Sample viewer

vx.netlux.org/Virus.DOS.Dutch_Tiny.333.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:31:36.028999517Z 42 PC: 12a5f | Get date 0x12a5f: cmp dx, 0x606
0x12a63: je 0x12a8d
0x12a65: cmp dx, 0xb12
0x12a69: je 0x12a8d
0x12a6b: cmp dx, 0xb16
0x12a6f: je 0x12a8d
0x12a71: lea dx, word ptr [si + 0x20d]
0x12a75: xor cx, cx
0x12a77: mov ah, 0x4e
0x12a79: int 0x21
0x12a7b: jb 0x12a86
0x12a7d: call 0x12a97
0x12a80: jb 0x12a86
0x12a82: mov ah, 0x4f
0x12a84: jmp 0x12a79
0x12a86: mov ax, bp
0x12a88: add ax, 0x103
0x12a8b: jmp ax
0x12a8d: lea dx, word ptr [si + 0x220]
0x12a91: mov ah, 9
2018-12-17T22:31:36.031667033Z 78 PC: 12a7b | Find first file
2018-12-17T22:31:36.039551764Z 67 PC: 12a9f | Get or set file attributes
2018-12-17T22:31:36.045902959Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:31:36.064593997Z 61 PC: 12aaf | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:31:36.072470279Z 63 PC: 12abe | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:31:36.079547667Z 67 PC: 12b4d | Get or set file attributes
2018-12-17T22:31:36.092240838Z 79 PC: 12a7b | Find next file
2018-12-17T22:31:36.095539413Z 67 PC: 12a9f | Get or set file attributes
2018-12-17T22:31:36.101821702Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:31:36.11249841Z 61 PC: 12aaf | Open file (Filename = 'PRINT.COM')
2018-12-17T22:31:36.120290705Z 63 PC: 12abe | Read file or device (Read 3 bytes on handle 6)
2018-12-17T22:31:36.12732731Z 67 PC: 12b4d | Get or set file attributes
2018-12-17T22:31:36.131995048Z 79 PC: 12a7b | Find next file
2018-12-17T22:31:36.135147221Z 67 PC: 12a9f | Get or set file attributes
2018-12-17T22:31:36.148419041Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:31:36.276619918Z 61 PC: 12aaf | Open file (Filename = 'HELLO.COM')
2018-12-17T22:31:36.284904046Z 63 PC: 12abe | Read file or device (Read 3 bytes on handle 7)
2018-12-17T22:31:36.293888904Z 67 PC: 12b4d | Get or set file attributes
2018-12-17T22:31:36.299720046Z 79 PC: 12a7b | Find next file
2018-12-17T22:31:36.303821416Z 67 PC: 12a9f | Get or set file attributes
2018-12-17T22:31:36.314428577Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:31:36.520002769Z 61 PC: 12aaf | Open file (Filename = 'PHANG.COM')
2018-12-17T22:31:36.52794917Z 63 PC: 12abe | Read file or device (Read 3 bytes on handle 8)
2018-12-17T22:31:36.53683834Z 67 PC: 12b4d | Get or set file attributes
2018-12-17T22:31:36.542242265Z 79 PC: 12a7b | Find next file
2018-12-17T22:31:36.554550664Z 67 PC: 12a9f | Get or set file attributes
2018-12-17T22:31:36.566876688Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:31:36.580761143Z 61 PC: 12aaf | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:31:36.589041839Z 63 PC: 12abe | Read file or device (Read 3 bytes on handle 9)
2018-12-17T22:31:36.599553608Z 67 PC: 12b4d | Get or set file attributes
2018-12-17T22:31:36.607817711Z 79 PC: 12a7b | Find next file
2018-12-17T22:31:36.611230258Z 67 PC: 12a9f | Get or set file attributes
2018-12-17T22:31:36.617671771Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:31:36.632867636Z 61 PC: 12aaf | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:31:36.646548149Z 63 PC: 12abe | Read file or device (Read 3 bytes on handle 10)
2018-12-17T22:31:36.654057337Z 67 PC: 12b4d | Get or set file attributes
2018-12-17T22:31:36.661331534Z 79 PC: 12a7b | Find next file
2018-12-17T22:31:36.665255132Z 67 PC: 12a9f | Get or set file attributes
2018-12-17T22:31:36.67189103Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:31:36.683770013Z 61 PC: 12aaf | Open file (Filename = 'PAH.COM')
2018-12-17T22:31:36.691478021Z 63 PC: 12abe | Read file or device (Read 3 bytes on handle 11)
2018-12-17T22:31:36.698992752Z 67 PC: 12b4d | Get or set file attributes
2018-12-17T22:31:36.710521455Z 79 PC: 12a7b | Find next file
2018-12-17T22:31:36.718280878Z 67 PC: 12a9f | Get or set file attributes
2018-12-17T22:31:36.72495714Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:31:36.742069821Z 61 PC: 12aaf | Open file (Filename = 'TEST.COM')
2018-12-17T22:31:36.750294146Z 63 PC: 12abe | Read file or device (Read 3 bytes on handle 12)
2018-12-17T22:31:36.758600195Z 66 PC: 12ad6 | Move file pointer
2018-12-17T22:31:36.761359461Z 63 PC: 12adf | Read file or device (Read 2 bytes on handle 12)
2018-12-17T22:31:36.765456837Z 67 PC: 12b4d | Get or set file attributes
2018-12-17T22:31:36.780437558Z 79 PC: 12a7b | Find next file

