Sample viewer

vx.netlux.org/Virus.DOS.Spe.x

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:30:08.31561898Z	44	PC: 12baf \| Get time 0x12baf: in al, 0x40 0x12bb1: xchg al, ah 0x12bb3: in al, 0x40 0x12bb5: xor ah, cl 0x12bb7: xor ax, dx 0x12bb9: pop dx 0x12bba: pop cx 0x12bbb: ret 0x12bbc: and word ptr [bp + di - 0x2f28], cx 0x12bc0: leave 0x12bc1: and cl, 0x80 0x12bc4: and bl, 0x7f 0x12bc7: or bl, cl 0x12bc9: mov ax, 0x5801 0x12bcc: int 0x21 0x12bce: mov bl, ch 0x12bd0: shr bl, 1 0x12bd2: xor bh, bh 0x12bd4: mov ax, 0x5803 0x12bd7: int 0x21
2018-12-17T22:30:08.318677769Z	44	PC: 12baf \| Get time 0x12baf: in al, 0x40 0x12bb1: xchg al, ah 0x12bb3: in al, 0x40 0x12bb5: xor ah, cl 0x12bb7: xor ax, dx 0x12bb9: pop dx 0x12bba: pop cx 0x12bbb: ret 0x12bbc: and word ptr [bx + si], ax 0x12bbe: fadd dword ptr [bp + di] 0x12bc0: leave 0x12bc1: and cl, 0x80 0x12bc4: and bl, 0x7f 0x12bc7: or bl, cl 0x12bc9: mov ax, 0x5801 0x12bcc: int 0x21 0x12bce: mov bl, ch 0x12bd0: shr bl, 1 0x12bd2: xor bh, bh 0x12bd4: mov ax, 0x5803
2018-12-17T22:30:08.321115077Z	44	PC: 12baf \| Get time 0x12baf: in al, 0x40 0x12bb1: xchg al, ah 0x12bb3: in al, 0x40 0x12bb5: xor ah, cl 0x12bb7: xor ax, dx 0x12bb9: pop dx 0x12bba: pop cx 0x12bbb: ret 0x12bbc: and word ptr [bx + si], ax 0x12bbe: fadd dword ptr [bp + di] 0x12bc0: leave 0x12bc1: and cl, 0x80 0x12bc4: and bl, 0x7f 0x12bc7: or bl, cl 0x12bc9: mov ax, 0x5801 0x12bcc: int 0x21 0x12bce: mov bl, ch 0x12bd0: shr bl, 1 0x12bd2: xor bh, bh 0x12bd4: mov ax, 0x5803
2018-12-17T22:30:08.323353942Z	44	PC: 12baf \| Get time 0x12baf: in al, 0x40 0x12bb1: xchg al, ah 0x12bb3: in al, 0x40 0x12bb5: xor ah, cl 0x12bb7: xor ax, dx 0x12bb9: pop dx 0x12bba: pop cx 0x12bbb: ret 0x12bbc: and word ptr [bx + si], ax 0x12bbe: fadd dword ptr [bp + di] 0x12bc0: leave 0x12bc1: and cl, 0x80 0x12bc4: and bl, 0x7f 0x12bc7: or bl, cl 0x12bc9: mov ax, 0x5801 0x12bcc: int 0x21 0x12bce: mov bl, ch 0x12bd0: shr bl, 1 0x12bd2: xor bh, bh 0x12bd4: mov ax, 0x5803
2018-12-17T22:30:08.325532464Z	44	PC: 12baf \| Get time 0x12baf: in al, 0x40 0x12bb1: xchg al, ah 0x12bb3: in al, 0x40 0x12bb5: xor ah, cl 0x12bb7: xor ax, dx 0x12bb9: pop dx 0x12bba: pop cx 0x12bbb: ret 0x12bbc: and word ptr [bx + si], ax 0x12bbe: fadd dword ptr [bp + di] 0x12bc0: leave 0x12bc1: and cl, 0x80 0x12bc4: and bl, 0x7f 0x12bc7: or bl, cl 0x12bc9: mov ax, 0x5801 0x12bcc: int 0x21 0x12bce: mov bl, ch 0x12bd0: shr bl, 1 0x12bd2: xor bh, bh 0x12bd4: mov ax, 0x5803
2018-12-17T22:30:08.328902801Z	44	PC: 12baf \| Get time 0x12baf: in al, 0x40 0x12bb1: xchg al, ah 0x12bb3: in al, 0x40 0x12bb5: xor ah, cl 0x12bb7: xor ax, dx 0x12bb9: pop dx 0x12bba: pop cx 0x12bbb: ret 0x12bbc: and word ptr [bx + si], si 0x12bbe: fadd dword ptr [bp + di] 0x12bc0: leave 0x12bc1: and cl, 0x80 0x12bc4: and bl, 0x7f 0x12bc7: or bl, cl 0x12bc9: mov ax, 0x5801 0x12bcc: int 0x21 0x12bce: mov bl, ch 0x12bd0: shr bl, 1 0x12bd2: xor bh, bh 0x12bd4: mov ax, 0x5803
