Sample viewer

vx.netlux.org/Virus.DOS.VCL.CountDown.1363

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:55:30.024679901Z 47 PC: 12afb | Get disk transfer address
2018-12-17T21:55:30.026178039Z 26 PC: 12b04 | Set disk transfer address
2018-12-17T21:55:30.027886168Z 71 PC: 12fd7 | Get current directory
2018-12-17T21:55:30.030502908Z 59 PC: 12fe0 | Change current directory
2018-12-17T21:55:30.034719937Z 47 PC: 12bb3 | Get disk transfer address
2018-12-17T21:55:30.035692937Z 26 PC: 12bd7 | Set disk transfer address
2018-12-17T21:55:30.036567171Z 78 PC: 12fae | Find first file
2018-12-17T21:55:30.043429777Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.0457522Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.048142169Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.050991943Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.053274785Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.055538997Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.058262959Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.060617559Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.063506459Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.065704132Z 47 PC: 12f97 | Get disk transfer address
2018-12-17T21:55:30.0672423Z 26 PC: 12c40 | Set disk transfer address
2018-12-17T21:55:30.06870647Z 78 PC: 12c46 | Find first file
2018-12-17T21:55:30.074395994Z 47 PC: 12d58 | Get disk transfer address
2018-12-17T21:55:30.075934311Z 61 PC: 12daa | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:55:30.082552982Z 63 PC: 12daf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:55:30.089386325Z 66 PC: 12dd9 | Move file pointer
2018-12-17T21:55:30.091554297Z 62 PC: 12dff | Close file
2018-12-17T21:55:30.093769219Z 67 PC: 12e18 | Get or set file attributes
2018-12-17T21:55:30.11024089Z 61 PC: 12e22 | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:55:30.118572124Z 64 PC: 12e33 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:55:30.121293089Z 66 PC: 12e99 | Move file pointer
2018-12-17T21:55:30.122650761Z 64 PC: 12e5c | Write file or device (Write 1363 bytes on handle 5)
2018-12-17T21:55:30.132710171Z 87 PC: 12eb2 | Get or set file date and time
2018-12-17T21:55:30.134238176Z 62 PC: 12e65 | Close file
2018-12-17T21:55:30.141654319Z 67 PC: 12e6b | Get or set file attributes
2018-12-17T21:55:30.156828928Z 26 PC: 12c64 | Set disk transfer address
2018-12-17T21:55:30.159469708Z 26 PC: 12fb6 | Set disk transfer address
2018-12-17T21:55:30.164073559Z 59 PC: 12fec | Change current directory
2018-12-17T21:55:30.165783889Z 71 PC: 12fd7 | Get current directory
2018-12-17T21:55:30.170519271Z 59 PC: 12fe0 | Change current directory
2018-12-17T21:55:30.175078253Z 47 PC: 12bb3 | Get disk transfer address
2018-12-17T21:55:30.17647Z 26 PC: 12bd7 | Set disk transfer address
2018-12-17T21:55:30.178876113Z 78 PC: 12fae | Find first file
2018-12-17T21:55:30.184628882Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.187382981Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.192121045Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.194643486Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.197758247Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.200548173Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.203097705Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.206311744Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.209706269Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.213477912Z 47 PC: 12f97 | Get disk transfer address
