Sample viewer

vx.netlux.org/Virus.DOS.DBF.990

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:31:56.292140866Z 25 PC: 12b39 | Get default drive
2018-12-17T22:31:56.293760625Z 42 PC: 12b40 | Get date 0x12b40: xor ax, ax
0x12b42: cmp cx, 0x7c9
0x12b46: jb 0x12b5a
0x12b48: je 0x12b4c
0x12b4a: jmp 0x12b5b
0x12b4c: cmp dh, 0xa
0x12b4f: jb 0x12b5a
0x12b51: je 0x12b55
0x12b53: jmp 0x12b5b
0x12b55: cmp dl, 0xc
0x12b58: ja 0x12b5b
0x12b5a: inc ax
0x12b5b: mov byte ptr [bp + 0x3d], al
0x12b5e: mov al, 2
0x12b60: mov byte ptr [bp + 0x3e], al
0x12b63: mov dl, byte ptr [bp + 0x3e]
0x12b66: mov ah, 0xe
0x12b68: int 0x21
0x12b6a: cmp dl, al
0x12b6c: jb 0x12b71
2018-12-17T22:31:56.297661383Z 14 PC: 12b6a | Set default drive (Drive = 'C')
2018-12-17T22:31:56.299303758Z 62 PC: 12df6 | Close file
2018-12-17T22:31:56.301460569Z 78 PC: 12b9b | Find first file
2018-12-17T22:31:56.308708393Z 78 PC: 12b9b | Find first file
2018-12-17T22:31:56.314729101Z 78 PC: 12b9b | Find first file
2018-12-17T22:31:56.321249133Z 79 PC: 12ba9 | Find next file
2018-12-17T22:31:56.328636499Z 14 PC: 12b6a | Set default drive (Drive = 'D')
2018-12-17T22:31:56.33119825Z 78 PC: 12b9b | Find first file
2018-12-17T22:31:56.337663591Z 78 PC: 12b9b | Find first file
2018-12-17T22:31:56.345017084Z 78 PC: 12b9b | Find first file
2018-12-17T22:31:56.353310089Z 79 PC: 12ba9 | Find next file
2018-12-17T22:31:56.356139693Z 14 PC: 12b6a | Set default drive (Drive = 'E')
2018-12-17T22:31:56.358355629Z 78 PC: 12b9b | Find first file
2018-12-17T22:31:56.36439875Z 78 PC: 12b9b | Find first file
2018-12-17T22:31:56.375308195Z 78 PC: 12b9b | Find first file
2018-12-17T22:31:56.381447053Z 79 PC: 12ba9 | Find next file
2018-12-17T22:31:56.398717642Z 14 PC: 12b6a | Set default drive (Drive = 'F')
2018-12-17T22:31:56.401239767Z 14 PC: 12e38 | Set default drive (Drive = 'A')
2018-12-17T22:31:56.404097354Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5704,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:55:16.596069701Z 25 PC: 12b39 | Get default drive
2018-12-25T11:55:16.597504412Z 42 PC: 12b40 | Get date 0x12b40: xor ax, ax
0x12b42: cmp cx, 0x7c9
0x12b46: jb 0x12b5a
0x12b48: je 0x12b4c
0x12b4a: jmp 0x12b5b
0x12b4c: cmp dh, 0xa
0x12b4f: jb 0x12b5a
0x12b51: je 0x12b55
0x12b53: jmp 0x12b5b
0x12b55: cmp dl, 0xc
0x12b58: ja 0x12b5b
0x12b5a: inc ax
0x12b5b: mov byte ptr [bp + 0x3d], al
0x12b5e: mov al, 2
0x12b60: mov byte ptr [bp + 0x3e], al
0x12b63: mov dl, byte ptr [bp + 0x3e]
0x12b66: mov ah, 0xe
0x12b68: int 0x21
0x12b6a: cmp dl, al
0x12b6c: jb 0x12b71
2018-12-25T11:55:16.599663267Z 14 PC: 12b6a | Set default drive (Drive = 'C')
2018-12-25T11:55:16.600736034Z 62 PC: 12df6 | Close file
2018-12-25T11:55:16.602202325Z 78 PC: 12b9b | Find first file
2018-12-25T11:55:16.606308234Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:16.609547008Z 79 PC: 12ba9 | Find next file
2018-12-25T11:55:16.611319364Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:16.612678773Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:16.617747452Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:16.622937927Z 79 PC: 12ba9 | Find next file (See above)
2018-12-25T11:55:16.626542448Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:16.627705752Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:16.632778311Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:16.639319679Z 79 PC: 12ba9 | Find next file (See above)
2018-12-25T11:55:16.641708981Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:16.642858203Z 14 PC: 12e38 | Set default drive (Drive = 'A')
2018-12-25T11:55:16.644563039Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":1,"Month":10,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5704,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:55:17.002263706Z 25 PC: 12b39 | Get default drive
2018-12-25T11:55:17.004162665Z 42 PC: 12b40 | Get date 0x12b40: xor ax, ax
0x12b42: cmp cx, 0x7c9
0x12b46: jb 0x12b5a
0x12b48: je 0x12b4c
0x12b4a: jmp 0x12b5b
0x12b4c: cmp dh, 0xa
0x12b4f: jb 0x12b5a
0x12b51: je 0x12b55
0x12b53: jmp 0x12b5b
0x12b55: cmp dl, 0xc
0x12b58: ja 0x12b5b
0x12b5a: inc ax
0x12b5b: mov byte ptr [bp + 0x3d], al
0x12b5e: mov al, 2
0x12b60: mov byte ptr [bp + 0x3e], al
0x12b63: mov dl, byte ptr [bp + 0x3e]
0x12b66: mov ah, 0xe
0x12b68: int 0x21
0x12b6a: cmp dl, al