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5643,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:55:04.183529635Z 42 PC: 12a5f | Get date 0x12a5f: cmp dx, 0x606
0x12a63: je 0x12a8d
0x12a65: cmp dx, 0xb12
0x12a69: je 0x12a8d
0x12a6b: cmp dx, 0xb16
0x12a6f: je 0x12a8d
0x12a71: lea dx, word ptr [si + 0x20d]
0x12a75: xor cx, cx
0x12a77: mov ah, 0x4e
0x12a79: int 0x21
0x12a7b: jb 0x12a86
0x12a7d: call 0x12a97
0x12a80: jb 0x12a86
0x12a82: mov ah, 0x4f
0x12a84: jmp 0x12a79
0x12a86: mov ax, bp
0x12a88: add ax, 0x103
0x12a8b: jmp ax
0x12a8d: lea dx, word ptr [si + 0x220]
0x12a91: mov ah, 9
2018-12-25T11:55:04.185421664Z 78 PC: 12a7b | Find first file
2018-12-25T11:55:04.191608171Z 67 PC: 12a9f | Get or set file attributes
2018-12-25T11:55:04.196862121Z 67 PC: 12aaa | Get or set file attributes
2018-12-25T11:55:05.486704196Z 61 PC: 12aaf | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:55:05.494013145Z 63 PC: 12abe | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:55:05.589994128Z 67 PC: 12b4d | Get or set file attributes
2018-12-25T11:55:05.596296768Z 79 PC: 12a7b | Find next file (See above)
2018-12-25T11:55:05.600226924Z 67 PC: 12a9f | Get or set file attributes (See above)
2018-12-25T11:55:05.605911369Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T11:55:05.639660035Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:55:05.646396051Z 63 PC: 12abe | Read file or device (See above)
2018-12-25T11:55:05.653478508Z 67 PC: 12b4d | Get or set file attributes (See above)
2018-12-25T11:55:05.657548556Z 79 PC: 12a7b | Find next file (See above)
2018-12-25T11:55:05.659939321Z 67 PC: 12a9f | Get or set file attributes (See above)
2018-12-25T11:55:05.665961569Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T11:55:05.675413315Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:55:05.681723571Z 63 PC: 12abe | Read file or device (See above)
2018-12-25T11:55:05.688993417Z 67 PC: 12b4d | Get or set file attributes (See above)
2018-12-25T11:55:05.698699176Z 79 PC: 12a7b | Find next file (See above)
2018-12-25T11:55:05.705650552Z 67 PC: 12a9f | Get or set file attributes (See above)
2018-12-25T11:55:05.718081344Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T11:55:05.728358052Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:55:05.734893033Z 63 PC: 12abe | Read file or device (See above)
2018-12-25T11:55:05.74447482Z 67 PC: 12b4d | Get or set file attributes (See above)
2018-12-25T11:55:05.747993745Z 79 PC: 12a7b | Find next file (See above)
2018-12-25T11:55:05.749858271Z 67 PC: 12a9f | Get or set file attributes (See above)
2018-12-25T11:55:05.753646015Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T11:55:05.774307703Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:55:05.782002181Z 63 PC: 12abe | Read file or device (See above)
2018-12-25T11:55:05.78877193Z 67 PC: 12b4d | Get or set file attributes (See above)
2018-12-25T11:55:05.793108716Z 79 PC: 12a7b | Find next file (See above)
2018-12-25T11:55:05.795513425Z 67 PC: 12a9f | Get or set file attributes (See above)
2018-12-25T11:55:05.799456097Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T11:55:05.805684635Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:55:05.80991524Z 63 PC: 12abe | Read file or device (See above)
2018-12-25T11:55:05.814022496Z 67 PC: 12b4d | Get or set file attributes (See above)
2018-12-25T11:55:05.821337813Z 79 PC: 12a7b | Find next file (See above)
2018-12-25T11:55:05.823406182Z 67 PC: 12a9f | Get or set file attributes (See above)
2018-12-25T11:55:05.83028431Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T11:55:05.840959534Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:55:05.847598126Z 63 PC: 12abe | Read file or device (See above)
2018-12-25T11:55:05.852015917Z 67 PC: 12b4d | Get or set file attributes (See above)
2018-12-25T11:55:05.855375161Z 79 PC: 12a7b | Find next file (See above)
2018-12-25T11:55:05.85722993Z 67 PC: 12a9f | Get or set file attributes (See above)
2018-12-25T11:55:05.860543334Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T11:55:05.867480572Z 61 PC: 12aaf | Open file (See above)
2018-12-25T11:55:05.875137073Z 63 PC: 12abe | Read file or device (See above)
2018-12-25T11:55:05.881186193Z 66 PC: 12ad6 | Move file pointer
2018-12-25T11:55:05.883354761Z 63 PC: 12adf | Read file or device (Read 2 bytes on handle 12)
2018-12-25T11:55:05.885624767Z 67 PC: 12b4d | Get or set file attributes (See above)
2018-12-25T11:55:05.895601514Z 79 PC: 12a7b | Find next file (See above)

