7d | Get or set file attributes
2018-12-25T11:52:09.845378119Z 26 PC: 12c8a | Set disk transfer address
2018-12-25T11:52:09.84647638Z 9 PC: 12aa2 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":4561,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:09.874965357Z 48 PC: 12abd | Get DOS version
2018-12-25T11:52:09.877015557Z 47 PC: 12ac9 | Get disk transfer address
2018-12-25T11:52:09.878098909Z 26 PC: 12adc | Set disk transfer address
2018-12-25T11:52:09.879432462Z 78 PC: 12b68 | Find first file
2018-12-25T11:52:09.894486343Z 79 PC: 12b6e | Find next file
2018-12-25T11:52:09.896923417Z 67 PC: 12ba6 | Get or set file attributes
2018-12-25T11:52:09.902497207Z 67 PC: 12bb9 | Get or set file attributes
2018-12-25T11:52:09.917663195Z 61 PC: 12bc4 | Open file (Filename = 'PRINT.COM')
2018-12-25T11:52:09.926324571Z 87 PC: 12bd0 | Get or set file date and time
2018-12-25T11:52:09.927812068Z 44 PC: 12bdc | Get time 0x12bdc: and dh, 7
0x12bdf: jne 0x12bf1
0x12be1: mov ah, 0x40
0x12be3: mov cx, 5
0x12be6: mov dx, si
0x12be8: add dx, 0x8a
0x12bec: int 0x21
0x12bee: jmp 0x12c55
0x12bf0: nop
0x12bf1: mov ah, 0x3f
0x12bf3: mov cx, 3
0x12bf6: mov dx, 0xa
0x12bf9: nop
0x12bfa: add dx, si
0x12bfc: int 0x21
0x12bfe: jb 0x12c55
0x12c00: cmp ax, 3
0x12c03: jne 0x12c55
0x12c05: mov ax, 0x4202
0x12c08: mov cx, 0
2018-12-25T11:52:09.930149292Z 63 PC: 12bfe | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:52:09.937046647Z 66 PC: 12c10 | Move file pointer
2018-12-25T11:52:09.938832621Z 64 PC: 12c34 | Write file or device (Write 648 bytes on handle 5)
2018-12-25T11:52:09.947502832Z 66 PC: 12c46 | Move file pointer
2018-12-25T11:52:09.949097054Z 64 PC: 12c55 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:52:09.955430934Z 87 PC: 12c6a | Get or set file date and time
2018-12-25T11:52:09.956888552Z 62 PC: 12c6e | Close file
2018-12-25T11:52:09.965495908Z 67 PC: 12c7d | Get or set file attributes
2018-12-25T11:52:09.987208253Z 26 PC: 12c8a | Set disk transfer address
2018-12-25T11:52:09.989577587Z 9 PC: 12aa2 | Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":7,"TimeBased":true,"OriginalID":4561,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:10.316868476Z 48 PC: 12abd | Get DOS version
2018-12-25T11:52:10.319034434Z 47 PC: 12ac9 | Get disk transfer address
2018-12-25T11:52:10.320288029Z 26 PC: 12adc | Set disk transfer address
2018-12-25T11:52:10.321456615Z 78 PC: 12b68 | Find first file
2018-12-25T11:52:10.328577173Z 79 PC: 12b6e | Find next file
2018-12-25T11:52:10.331498864Z 67 PC: 12ba6 | Get or set file attributes
2018-12-25T11:52:10.337202162Z 67 PC: 12bb9 | Get or set file attributes
2018-12-25T11:52:10.354763322Z 61 PC: 12bc4 | Open file (Filename = 'PRINT.COM')
2018-12-25T11:52:10.361951757Z 87 PC: 12bd0 | Get or set file date and time
2018-12-25T11:52:10.363912274Z 44 PC: 12bdc | Get time 0x12bdc: and dh, 7
0x12bdf: jne 0x12bf1
0x12be1: mov ah, 0x40
0x12be3: mov cx, 5
0x12be6: mov dx, si
0x12be8: add dx, 0x8a
0x12bec: int 0x21
0x12bee: jmp 0x12c55
0x12bf0: nop
0x12bf1: mov ah, 0x3f
0x12bf3: mov cx, 3
0x12bf6: mov dx, 0xa
0x12bf9: nop
0x12bfa: add dx, si
0x12bfc: int 0x21
0x12bfe: jb 0x12c55
0x12c00: cmp ax, 3
0x12c03: jne 0x12c55
0x12c05: mov ax, 0x4202
0x12c08: mov cx, 0
2018-12-25T11:52:10.366381747Z 63 PC: 12bfe | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:52:10.37318365Z 66 PC: 12c10 | Move file pointer
2018-12-25T11:52:10.375272225Z 64 PC: 12c34 | Write file or device (Write 648 bytes on handle 5)
2018-12-25T11:52:10.38401464Z 66 PC: 12c46 | Move file pointer
2018-12-25T11:52:10.386375703Z 64 PC: 12c55 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:52:10.392826445Z 87 PC: 12c6a | Get or set file date and time
2018-12-25T11:52:10.394311312Z 62 PC: 12c6e | Close file
2018-12-25T11:52:10.402763323Z 67 PC: 12c7d | Get or set file attributes
2018-12-25T11:52:10.413214825Z 26 PC: 12c8a | Set disk transfer address
2018-12-25T11:52:10.41504585Z 9 PC: 12aa2 | Display string (String= 'Hello - Copyright S & S International, 1990 ')