0x12b6c: jb 0x12b71
2018-12-25T11:55:17.007382938Z 14 PC: 12b6a | Set default drive (Drive = 'C')
2018-12-25T11:55:17.008844792Z 62 PC: 12df6 | Close file
2018-12-25T11:55:17.010778371Z 78 PC: 12b9b | Find first file
2018-12-25T11:55:17.017527834Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.02447688Z 79 PC: 12ba9 | Find next file
2018-12-25T11:55:17.026960625Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.028941776Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.035343201Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.041983401Z 79 PC: 12ba9 | Find next file (See above)
2018-12-25T11:55:17.045536767Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.047079386Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.054718038Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.061502103Z 79 PC: 12ba9 | Find next file (See above)
2018-12-25T11:55:17.064787255Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.066692281Z 14 PC: 12e38 | Set default drive (Drive = 'A')
2018-12-25T11:55:17.070147415Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":13,"Month":10,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5704,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:55:17.06897579Z 25 PC: 12b39 | Get default drive
2018-12-25T11:55:17.070491121Z 42 PC: 12b40 | Get date 0x12b40: xor ax, ax
0x12b42: cmp cx, 0x7c9
0x12b46: jb 0x12b5a
0x12b48: je 0x12b4c
0x12b4a: jmp 0x12b5b
0x12b4c: cmp dh, 0xa
0x12b4f: jb 0x12b5a
0x12b51: je 0x12b55
0x12b53: jmp 0x12b5b
0x12b55: cmp dl, 0xc
0x12b58: ja 0x12b5b
0x12b5a: inc ax
0x12b5b: mov byte ptr [bp + 0x3d], al
0x12b5e: mov al, 2
0x12b60: mov byte ptr [bp + 0x3e], al
0x12b63: mov dl, byte ptr [bp + 0x3e]
0x12b66: mov ah, 0xe
0x12b68: int 0x21
0x12b6a: cmp dl, al
0x12b6c: jb 0x12b71
2018-12-25T11:55:17.074050994Z 14 PC: 12b6a | Set default drive (Drive = 'C')
2018-12-25T11:55:17.07590404Z 62 PC: 12df6 | Close file
2018-12-25T11:55:17.078531185Z 78 PC: 12b9b | Find first file
2018-12-25T11:55:17.086409678Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.092674362Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.09901649Z 79 PC: 12ba9 | Find next file
2018-12-25T11:55:17.102718143Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.104266452Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.110058052Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.11647684Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.122394003Z 79 PC: 12ba9 | Find next file (See above)
2018-12-25T11:55:17.125708312Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.128019931Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.133819234Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.139541161Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.145561711Z 79 PC: 12ba9 | Find next file (See above)
2018-12-25T11:55:17.148700885Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.149931513Z 14 PC: 12e38 | Set default drive (Drive = 'A')
2018-12-25T11:55:17.151380873Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":1,"Month":11,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5704,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:55:17.080647161Z 25 PC: 12b39 | Get default drive
2018-12-25T11:55:17.082878331Z 42 PC: 12b40 | Get date 0x12b40: xor ax, ax
0x12b42: cmp cx, 0x7c9
0x12b46: jb 0x12b5a
0x12b48: je 0x12b4c
0x12b4a: jmp 0x12b5b
0x12b4c: cmp dh, 0xa
0x12b4f: jb 0x12b5a
0x12b51: je 0x12b55
0x12b53: jmp 0x12b5b
0x12b55: cmp dl, 0xc
0x12b58: ja 0x12b5b
0x12b5a: inc ax
0x12b5b: mov byte ptr [bp + 0x3d], al
0x12b5e: mov al, 2
0x12b60: mov byte ptr [bp + 0x3e], al
0x12b63: mov dl, byte ptr [bp + 0x3e]
0x12b66: mov ah, 0xe
0x12b68: int 0x21
0x12b6a: cmp dl, al
0x12b6c: jb 0x12b71
2018-12-25T11:55:17.085534119Z 14 PC: 12b6a | Set default drive (Drive = 'C')
2018-12-25T11:55:17.087615192Z 62 PC: 12df6 | Close file
2018-12-25T11:55:17.089429814Z 78 PC: 12b9b | Find first file
2018-12-25T11:55:17.095742312Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.101174416Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.106694187Z 79 PC: 12ba9 | Find next file
2018-12-25T11:55:17.109938383Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.111369422Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.116756557Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.131278662Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.137109851Z 79 PC: 12ba9 | Find next file (See above)