{"DateBased":true,"Day":6,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5643,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:55:04.288949636Z 42 PC: 12a5f | Get date 0x12a5f: cmp dx, 0x606
0x12a63: je 0x12a8d
0x12a65: cmp dx, 0xb12
0x12a69: je 0x12a8d
0x12a6b: cmp dx, 0xb16
0x12a6f: je 0x12a8d
0x12a71: lea dx, word ptr [si + 0x20d]
0x12a75: xor cx, cx
0x12a77: mov ah, 0x4e
0x12a79: int 0x21
0x12a7b: jb 0x12a86
0x12a7d: call 0x12a97
0x12a80: jb 0x12a86
0x12a82: mov ah, 0x4f
0x12a84: jmp 0x12a79
0x12a86: mov ax, bp
0x12a88: add ax, 0x103
0x12a8b: jmp ax
0x12a8d: lea dx, word ptr [si + 0x220]
0x12a91: mov ah, 9
2018-12-25T11:55:04.293446808Z 9 PC: 12a95 | Display string (String= 'Kennedy er d�d - l�nge leve "The Dead Kennedys" ')

{"DateBased":true,"Day":18,"Month":11,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5643,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:55:04.355039454Z 42 PC: 12a5f | Get date 0x12a5f: cmp dx, 0x606
0x12a63: je 0x12a8d
0x12a65: cmp dx, 0xb12
0x12a69: je 0x12a8d
0x12a6b: cmp dx, 0xb16
0x12a6f: je 0x12a8d
0x12a71: lea dx, word ptr [si + 0x20d]
0x12a75: xor cx, cx
0x12a77: mov ah, 0x4e
0x12a79: int 0x21
0x12a7b: jb 0x12a86
0x12a7d: call 0x12a97
0x12a80: jb 0x12a86
0x12a82: mov ah, 0x4f
0x12a84: jmp 0x12a79
0x12a86: mov ax, bp
0x12a88: add ax, 0x103
0x12a8b: jmp ax
0x12a8d: lea dx, word ptr [si + 0x220]
0x12a91: mov ah, 9
2018-12-25T11:55:04.357915454Z 9 PC: 12a95 | Display string (String= 'Kennedy er d�d - l�nge leve "The Dead Kennedys" ')

{"DateBased":true,"Day":22,"Month":11,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5643,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:55:04.367365032Z 42 PC: 12a5f | Get date 0x12a5f: cmp dx, 0x606
0x12a63: je 0x12a8d
0x12a65: cmp dx, 0xb12
0x12a69: je 0x12a8d
0x12a6b: cmp dx, 0xb16
0x12a6f: je 0x12a8d
0x12a71: lea dx, word ptr [si + 0x20d]
0x12a75: xor cx, cx
0x12a77: mov ah, 0x4e
0x12a79: int 0x21
0x12a7b: jb 0x12a86
0x12a7d: call 0x12a97
0x12a80: jb 0x12a86
0x12a82: mov ah, 0x4f
0x12a84: jmp 0x12a79
0x12a86: mov ax, bp
0x12a88: add ax, 0x103
0x12a8b: jmp ax
0x12a8d: lea dx, word ptr [si + 0x220]
0x12a91: mov ah, 9
2018-12-25T11:55:04.369087463Z 9 PC: 12a95 | Display string (String= 'Kennedy er d�d - l�nge leve "The Dead Kennedys" ')