Sample viewer

vx.netlux.org/Virus.DOS.Viper.840

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:30:47.625635063Z	44	PC: 12c0c \| Get time 0x12c0c: cmp byte ptr [0x106], 0 0x12c11: nop 0x12c12: je 0x12c1e 0x12c14: cmp dh, 0x1d 0x12c17: nop 0x12c18: nop 0x12c19: nop 0x12c1a: nop 0x12c1b: nop 0x12c1c: jg 0x12c27 0x12c1e: cmp dl, 0 0x12c21: je 0x12c08 0x12c23: mov byte ptr [0x106], dl 0x12c27: mov byte ptr [0x2bd], 0 0x12c2c: nop 0x12c2d: mov byte ptr [0x2be], 4 0x12c32: mov byte ptr [0x2c7], 0 0x12c37: mov cx, 0x27 0x12c3a: mov dx, 0x140 0x12c3d: nop
2018-12-17T22:30:47.628029091Z	78	PC: 12c46 \| Find first file
2018-12-17T22:30:47.63384746Z	78	PC: 12c5a \| Find first file
2018-12-17T22:30:47.637444003Z	67	PC: 12c9b \| Get or set file attributes
2018-12-17T22:30:48.446089977Z	61	PC: 12ca2 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:30:48.453112808Z	63	PC: 12cb2 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:30:48.459675038Z	62	PC: 12ceb \| Close file
2018-12-17T22:30:48.461738322Z	61	PC: 12cf5 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:30:48.469948603Z	64	PC: 12a60 \| Write file or device (Write 840 bytes on handle 5)
2018-12-17T22:30:48.478244577Z	87	PC: 12d20 \| Get or set file date and time
2018-12-17T22:30:48.479689865Z	62	PC: 12d2c \| Close file
2018-12-17T22:30:48.487856786Z	67	PC: 12d3a \| Get or set file attributes
2018-12-17T22:30:48.493270407Z	79	PC: 12cda \| Find next file
2018-12-17T22:30:48.495924929Z	67	PC: 12c9b \| Get or set file attributes
2018-12-17T22:30:48.505783798Z	61	PC: 12ca2 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:30:48.512520708Z	63	PC: 12cb2 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:30:48.519672005Z	62	PC: 12ceb \| Close file
2018-12-17T22:30:48.521926471Z	61	PC: 12cf5 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:30:48.528708836Z	64	PC: 12a60 \| Write file or device (Write 840 bytes on handle 5)
2018-12-17T22:30:48.536911576Z	87	PC: 12d20 \| Get or set file date and time
2018-12-17T22:30:48.539128082Z	62	PC: 12d2c \| Close file
2018-12-17T22:30:48.54669757Z	67	PC: 12d3a \| Get or set file attributes
2018-12-17T22:30:48.55124415Z	79	PC: 12cda \| Find next file
2018-12-17T22:30:48.554056318Z	67	PC: 12c9b \| Get or set file attributes
2018-12-17T22:30:48.563939315Z	61	PC: 12ca2 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:30:48.570265319Z	63	PC: 12cb2 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:30:48.575128162Z	62	PC: 12ceb \| Close file
2018-12-17T22:30:48.576813104Z	61	PC: 12cf5 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:30:48.583683364Z	64	PC: 12a60 \| Write file or device (Write 840 bytes on handle 5)
2018-12-17T22:30:48.592032924Z	87	PC: 12d20 \| Get or set file date and time
2018-12-17T22:30:48.593495768Z	62	PC: 12d2c \| Close file
2018-12-17T22:30:48.599328979Z	67	PC: 12d3a \| Get or set file attributes
2018-12-17T22:30:48.60245999Z	79	PC: 12cda \| Find next file
2018-12-17T22:30:48.605176768Z	67	PC: 12c9b \| Get or set file attributes
2018-12-17T22:30:48.616836136Z	61	PC: 12ca2 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:30:48.623942051Z	63	PC: 12cb2 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:30:48.630087267Z	62	PC: 12ceb \| Close file
2018-12-17T22:30:48.631645061Z	61	PC: 12cf5 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:30:48.638357781Z	64	PC: 12a60 \| Write file or device (Write 840 bytes on handle 5)
2018-12-17T22:30:48.646444378Z	87	PC: 12d20 \| Get or set file date and time
2018-12-17T22:30:48.64774179Z	62	PC: 12d2c \| Close file
2018-12-17T22:30:48.655045382Z	67	PC: 12d3a \| Get or set file attributes
2018-12-17T22:30:48.659800745Z	9	PC: 12d7c \| Display string (String= ' Stack overflow, terminating')
2018-12-17T22:30:48.663521634Z	76	PC: 12d80 \| Terminate with return code (Return code = '36')