Sample viewer

vx.netlux.org/Virus.DOS.SillyOC.425

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:54:27.088805098Z 42 PC: 12a58 | Get date 0x12a58: cmp al, 0
0x12a5a: jne 0x12acb
0x12a5c: mov ax, 0x3301
0x12a5f: mov dl, 0
0x12a61: int 0x21
0x12a63: mov cx, 0x46
0x12a66: nop
0x12a67: mov si, 0x21f
0x12a6a: mov di, 0x265
0x12a6d: mov al, byte ptr [si]
0x12a6f: mov byte ptr [0x2ab], al
0x12a72: xor byte ptr [0x2ab], 1
0x12a77: mov al, byte ptr [0x2ab]
0x12a7a: mov byte ptr [di], al
0x12a7c: inc si
0x12a7d: inc di
0x12a7e: loop 0x12a6d
0x12a80: cmp byte ptr [0x216], 0x1b
0x12a85: jge 0x12a9e
0x12a87: pushf
2018-12-17T21:54:27.092027344Z 78 PC: 12b12 | Find first file
2018-12-17T21:54:27.097961162Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:54:27.108244085Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:54:27.124798667Z 61 PC: 12b2e | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:54:27.131640468Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T21:54:27.133632053Z 64 PC: 12b42 | Write file or device (Write 425 bytes on handle 5)
2018-12-17T21:54:27.140652937Z 87 PC: 12b4a | Get or set file date and time
2018-12-17T21:54:27.14226473Z 62 PC: 12b4e | Close file
2018-12-17T21:54:27.148955583Z 79 PC: 12b52 | Find next file
2018-12-17T21:54:27.151473222Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:54:27.15726567Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:54:27.166974848Z 61 PC: 12b2e | Open file (Filename = 'PRINT.COM')
2018-12-17T21:54:27.17336504Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T21:54:27.175222652Z 64 PC: 12b42 | Write file or device (Write 425 bytes on handle 5)
2018-12-17T21:54:27.181597543Z 87 PC: 12b4a | Get or set file date and time
2018-12-17T21:54:27.182998494Z 62 PC: 12b4e | Close file
2018-12-17T21:54:27.191013854Z 79 PC: 12b52 | Find next file
2018-12-17T21:54:27.193585537Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:54:27.199060371Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:54:27.210394739Z 61 PC: 12b2e | Open file (Filename = 'HELLO.COM')
2018-12-17T21:54:27.223240036Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T21:54:27.225130192Z 64 PC: 12b42 | Write file or device (Write 425 bytes on handle 5)
2018-12-17T21:54:27.233003468Z 87 PC: 12b4a | Get or set file date and time
2018-12-17T21:54:27.235097541Z 62 PC: 12b4e | Close file
2018-12-17T21:54:27.242348555Z 79 PC: 12b52 | Find next file
2018-12-17T21:54:27.245656216Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:54:27.251368881Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:54:27.261119964Z 61 PC: 12b2e | Open file (Filename = 'PHANG.COM')
2018-12-17T21:54:27.267947732Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T21:54:27.270021018Z 64 PC: 12b42 | Write file or device (Write 425 bytes on handle 5)
2018-12-17T21:54:27.276582807Z 87 PC: 12b4a | Get or set file date and time
2018-12-17T21:54:27.278118606Z 62 PC: 12b4e | Close file
2018-12-17T21:54:27.286370819Z 79 PC: 12b52 | Find next file
2018-12-17T21:54:27.288994786Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:54:27.295234855Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:54:27.305518Z 61 PC: 12b2e | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T21:54:27.312583178Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T21:54:27.314550872Z 64 PC: 12b42 | Write file or device (Write 425 bytes on handle 5)
2018-12-17T21:54:27.322110242Z 87 PC: 12b4a | Get or set file date and time
2018-12-17T21:54:27.323986801Z 62 PC: 12b4e | Close file
2018-12-17T21:54:27.33190652Z 79 PC: 12b52 | Find next file
2018-12-17T21:54:27.335424503Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:54:27.341251712Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:54:27.350850003Z 61 PC: 12b2e | Open file (Filename = 'MANDEL.COM')
2018-12-17T21:54:27.363795884Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T21:54:27.365141159Z 64 PC: 12b42 | Write file or device (Write 425 bytes on handle 5)