2018-12-25T11:55:17.139906609Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.152972894Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.158605444Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.164165224Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.170839227Z 79 PC: 12ba9 | Find next file (See above)
2018-12-25T11:55:17.173304242Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.174460622Z 14 PC: 12e38 | Set default drive (Drive = 'A')
2018-12-25T11:55:17.176840534Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1994,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5704,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:55:17.121668052Z 25 PC: 12b39 | Get default drive
2018-12-25T11:55:17.124059633Z 42 PC: 12b40 | Get date 0x12b40: xor ax, ax
0x12b42: cmp cx, 0x7c9
0x12b46: jb 0x12b5a
0x12b48: je 0x12b4c
0x12b4a: jmp 0x12b5b
0x12b4c: cmp dh, 0xa
0x12b4f: jb 0x12b5a
0x12b51: je 0x12b55
0x12b53: jmp 0x12b5b
0x12b55: cmp dl, 0xc
0x12b58: ja 0x12b5b
0x12b5a: inc ax
0x12b5b: mov byte ptr [bp + 0x3d], al
0x12b5e: mov al, 2
0x12b60: mov byte ptr [bp + 0x3e], al
0x12b63: mov dl, byte ptr [bp + 0x3e]
0x12b66: mov ah, 0xe
0x12b68: int 0x21
0x12b6a: cmp dl, al
0x12b6c: jb 0x12b71
2018-12-25T11:55:17.126563668Z 14 PC: 12b6a | Set default drive (Drive = 'C')
2018-12-25T11:55:17.128139982Z 62 PC: 12df6 | Close file
2018-12-25T11:55:17.132910903Z 78 PC: 12b9b | Find first file
2018-12-25T11:55:17.138955016Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.145560398Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.151584154Z 79 PC: 12ba9 | Find next file
2018-12-25T11:55:17.154044971Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.15529246Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.160762647Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.167598959Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.173168731Z 79 PC: 12ba9 | Find next file (See above)
2018-12-25T11:55:17.17613938Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.178668427Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.184126271Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.189410607Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.196813152Z 79 PC: 12ba9 | Find next file (See above)
2018-12-25T11:55:17.199534708Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.20104377Z 14 PC: 12e38 | Set default drive (Drive = 'A')
2018-12-25T11:55:17.203240569Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5704,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:55:17.106187438Z 25 PC: 12b39 | Get default drive
2018-12-25T11:55:17.108093025Z 42 PC: 12b40 | Get date 0x12b40: xor ax, ax
0x12b42: cmp cx, 0x7c9
0x12b46: jb 0x12b5a
0x12b48: je 0x12b4c
0x12b4a: jmp 0x12b5b
0x12b4c: cmp dh, 0xa
0x12b4f: jb 0x12b5a
0x12b51: je 0x12b55
0x12b53: jmp 0x12b5b
0x12b55: cmp dl, 0xc
0x12b58: ja 0x12b5b
0x12b5a: inc ax
0x12b5b: mov byte ptr [bp + 0x3d], al
0x12b5e: mov al, 2
0x12b60: mov byte ptr [bp + 0x3e], al
0x12b63: mov dl, byte ptr [bp + 0x3e]
0x12b66: mov ah, 0xe
0x12b68: int 0x21
0x12b6a: cmp dl, al
0x12b6c: jb 0x12b71
2018-12-25T11:55:17.110822726Z 14 PC: 12b6a | Set default drive (Drive = 'C')
2018-12-25T11:55:17.112430287Z 62 PC: 12df6 | Close file
2018-12-25T11:55:17.115530964Z 78 PC: 12b9b | Find first file
2018-12-25T11:55:17.120838837Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.126421776Z 79 PC: 12ba9 | Find next file
2018-12-25T11:55:17.130571684Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.13873973Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.144196286Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.150473668Z 79 PC: 12ba9 | Find next file (See above)
2018-12-25T11:55:17.153467951Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.154689325Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.159681119Z 78 PC: 12b9b | Find first file (See above)
2018-12-25T11:55:17.166184658Z 79 PC: 12ba9 | Find next file (See above)
2018-12-25T11:55:17.168527057Z 14 PC: 12b6a | Set default drive (See above)
2018-12-25T11:55:17.169650586Z 14 PC: 12e38 | Set default drive (Drive = 'A')
2018-12-25T11:55:17.171792888Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')