Sample viewer

vx.netlux.org/Virus.DOS.Zany.664

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:33:52.745536087Z 74 PC: 15488 | Reallocate memory
2018-12-17T22:33:52.748048312Z 72 PC: 15490 | Allocate memory
2018-12-17T22:33:52.749844538Z 71 PC: 154b0 | Get current directory
2018-12-17T22:33:52.752964025Z 26 PC: 154c3 | Set disk transfer address
2018-12-17T22:33:52.754587605Z 59 PC: 154cd | Change current directory
2018-12-17T22:33:52.759730185Z 78 PC: 154e6 | Find first file
2018-12-17T22:33:52.770566789Z 47 PC: 154ef | Get disk transfer address
2018-12-17T22:33:52.7726387Z 61 PC: 154fb | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:33:52.779882037Z 66 PC: 1550f | Move file pointer
2018-12-17T22:33:52.781185168Z 87 PC: 155e8 | Get or set file date and time
2018-12-17T22:33:52.782554037Z 66 PC: 15609 | Move file pointer
2018-12-17T22:33:52.784717959Z 64 PC: 15613 | Write file or device (Write 664 bytes on handle 5)
2018-12-17T22:33:52.800146969Z 66 PC: 15621 | Move file pointer
2018-12-17T22:33:52.801411225Z 63 PC: 1562c | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:33:52.811967978Z 66 PC: 1563e | Move file pointer
2018-12-17T22:33:52.81343478Z 64 PC: 15649 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:33:52.816200596Z 66 PC: 15657 | Move file pointer
2018-12-17T22:33:52.818631397Z 64 PC: 1566b | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:33:52.821423308Z 66 PC: 15678 | Move file pointer
2018-12-17T22:33:52.823244146Z 64 PC: 1568d | Write file or device (Write 2 bytes on handle 5)
2018-12-17T22:33:52.826482179Z 87 PC: 1569a | Get or set file date and time
2018-12-17T22:33:52.828393646Z 62 PC: 1569e | Close file
2018-12-17T22:33:52.835838932Z 59 PC: 156b5 | Change current directory
2018-12-17T22:33:52.839887279Z 59 PC: 156c2 | Change current directory
2018-12-17T22:33:52.848134517Z 73 PC: 156ca | Release memory
2018-12-17T22:33:52.849571652Z 42 PC: 15159 | Get date 0x15159: cmp dl, 0xe
0x1515c: jne 0x151ac
0x1515e: pushaw
0x1515f: pushaw
0x15160: mov ah, 6
0x15162: mov al, 0
0x15164: mov cx, 0
0x15167: mov dl, 0x4f
0x15169: mov dh, 0x18
0x1516b: mov bh, 7
0x1516d: int 0x10
0x1516f: popaw
0x15170: mov cx, 1
0x15173: mov di, 1
0x15176: mov bl, 2
0x15178: cmp di, 0x43
0x1517b: jne 0x15182
0x1517d: mov bl, 4
0x1517f: mov di, 1
0x15182: mov dx, di
2018-12-17T22:33:52.852403279Z 48 PC: 151c3 | Get DOS version
2018-12-17T22:33:52.854186571Z 47 PC: 151cf | Get disk transfer address
2018-12-17T22:33:52.855582519Z 26 PC: 151de | Set disk transfer address
2018-12-17T22:33:52.857294608Z 78 PC: 15266 | Find first file
2018-12-17T22:33:52.864853055Z 67 PC: 1529f | Get or set file attributes
2018-12-17T22:33:52.870340591Z 67 PC: 152af | Get or set file attributes
2018-12-17T22:33:52.880388327Z 61 PC: 152b9 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:33:52.887526234Z 87 PC: 152c5 | Get or set file date and time
2018-12-17T22:33:52.888948196Z 63 PC: 152d7 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:33:52.891783663Z 66 PC: 152e9 | Move file pointer
2018-12-17T22:33:52.894045666Z 64 PC: 1530c | Write file or device (Write 762 bytes on handle 5)
2018-12-17T22:33:52.901852946Z 66 PC: 1531e | Move file pointer
2018-12-17T22:33:52.903226064Z 64 PC: 1532c | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:33:52.906522585Z 87 PC: 15342 | Get or set file date and time
2018-12-17T22:33:52.908198601Z 62 PC: 15346 | Close file
2018-12-17T22:33:52.915938131Z 67 PC: 15353 | Get or set file attributes
2018-12-17T22:33:52.926466868Z 26 PC: 1535d | Set disk transfer address
2018-12-17T22:33:52.927968519Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-17T22:33:52.93122912Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6063,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:58:25.163137458Z 74 PC: 15488 | Reallocate memory
2018-12-25T11:58:25.165070577Z 72 PC: 15490 | Allocate memory