2018-12-17T21:55:30.214858642Z 26 PC: 12c40 | Set disk transfer address
2018-12-17T21:55:30.21665929Z 78 PC: 12c46 | Find first file
2018-12-17T21:55:30.222716064Z 47 PC: 12d58 | Get disk transfer address
2018-12-17T21:55:30.223769008Z 61 PC: 12daa | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:55:30.239670171Z 63 PC: 12daf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:55:30.245898776Z 66 PC: 12dd9 | Move file pointer
2018-12-17T21:55:30.247907507Z 62 PC: 12dff | Close file
2018-12-17T21:55:30.25042324Z 79 PC: 12c46 | Find next file
2018-12-17T21:55:30.253336383Z 47 PC: 12d58 | Get disk transfer address
2018-12-17T21:55:30.254480044Z 61 PC: 12daa | Open file (Filename = 'PRINT.COM')
2018-12-17T21:55:30.261821983Z 63 PC: 12daf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:55:30.267933186Z 66 PC: 12dd9 | Move file pointer
2018-12-17T21:55:30.269336594Z 62 PC: 12dff | Close file
2018-12-17T21:55:30.271532548Z 67 PC: 12e18 | Get or set file attributes
2018-12-17T21:55:30.281369518Z 61 PC: 12e22 | Open file (Filename = 'PRINT.COM')
2018-12-17T21:55:30.288033263Z 64 PC: 12e33 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:55:30.29176703Z 66 PC: 12e99 | Move file pointer
2018-12-17T21:55:30.293211498Z 64 PC: 12e5c | Write file or device (Write 1363 bytes on handle 5)
2018-12-17T21:55:30.301488087Z 87 PC: 12eb2 | Get or set file date and time
2018-12-17T21:55:30.303302998Z 62 PC: 12e65 | Close file
2018-12-17T21:55:30.310898296Z 67 PC: 12e6b | Get or set file attributes
2018-12-17T21:55:30.32087786Z 26 PC: 12c64 | Set disk transfer address
2018-12-17T21:55:30.322108063Z 26 PC: 12fb6 | Set disk transfer address
2018-12-17T21:55:30.323413014Z 59 PC: 12fec | Change current directory
2018-12-17T21:55:30.32515185Z 71 PC: 12fd7 | Get current directory
2018-12-17T21:55:30.328096461Z 59 PC: 12fe0 | Change current directory
2018-12-17T21:55:30.332415817Z 47 PC: 12bb3 | Get disk transfer address
2018-12-17T21:55:30.333441837Z 26 PC: 12bd7 | Set disk transfer address
2018-12-17T21:55:30.334624291Z 78 PC: 12fae | Find first file
2018-12-17T21:55:30.340769357Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.343274278Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.345975912Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.348575426Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.351142479Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.353790001Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.356190382Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.35851674Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.361033014Z 79 PC: 12c10 | Find next file
2018-12-17T21:55:30.363362763Z 47 PC: 12f97 | Get disk transfer address
2018-12-17T21:55:30.364438494Z 26 PC: 12c40 | Set disk transfer address
2018-12-17T21:55:30.365703706Z 78 PC: 12c46 | Find first file
2018-12-17T21:55:30.371605858Z 47 PC: 12d58 | Get disk transfer address
2018-12-17T21:55:30.372583614Z 61 PC: 12daa | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:55:30.384032324Z 63 PC: 12daf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:55:30.391282116Z 66 PC: 12dd9 | Move file pointer
2018-12-17T21:55:30.392805409Z 62 PC: 12dff | Close file
2018-12-17T21:55:30.394421656Z 79 PC: 12c46 | Find next file