2018-12-17T21:54:27.371523391Z 87 PC: 12b4a | Get or set file date and time
2018-12-17T21:54:27.373540423Z 62 PC: 12b4e | Close file
2018-12-17T21:54:27.383803945Z 79 PC: 12b52 | Find next file
2018-12-17T21:54:27.386230428Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:54:27.39160226Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:54:27.401229808Z 61 PC: 12b2e | Open file (Filename = 'PAH.COM')
2018-12-17T21:54:27.407959743Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T21:54:27.409329629Z 64 PC: 12b42 | Write file or device (Write 425 bytes on handle 5)
2018-12-17T21:54:27.418608519Z 87 PC: 12b4a | Get or set file date and time
2018-12-17T21:54:27.420750519Z 62 PC: 12b4e | Close file
2018-12-17T21:54:27.428530973Z 79 PC: 12b52 | Find next file
2018-12-17T21:54:27.432467066Z 67 PC: 12b1b | Get or set file attributes
2018-12-17T21:54:27.438341772Z 67 PC: 12b25 | Get or set file attributes
2018-12-17T21:54:27.448767639Z 61 PC: 12b2e | Open file (Filename = 'TEST.COM')
2018-12-17T21:54:27.456375379Z 87 PC: 12b36 | Get or set file date and time
2018-12-17T21:54:27.457789854Z 64 PC: 12b42 | Write file or device (Write 425 bytes on handle 5)
2018-12-17T21:54:27.464847179Z 87 PC: 12b4a | Get or set file date and time
2018-12-17T21:54:27.467641186Z 62 PC: 12b4e | Close file
2018-12-17T21:54:27.475069976Z 79 PC: 12b52 | Find next file

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":482,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:58.993744637Z 42 PC: 12a58 | Get date 0x12a58: cmp al, 0
0x12a5a: jne 0x12acb
0x12a5c: mov ax, 0x3301
0x12a5f: mov dl, 0
0x12a61: int 0x21
0x12a63: mov cx, 0x46
0x12a66: nop
0x12a67: mov si, 0x21f
0x12a6a: mov di, 0x265
0x12a6d: mov al, byte ptr [si]
0x12a6f: mov byte ptr [0x2ab], al
0x12a72: xor byte ptr [0x2ab], 1
0x12a77: mov al, byte ptr [0x2ab]
0x12a7a: mov byte ptr [di], al
0x12a7c: inc si
0x12a7d: inc di
0x12a7e: loop 0x12a6d
0x12a80: cmp byte ptr [0x216], 0x1b
0x12a85: jge 0x12a9e
0x12a87: pushf
2018-12-25T11:40:58.997087439Z 78 PC: 12b12 | Find first file
2018-12-25T11:40:59.002766942Z 67 PC: 12b1b | Get or set file attributes
2018-12-25T11:40:59.008093875Z 67 PC: 12b25 | Get or set file attributes
2018-12-25T11:40:59.024408968Z 61 PC: 12b2e | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:40:59.03084078Z 87 PC: 12b36 | Get or set file date and time
2018-12-25T11:40:59.032037543Z 64 PC: 12b42 | Write file or device (Write 425 bytes on handle 5)
2018-12-25T11:40:59.046674954Z 87 PC: 12b4a | Get or set file date and time
2018-12-25T11:40:59.048110376Z 62 PC: 12b4e | Close file
2018-12-25T11:40:59.05514576Z 79 PC: 12b52 | Find next file
2018-12-25T11:40:59.058288905Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:59.063733321Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:59.073531855Z 61 PC: 12b2e | Open file (See above)
2018-12-25T11:40:59.080762295Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T11:40:59.081970665Z 64 PC: 12b42 | Write file or device (See above)
2018-12-25T11:40:59.088244699Z 87 PC: 12b4a | Get or set file date and time (See above)
2018-12-25T11:40:59.089530328Z 62 PC: 12b4e | Close file (See above)
2018-12-25T11:40:59.096693249Z 79 PC: 12b52 | Find next file (See above)
2018-12-25T11:40:59.09911299Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:59.104546721Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:59.114590792Z 61 PC: 12b2e | Open file (See above)
2018-12-25T11:40:59.125487204Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T11:40:59.126713869Z 64 PC: 12b42 | Write file or device (See above)
2018-12-25T11:40:59.146574335Z 87 PC: 12b4a | Get or set file date and time (See above)
2018-12-25T11:40:59.147917758Z 62 PC: 12b4e | Close file (See above)
2018-12-25T11:40:59.154954303Z 79 PC: 12b52 | Find next file (See above)