2018-12-17T22:30:08.331564892Z	44	PC: 12baf \| Get time 0x12baf: in al, 0x40 0x12bb1: xchg al, ah 0x12bb3: in al, 0x40 0x12bb5: xor ah, cl 0x12bb7: xor ax, dx 0x12bb9: pop dx 0x12bba: pop cx 0x12bbb: ret 0x12bbc: and word ptr [bx + si], si 0x12bbe: cmp al, byte ptr [bp + di] 0x12bc0: leave 0x12bc1: and cl, 0x80 0x12bc4: and bl, 0x7f 0x12bc7: or bl, cl 0x12bc9: mov ax, 0x5801 0x12bcc: int 0x21 0x12bce: mov bl, ch 0x12bd0: shr bl, 1 0x12bd2: xor bh, bh 0x12bd4: mov ax, 0x5803
2018-12-17T22:30:08.3337908Z	44	PC: 12baf \| Get time 0x12baf: in al, 0x40 0x12bb1: xchg al, ah 0x12bb3: in al, 0x40 0x12bb5: xor ah, cl 0x12bb7: xor ax, dx 0x12bb9: pop dx 0x12bba: pop cx 0x12bbb: ret 0x12bbc: and word ptr [bx + si], ax 0x12bbe: cmp al, byte ptr [bp + si] 0x12bc0: leave 0x12bc1: and cl, 0x80 0x12bc4: and bl, 0x7f 0x12bc7: or bl, cl 0x12bc9: mov ax, 0x5801 0x12bcc: int 0x21 0x12bce: mov bl, ch 0x12bd0: shr bl, 1 0x12bd2: xor bh, bh 0x12bd4: mov ax, 0x5803
2018-12-17T22:30:08.336740931Z	44	PC: 12baf \| Get time 0x12baf: in al, 0x40 0x12bb1: xchg al, ah 0x12bb3: in al, 0x40 0x12bb5: xor ah, cl 0x12bb7: xor ax, dx 0x12bb9: pop dx 0x12bba: pop cx 0x12bbb: ret 0x12bbc: and word ptr [bx + si], ax 0x12bbe: cmp al, byte ptr [bp + si] 0x12bc0: leave 0x12bc1: and cl, 0x80 0x12bc4: and bl, 0x7f 0x12bc7: or bl, cl 0x12bc9: mov ax, 0x5801 0x12bcc: int 0x21 0x12bce: mov bl, ch 0x12bd0: shr bl, 1 0x12bd2: xor bh, bh 0x12bd4: mov ax, 0x5803
2018-12-17T22:30:08.339195483Z	44	PC: 12baf \| Get time 0x12baf: in al, 0x40 0x12bb1: xchg al, ah 0x12bb3: in al, 0x40 0x12bb5: xor ah, cl 0x12bb7: xor ax, dx 0x12bb9: pop dx 0x12bba: pop cx 0x12bbb: ret 0x12bbc: and word ptr [bx + si], ax 0x12bbe: cmp al, byte ptr [bp + si] 0x12bc0: leave 0x12bc1: and cl, 0x80 0x12bc4: and bl, 0x7f 0x12bc7: or bl, cl 0x12bc9: mov ax, 0x5801 0x12bcc: int 0x21 0x12bce: mov bl, ch 0x12bd0: shr bl, 1 0x12bd2: xor bh, bh 0x12bd4: mov ax, 0x5803
2018-12-17T22:30:08.341268179Z	44	PC: 12baf \| Get time 0x12baf: in al, 0x40 0x12bb1: xchg al, ah 0x12bb3: in al, 0x40 0x12bb5: xor ah, cl 0x12bb7: xor ax, dx 0x12bb9: pop dx 0x12bba: pop cx 0x12bbb: ret 0x12bbc: and word ptr [bx + si], ax 0x12bbe: cmp al, byte ptr [bp + si] 0x12bc0: leave 0x12bc1: and cl, 0x80 0x12bc4: and bl, 0x7f 0x12bc7: or bl, cl 0x12bc9: mov ax, 0x5801 0x12bcc: int 0x21 0x12bce: mov bl, ch 0x12bd0: shr bl, 1 0x12bd2: xor bh, bh 0x12bd4: mov ax, 0x5803
2018-12-17T22:30:08.344373329Z	44	PC: 12baf \| Get time 0x12baf: in al, 0x40 0x12bb1: xchg al, ah 0x12bb3: in al, 0x40 0x12bb5: xor ah, cl 0x12bb7: xor ax, dx 0x12bb9: pop dx 0x12bba: pop cx 0x12bbb: ret 0x12bbc: and word ptr [bx + si], si 0x12bbe: cmp al, byte ptr [bp + si] 0x12bc0: leave 0x12bc1: and cl, 0x80 0x12bc4: and bl, 0x7f 0x12bc7: or bl, cl 0x12bc9: mov ax, 0x5801 0x12bcc: int 0x21 0x12bce: mov bl, ch 0x12bd0: shr bl, 1 0x12bd2: xor bh, bh 0x12bd4: mov ax, 0x5803
2018-12-17T22:30:08.347574886Z	26	PC: 174e7 \| Set disk transfer address
2018-12-17T22:30:08.350426904Z	64	PC: 19838 \| Write file or device (Write 15 bytes on handle 2)
2018-12-17T22:30:08.353021172Z	89	PC: 19786 \| Get extended error info
2018-12-17T22:30:08.354501594Z	46	PC: 1429 \| Set verify flag