2018-12-17T21:55:30.396940776Z 47 PC: 12d58 | Get disk transfer address
2018-12-17T21:55:30.3979507Z 61 PC: 12daa | Open file (Filename = 'PRINT.COM')
2018-12-17T21:55:30.404098884Z 63 PC: 12daf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:55:30.410570165Z 66 PC: 12dd9 | Move file pointer
2018-12-17T21:55:30.411819411Z 62 PC: 12dff | Close file
2018-12-17T21:55:30.413433571Z 79 PC: 12c46 | Find next file
2018-12-17T21:55:30.415973371Z 47 PC: 12d58 | Get disk transfer address
2018-12-17T21:55:30.416925506Z 61 PC: 12daa | Open file (Filename = 'HELLO.COM')
2018-12-17T21:55:30.423069748Z 63 PC: 12daf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:55:30.429381401Z 66 PC: 12dd9 | Move file pointer
2018-12-17T21:55:30.430668422Z 62 PC: 12dff | Close file
2018-12-17T21:55:30.432297241Z 67 PC: 12e18 | Get or set file attributes
2018-12-17T21:55:30.441921548Z 61 PC: 12e22 | Open file (Filename = 'HELLO.COM')
2018-12-17T21:55:30.449039286Z 64 PC: 12e33 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:55:30.45164386Z 66 PC: 12e99 | Move file pointer
2018-12-17T21:55:30.453017454Z 64 PC: 12e5c | Write file or device (Write 1363 bytes on handle 5)
2018-12-17T21:55:30.461225074Z 87 PC: 12eb2 | Get or set file date and time
2018-12-17T21:55:30.462570267Z 62 PC: 12e65 | Close file
2018-12-17T21:55:30.47121453Z 67 PC: 12e6b | Get or set file attributes
2018-12-17T21:55:30.481695082Z 26 PC: 12c64 | Set disk transfer address
2018-12-17T21:55:30.483070116Z 26 PC: 12fb6 | Set disk transfer address
2018-12-17T21:55:30.484956239Z 59 PC: 12fec | Change current directory
2018-12-17T21:55:30.487703128Z 42 PC: 12b32 | Get date 0x12b32: mov al, dl
0x12b34: cwde
0x12b35: cmp ax, 0x12
0x12b38: jne 0x12b44
0x12b3a: call 0x12e8a
0x12b3d: cmp ax, 1
0x12b40: jne 0x12b44
0x12b42: jmp 0x12b5a
0x12b44: call 0x12e8a
0x12b47: cmp ax, 0xc
0x12b4a: jne 0x12b95
0x12b4c: mov ah, 0x2a
0x12b4e: int 0x21
0x12b50: mov al, dl
0x12b52: cwde
0x12b53: cmp ax, 0x14
0x12b56: jne 0x12b95
0x12b58: jmp 0x12b5a
0x12b5a: lea si, word ptr [di + 0x2c8]
0x12b5e: mov ah, 0xe
2018-12-17T21:55:30.490248007Z 42 PC: 12e90 | Get date 0x12e90: mov al, dh
0x12e92: nop
0x12e93: jmp 0x12f02
0x12e95: nop
0x12e96: ret
0x12e97: int 0x21
0x12e99: ret
0x12e9a: lea dx, word ptr [bp - 0x80]
0x12e9d: jmp 0x12b02
0x12ea0: sub sp, 0x80
0x12ea4: jmp 0x12af7
0x12ea7: mov ax, 0x5701
0x12eaa: mov cx, word ptr [si + 0x16]
0x12ead: mov dx, word ptr [si + 0x18]
0x12eb0: int 0x21
0x12eb2: jmp 0x12e60
0x12eb4: cmp byte ptr [bp - 0x62], 0x2e
0x12eb8: jmp 0x12be9
0x12ebb: movsw word ptr es:[di], word ptr [si]
0x12ebc: jmp 0x12ad2
2018-12-17T21:55:30.493247394Z 42 PC: 12b50 | Get date 0x12b50: mov al, dl
0x12b52: cwde
0x12b53: cmp ax, 0x14
0x12b56: jne 0x12b95
0x12b58: jmp 0x12b5a
0x12b5a: lea si, word ptr [di + 0x2c8]
0x12b5e: mov ah, 0xe
0x12b60: lodsb al, byte ptr [si]
0x12b61: or al, al
0x12b63: je 0x12b69
0x12b65: int 0x10
0x12b67: jmp 0x12b60
0x12b69: mov cx, 0x3e8
0x12b6c: jcxz 0x12b75
0x12b6e: mov ax, 0xe07
0x12b71: int 0x10
0x12b73: loop 0x12b71
0x12b75: mov ax, 2
0x12b78: mov cx, 0x1770
0x12b7b: call 0x12d4b
2018-12-17T21:55:30.496642608Z 26 PC: 12b9a | Set disk transfer address
2018-12-17T21:55:30.498364458Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=00000064h/0000000100d bytes. ')
2018-12-17T21:55:30.503465841Z 76 PC: 12a86 | Terminate with return code (Return code = '36')