Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.585

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:33:48.796907523Z	78	PC: 12b68 \| Find first file
2018-12-17T22:33:48.804583142Z	78	PC: 12b77 \| Find first file
2018-12-17T22:33:48.812608303Z	67	PC: 12ba7 \| Get or set file attributes
2018-12-17T22:33:48.831443027Z	61	PC: 12bac \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:33:48.839393778Z	63	PC: 12bbb \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:33:48.847649557Z	62	PC: 12be6 \| Close file
2018-12-17T22:33:48.849937104Z	61	PC: 12bee \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:33:48.864474009Z	64	PC: 12a5a \| Write file or device (Write 585 bytes on handle 5)
2018-12-17T22:33:48.877081416Z	87	PC: 12c1e \| Get or set file date and time
2018-12-17T22:33:48.879350507Z	62	PC: 12c22 \| Close file
2018-12-17T22:33:48.888113289Z	67	PC: 12c2e \| Get or set file attributes
2018-12-17T22:33:48.901060761Z	79	PC: 12bdb \| Find next file
2018-12-17T22:33:48.904545497Z	67	PC: 12ba7 \| Get or set file attributes
2018-12-17T22:33:48.916556175Z	61	PC: 12bac \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:33:48.925067935Z	63	PC: 12bbb \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:33:48.933399147Z	62	PC: 12be6 \| Close file
2018-12-17T22:33:48.936093591Z	61	PC: 12bee \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:33:48.945237192Z	64	PC: 12a5a \| Write file or device (Write 585 bytes on handle 5)
2018-12-17T22:33:48.958751395Z	87	PC: 12c1e \| Get or set file date and time
2018-12-17T22:33:48.960762454Z	62	PC: 12c22 \| Close file
2018-12-17T22:33:48.982451746Z	67	PC: 12c2e \| Get or set file attributes
2018-12-17T22:33:48.988919168Z	79	PC: 12bdb \| Find next file
2018-12-17T22:33:48.992205183Z	67	PC: 12ba7 \| Get or set file attributes
2018-12-17T22:33:49.004069229Z	61	PC: 12bac \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:33:49.013425027Z	63	PC: 12bbb \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:33:49.021778199Z	62	PC: 12be6 \| Close file
2018-12-17T22:33:49.024475019Z	61	PC: 12bee \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:33:49.033326279Z	64	PC: 12a5a \| Write file or device (Write 585 bytes on handle 5)
2018-12-17T22:33:49.043635602Z	87	PC: 12c1e \| Get or set file date and time
2018-12-17T22:33:49.04555206Z	62	PC: 12c22 \| Close file
2018-12-17T22:33:49.054658525Z	67	PC: 12c2e \| Get or set file attributes
2018-12-17T22:33:49.064091917Z	9	PC: 12c66 \| Display string (String= 'Program too big to fit in memory ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6049,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:58:17.947777586Z	78	PC: 12b68 \| Find first file
2018-12-25T11:58:17.954124453Z	78	PC: 12b77 \| Find first file
2018-12-25T11:58:17.961060491Z	67	PC: 12ba7 \| Get or set file attributes
2018-12-25T11:58:17.980204654Z	61	PC: 12bac \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:58:17.993023776Z	63	PC: 12bbb \| Read file or device (Read 20 bytes on handle 5)
2018-12-25T11:58:18.000211103Z	62	PC: 12be6 \| Close file
2018-12-25T11:58:18.002325305Z	61	PC: 12bee \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:58:18.010102356Z	64	PC: 12a5a \| Write file or device (Write 585 bytes on handle 5)
2018-12-25T11:58:18.023458582Z	87	PC: 12c1e \| Get or set file date and time
2018-12-25T11:58:18.025205494Z	62	PC: 12c22 \| Close file
2018-12-25T11:58:18.034167039Z	67	PC: 12c2e \| Get or set file attributes
2018-12-25T11:58:18.040324389Z	79	PC: 12bdb \| Find next file
2018-12-25T11:58:18.043579704Z	67	PC: 12ba7 \| Get or set file attributes (See above)
2018-12-25T11:58:18.05597828Z	61	PC: 12bac \| Open file (See above)
2018-12-25T11:58:18.064546287Z	63	PC: 12bbb \| Read file or device (See above)
2018-12-25T11:58:18.072161212Z	62	PC: 12be6 \| Close file (See above)