2018-12-25T11:40:59.158612047Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:59.163491404Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:59.17295347Z 61 PC: 12b2e | Open file (See above)
2018-12-25T11:40:59.180499074Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T11:40:59.181821198Z 64 PC: 12b42 | Write file or device (See above)
2018-12-25T11:40:59.188190141Z 87 PC: 12b4a | Get or set file date and time (See above)
2018-12-25T11:40:59.191185464Z 62 PC: 12b4e | Close file (See above)
2018-12-25T11:40:59.198532022Z 79 PC: 12b52 | Find next file (See above)
2018-12-25T11:40:59.202168566Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:59.213640875Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:59.223360116Z 61 PC: 12b2e | Open file (See above)
2018-12-25T11:40:59.230875398Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T11:40:59.238358581Z 64 PC: 12b42 | Write file or device (See above)
2018-12-25T11:40:59.245330118Z 87 PC: 12b4a | Get or set file date and time (See above)
2018-12-25T11:40:59.247145044Z 62 PC: 12b4e | Close file (See above)
2018-12-25T11:40:59.254669274Z 79 PC: 12b52 | Find next file (See above)
2018-12-25T11:40:59.258538916Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:59.26480159Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:59.277334009Z 61 PC: 12b2e | Open file (See above)
2018-12-25T11:40:59.285766956Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T11:40:59.287502503Z 64 PC: 12b42 | Write file or device (See above)
2018-12-25T11:40:59.294055608Z 87 PC: 12b4a | Get or set file date and time (See above)
2018-12-25T11:40:59.296143456Z 62 PC: 12b4e | Close file (See above)
2018-12-25T11:40:59.303427116Z 79 PC: 12b52 | Find next file (See above)
2018-12-25T11:40:59.30610625Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:59.312323073Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:59.32201444Z 61 PC: 12b2e | Open file (See above)
2018-12-25T11:40:59.328645775Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T11:40:59.3306675Z 64 PC: 12b42 | Write file or device (See above)
2018-12-25T11:40:59.336955014Z 87 PC: 12b4a | Get or set file date and time (See above)
2018-12-25T11:40:59.338601598Z 62 PC: 12b4e | Close file (See above)
2018-12-25T11:40:59.346435534Z 79 PC: 12b52 | Find next file (See above)
2018-12-25T11:40:59.348858375Z 67 PC: 12b1b | Get or set file attributes (See above)
2018-12-25T11:40:59.354164432Z 67 PC: 12b25 | Get or set file attributes (See above)
2018-12-25T11:40:59.363737259Z 61 PC: 12b2e | Open file (See above)
2018-12-25T11:40:59.370426096Z 87 PC: 12b36 | Get or set file date and time (See above)
2018-12-25T11:40:59.371875351Z 64 PC: 12b42 | Write file or device (See above)
2018-12-25T11:40:59.37871351Z 87 PC: 12b4a | Get or set file date and time (See above)
2018-12-25T11:40:59.380083389Z 62 PC: 12b4e | Close file (See above)
2018-12-25T11:40:59.387089447Z 79 PC: 12b52 | Find next file (See above)

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":482,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:59.305909037Z 42 PC: 12a58 | Get date 0x12a58: cmp al, 0
0x12a5a: jne 0x12acb
0x12a5c: mov ax, 0x3301
0x12a5f: mov dl, 0
0x12a61: int 0x21
0x12a63: mov cx, 0x46
0x12a66: nop
0x12a67: mov si, 0x21f
0x12a6a: mov di, 0x265
0x12a6d: mov al, byte ptr [si]
0x12a6f: mov byte ptr [0x2ab], al
0x12a72: xor byte ptr [0x2ab], 1
0x12a77: mov al, byte ptr [0x2ab]
0x12a7a: mov byte ptr [di], al
0x12a7c: inc si
0x12a7d: inc di
0x12a7e: loop 0x12a6d
0x12a80: cmp byte ptr [0x216], 0x1b
0x12a85: jge 0x12a9e
0x12a87: pushf
2018-12-25T11:40:59.309404558Z 51 PC: 12a63 | Get or set Ctrl-Break
2018-12-25T11:40:59.337987507Z 2 PC: 12aa2 | Character output (Char = '2c')
2018-12-25T11:40:59.340740416Z 43 PC: 12ab3 | Set date
2018-12-25T11:40:59.342073957Z 45 PC: 12abd | Set time
2018-12-25T11:40:59.347015793Z 51 PC: 12ac4 | Get or set Ctrl-Break
2018-12-25T11:40:59.348618198Z 76 PC: 12ac9 | Terminate with return code (Return code = '0')