Sample viewer

vx.netlux.org/Virus.DOS.Sirius.279.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:33:01.363955064Z 26 PC: 13044 | Set disk transfer address
2018-12-17T22:33:01.365503932Z 25 PC: 13052 | Get default drive
2018-12-17T22:33:01.366842213Z 14 PC: 1305c | Set default drive (Drive = 'D')
2018-12-17T22:33:01.368282133Z 78 PC: 13066 | Find first file
2018-12-17T22:33:01.376005974Z 61 PC: 13073 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:33:01.382602759Z 66 PC: 13124 | Move file pointer
2018-12-17T22:33:01.384176506Z 62 PC: 1309a | Close file
2018-12-17T22:33:01.386137095Z 79 PC: 13066 | Find next file
2018-12-17T22:33:01.389984194Z 61 PC: 13073 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:33:01.39695424Z 66 PC: 13124 | Move file pointer
2018-12-17T22:33:01.398435421Z 62 PC: 1309a | Close file
2018-12-17T22:33:01.400805978Z 79 PC: 13066 | Find next file
2018-12-17T22:33:01.403523265Z 61 PC: 13073 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:33:01.410021057Z 66 PC: 13124 | Move file pointer
2018-12-17T22:33:01.41206772Z 62 PC: 1309a | Close file
2018-12-17T22:33:01.417676465Z 79 PC: 13066 | Find next file
2018-12-17T22:33:01.420305653Z 61 PC: 13073 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:33:01.427874319Z 66 PC: 13124 | Move file pointer
2018-12-17T22:33:01.429486232Z 62 PC: 1309a | Close file
2018-12-17T22:33:01.431464561Z 79 PC: 13066 | Find next file
2018-12-17T22:33:01.434952166Z 61 PC: 13073 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:33:01.441963325Z 66 PC: 13124 | Move file pointer
2018-12-17T22:33:01.444380079Z 62 PC: 1309a | Close file
2018-12-17T22:33:01.446359391Z 79 PC: 13066 | Find next file
2018-12-17T22:33:01.449447442Z 61 PC: 13073 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:33:01.455774684Z 66 PC: 13124 | Move file pointer
2018-12-17T22:33:01.457182254Z 62 PC: 1309a | Close file
2018-12-17T22:33:01.459732756Z 79 PC: 13066 | Find next file
2018-12-17T22:33:01.462595449Z 61 PC: 13073 | Open file (Filename = 'PAH.COM')
2018-12-17T22:33:01.469221114Z 66 PC: 13124 | Move file pointer
2018-12-17T22:33:01.471180403Z 62 PC: 1309a | Close file
2018-12-17T22:33:01.473119624Z 79 PC: 13066 | Find next file
2018-12-17T22:33:01.47575543Z 61 PC: 13073 | Open file (Filename = 'TEST.COM')
2018-12-17T22:33:01.482711674Z 66 PC: 13124 | Move file pointer
2018-12-17T22:33:01.48429284Z 87 PC: 1308a | Get or set file date and time
2018-12-17T22:33:01.485885482Z 44 PC: 130aa | Get time 0x130aa: or dl, dl
0x130ac: je 0x130a6
0x130ae: mov byte ptr [bp + 0x21b], dl
0x130b2: mov ax, 0x4200
0x130b5: call 0x1311e
0x130b8: mov ah, 0x3f
0x130ba: lea dx, word ptr [bp + 0x211]
0x130be: mov cx, 3
0x130c1: int 0x21
0x130c3: mov ax, 0x4202
0x130c6: call 0x1311e
0x130c9: sub ax, 3
0x130cc: mov word ptr cs:[bp + 0x20f], ax
0x130d1: lea si, word ptr [bp + 0x105]
0x130d5: mov di, 0xfcbc
0x130d8: mov cx, 0x117
0x130db: cld
0x130dc: rep movsb byte ptr es:[di], byte ptr [si]
0x130de: mov si, 0xfcdd
0x130e1: call 0x2302d
2018-12-17T22:33:01.488882695Z 66 PC: 13124 | Move file pointer
2018-12-17T22:33:01.490476335Z 63 PC: 130c3 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:33:01.493220997Z 66 PC: 13124 | Move file pointer
2018-12-17T22:33:01.495818781Z 64 PC: 130ee | Write file or device (Write 279 bytes on handle 5)
2018-12-17T22:33:01.512638633Z 66 PC: 13124 | Move file pointer
2018-12-17T22:33:01.51421202Z 64 PC: 130ff | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:33:01.518118331Z 87 PC: 13106 | Get or set file date and time
2018-12-17T22:33:01.519770697Z 62 PC: 1310a | Close file
2018-12-17T22:33:01.52782943Z 26 PC: 13111 | Set disk transfer address
2018-12-17T22:33:01.530091885Z 14 PC: 13119 | Set default drive (Drive = 'A')
2018-12-17T22:33:01.531643147Z 9 PC: 13018 | Display string (String= ' Testovaci soubor .COM o delce 1500 - ALWIL Software Testing .COM file long 1500 bytes - ALWIL Software')
2018-12-17T22:33:01.537528106Z 76 PC: 1301c | Terminate with return code (Return code = '36')