2018-12-25T11:58:18.07452634Z	61	PC: 12bee \| Open file (See above)
2018-12-25T11:58:18.082972219Z	64	PC: 12a5a \| Write file or device (See above)
2018-12-25T11:58:18.093070824Z	87	PC: 12c1e \| Get or set file date and time (See above)
2018-12-25T11:58:18.095199232Z	62	PC: 12c22 \| Close file (See above)
2018-12-25T11:58:18.104087244Z	67	PC: 12c2e \| Get or set file attributes (See above)
2018-12-25T11:58:18.110606728Z	79	PC: 12bdb \| Find next file (See above)
2018-12-25T11:58:18.113970513Z	67	PC: 12ba7 \| Get or set file attributes (See above)
2018-12-25T11:58:18.129075002Z	61	PC: 12bac \| Open file (See above)
2018-12-25T11:58:18.13816935Z	63	PC: 12bbb \| Read file or device (See above)
2018-12-25T11:58:18.145399279Z	62	PC: 12be6 \| Close file (See above)
2018-12-25T11:58:18.147797251Z	61	PC: 12bee \| Open file (See above)
2018-12-25T11:58:18.157777939Z	64	PC: 12a5a \| Write file or device (See above)
2018-12-25T11:58:18.167085155Z	87	PC: 12c1e \| Get or set file date and time (See above)
2018-12-25T11:58:18.168724684Z	62	PC: 12c22 \| Close file (See above)
2018-12-25T11:58:18.177687979Z	67	PC: 12c2e \| Get or set file attributes (See above)
2018-12-25T11:58:18.186163476Z	9	PC: 12c66 \| Display string (String= 'Program too big to fit in memory ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":56,"TimeBased":true,"OriginalID":6049,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:58:18.023073267Z	78	PC: 12b68 \| Find first file
2018-12-25T11:58:18.030274226Z	78	PC: 12b77 \| Find first file
2018-12-25T11:58:18.037297581Z	67	PC: 12ba7 \| Get or set file attributes
2018-12-25T11:58:18.056324392Z	61	PC: 12bac \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:58:18.063855542Z	63	PC: 12bbb \| Read file or device (Read 20 bytes on handle 5)
2018-12-25T11:58:18.072185159Z	62	PC: 12be6 \| Close file
2018-12-25T11:58:18.074218726Z	61	PC: 12bee \| Open file (Filename = 'SLEEP.COM')
2018-12-25T11:58:18.088469859Z	64	PC: 12a5a \| Write file or device (Write 585 bytes on handle 5)
2018-12-25T11:58:18.098501507Z	87	PC: 12c1e \| Get or set file date and time
2018-12-25T11:58:18.100354294Z	62	PC: 12c22 \| Close file
2018-12-25T11:58:18.108829219Z	67	PC: 12c2e \| Get or set file attributes
2018-12-25T11:58:18.114504286Z	79	PC: 12bdb \| Find next file
2018-12-25T11:58:18.117780716Z	67	PC: 12ba7 \| Get or set file attributes (See above)
2018-12-25T11:58:18.128835254Z	61	PC: 12bac \| Open file (See above)
2018-12-25T11:58:18.137015613Z	63	PC: 12bbb \| Read file or device (See above)
2018-12-25T11:58:18.144100903Z	62	PC: 12be6 \| Close file (See above)
2018-12-25T11:58:18.145901525Z	61	PC: 12bee \| Open file (See above)
2018-12-25T11:58:18.160362354Z	64	PC: 12a5a \| Write file or device (See above)
2018-12-25T11:58:18.170020783Z	87	PC: 12c1e \| Get or set file date and time (See above)
2018-12-25T11:58:18.172386245Z	62	PC: 12c22 \| Close file (See above)
2018-12-25T11:58:18.181293814Z	67	PC: 12c2e \| Get or set file attributes (See above)
2018-12-25T11:58:18.186934565Z	79	PC: 12bdb \| Find next file (See above)
2018-12-25T11:58:18.189734401Z	67	PC: 12ba7 \| Get or set file attributes (See above)
2018-12-25T11:58:18.200542595Z	61	PC: 12bac \| Open file (See above)
2018-12-25T11:58:18.212320994Z	63	PC: 12bbb \| Read file or device (See above)
2018-12-25T11:58:18.220514906Z	62	PC: 12be6 \| Close file (See above)
2018-12-25T11:58:18.222885681Z	61	PC: 12bee \| Open file (See above)
2018-12-25T11:58:18.231238922Z	64	PC: 12a5a \| Write file or device (See above)
2018-12-25T11:58:18.438187784Z	87	PC: 12c1e \| Get or set file date and time (See above)
2018-12-25T11:58:18.440431425Z	62	PC: 12c22 \| Close file (See above)
2018-12-25T11:58:18.566804765Z	67	PC: 12c2e \| Get or set file attributes (See above)
2018-12-25T11:58:18.570957931Z	9	PC: 12c66 \| Display string (String= 'Program too big to fit in memory ')