Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.666.u

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:29:34.249209971Z	44	PC: 12b98 \| Get time 0x12b98: cmp byte ptr [0x107], 0 0x12b9d: je 0x12ba4 0x12b9f: cmp dh, 0xf 0x12ba2: jg 0x12bad 0x12ba4: cmp dl, 0 0x12ba7: je 0x12b94 0x12ba9: mov byte ptr [0x107], dl 0x12bad: mov byte ptr [0x249], 0 0x12bb2: mov byte ptr [0x24a], 4 0x12bb7: mov byte ptr [0x253], 0 0x12bbc: mov cx, 0x27 0x12bbf: mov dx, 0x132 0x12bc2: mov ah, 0x4e 0x12bc4: int 0x21 0x12bc6: cmp ax, 0x12 0x12bc9: je 0x12bce 0x12bcb: call 0x12bf0 0x12bce: mov cx, 0x27 0x12bd1: mov dx, 0x138 0x12bd4: mov ah, 0x4e
2018-12-17T22:29:34.252580633Z	78	PC: 12bc6 \| Find first file
2018-12-17T22:29:34.259361835Z	67	PC: 12c11 \| Get or set file attributes
2018-12-17T22:29:34.276592812Z	61	PC: 12c17 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:29:34.284342641Z	63	PC: 12c26 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:29:34.287214587Z	62	PC: 12c5a \| Close file
2018-12-17T22:29:34.289667511Z	61	PC: 12c63 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:29:34.298870087Z	64	PC: 12a5b \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:29:34.30833436Z	87	PC: 12c8b \| Get or set file date and time
2018-12-17T22:29:34.310476044Z	62	PC: 12c93 \| Close file
2018-12-17T22:29:34.320121455Z	67	PC: 12ca0 \| Get or set file attributes
2018-12-17T22:29:34.325846957Z	79	PC: 12c4a \| Find next file
2018-12-17T22:29:34.328764891Z	78	PC: 12bd8 \| Find first file
2018-12-17T22:29:34.33587169Z	67	PC: 12c11 \| Get or set file attributes
2018-12-17T22:29:34.347173109Z	61	PC: 12c17 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:29:34.360786337Z	63	PC: 12c26 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:29:34.368464527Z	62	PC: 12c5a \| Close file
2018-12-17T22:29:34.370623254Z	61	PC: 12c63 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:29:34.378107086Z	64	PC: 12a5b \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:29:34.387601262Z	87	PC: 12c8b \| Get or set file date and time
2018-12-17T22:29:34.390122008Z	62	PC: 12c93 \| Close file
2018-12-17T22:29:34.398732377Z	67	PC: 12ca0 \| Get or set file attributes
2018-12-17T22:29:34.404752202Z	79	PC: 12c4a \| Find next file
2018-12-17T22:29:34.409138458Z	67	PC: 12c11 \| Get or set file attributes
2018-12-17T22:29:34.420334146Z	61	PC: 12c17 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:29:34.428941431Z	63	PC: 12c26 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:29:34.437640729Z	62	PC: 12c5a \| Close file
2018-12-17T22:29:34.439767409Z	61	PC: 12c63 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:29:34.447727664Z	64	PC: 12a5b \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:29:34.458075547Z	87	PC: 12c8b \| Get or set file date and time
2018-12-17T22:29:34.459785923Z	62	PC: 12c93 \| Close file
2018-12-17T22:29:34.468527425Z	67	PC: 12ca0 \| Get or set file attributes
2018-12-17T22:29:34.475582136Z	79	PC: 12c4a \| Find next file
2018-12-17T22:29:34.478890445Z	67	PC: 12c11 \| Get or set file attributes
2018-12-17T22:29:34.490477139Z	61	PC: 12c17 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:29:34.498877276Z	63	PC: 12c26 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:29:34.506156687Z	62	PC: 12c5a \| Close file
2018-12-17T22:29:34.50821947Z	61	PC: 12c63 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:29:34.517286918Z	64	PC: 12a5b \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:29:34.526960254Z	87	PC: 12c8b \| Get or set file date and time
2018-12-17T22:29:34.536335935Z	62	PC: 12c93 \| Close file
2018-12-17T22:29:34.548025935Z	67	PC: 12ca0 \| Get or set file attributes
2018-12-17T22:29:34.555311215Z	9	PC: 12cce \| Display string (String= ' Program too big to fit in memory')
2018-12-17T22:29:34.559861126Z	76	PC: 12cd2 \| Terminate with return code (Return code = '36')