2018-12-25T11:58:25.166596014Z 71 PC: 154b0 | Get current directory
2018-12-25T11:58:25.169400324Z 26 PC: 154c3 | Set disk transfer address
2018-12-25T11:58:25.171472142Z 59 PC: 154cd | Change current directory
2018-12-25T11:58:25.175634718Z 78 PC: 154e6 | Find first file
2018-12-25T11:58:25.181321287Z 47 PC: 154ef | Get disk transfer address
2018-12-25T11:58:25.182743346Z 61 PC: 154fb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:58:25.189091441Z 66 PC: 1550f | Move file pointer
2018-12-25T11:58:25.190376464Z 87 PC: 155e8 | Get or set file date and time
2018-12-25T11:58:25.192055418Z 66 PC: 15609 | Move file pointer
2018-12-25T11:58:25.193295874Z 64 PC: 15613 | Write file or device (Write 664 bytes on handle 5)
2018-12-25T11:58:25.208690814Z 66 PC: 15621 | Move file pointer
2018-12-25T11:58:25.210479358Z 63 PC: 1562c | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:58:25.21657887Z 66 PC: 1563e | Move file pointer
2018-12-25T11:58:25.217751555Z 64 PC: 15649 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:58:25.220689022Z 66 PC: 15657 | Move file pointer
2018-12-25T11:58:25.221921939Z 64 PC: 1566b | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:58:25.224344578Z 66 PC: 15678 | Move file pointer
2018-12-25T11:58:25.225823065Z 64 PC: 1568d | Write file or device (Write 2 bytes on handle 5)
2018-12-25T11:58:25.232376945Z 87 PC: 1569a | Get or set file date and time
2018-12-25T11:58:25.233750378Z 62 PC: 1569e | Close file
2018-12-25T11:58:25.241680196Z 59 PC: 156b5 | Change current directory
2018-12-25T11:58:25.247011479Z 59 PC: 156c2 | Change current directory
2018-12-25T11:58:25.248650753Z 73 PC: 156ca | Release memory
2018-12-25T11:58:25.266341057Z 42 PC: 15159 | Get date 0x15159: cmp dl, 0xe
0x1515c: jne 0x151ac
0x1515e: pushaw
0x1515f: pushaw
0x15160: mov ah, 6
0x15162: mov al, 0
0x15164: mov cx, 0
0x15167: mov dl, 0x4f
0x15169: mov dh, 0x18
0x1516b: mov bh, 7
0x1516d: int 0x10
0x1516f: popaw
0x15170: mov cx, 1
0x15173: mov di, 1
0x15176: mov bl, 2
0x15178: cmp di, 0x43
0x1517b: jne 0x15182
0x1517d: mov bl, 4
0x1517f: mov di, 1
0x15182: mov dx, di
2018-12-25T11:58:25.268434023Z 48 PC: 151c3 | Get DOS version
2018-12-25T11:58:25.269387314Z 47 PC: 151cf | Get disk transfer address
2018-12-25T11:58:25.271234582Z 26 PC: 151de | Set disk transfer address
2018-12-25T11:58:25.272380585Z 78 PC: 15266 | Find first file
2018-12-25T11:58:25.278441653Z 67 PC: 1529f | Get or set file attributes
2018-12-25T11:58:25.283926883Z 67 PC: 152af | Get or set file attributes
2018-12-25T11:58:25.298226975Z 61 PC: 152b9 | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:58:25.309125844Z 87 PC: 152c5 | Get or set file date and time
2018-12-25T11:58:25.310503885Z 63 PC: 152d7 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:58:25.316742368Z 66 PC: 152e9 | Move file pointer
2018-12-25T11:58:25.318000056Z 64 PC: 1530c | Write file or device (Write 762 bytes on handle 5)
2018-12-25T11:58:25.327756159Z 66 PC: 1531e | Move file pointer
2018-12-25T11:58:25.329158176Z 64 PC: 1532c | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:58:25.33181054Z 87 PC: 15342 | Get or set file date and time
2018-12-25T11:58:25.333143507Z 62 PC: 15346 | Close file
2018-12-25T11:58:25.340717651Z 67 PC: 15353 | Get or set file attributes
2018-12-25T11:58:25.350192641Z 26 PC: 1535d | Set disk transfer address
2018-12-25T11:58:25.3511466Z 9 PC: 12a51 | Display string (String= 'This is a sample! (10.000 bytes)')
2018-12-25T11:58:25.353550989Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":14,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6063,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:58:25.257335026Z 74 PC: 15488 | Reallocate memory
2018-12-25T11:58:25.259266316Z 72 PC: 15490 | Allocate memory
2018-12-25T11:58:25.260716966Z 71 PC: 154b0 | Get current directory
2018-12-25T11:58:25.263929802Z 26 PC: 154c3 | Set disk transfer address
2018-12-25T11:58:25.265350168Z 59 PC: 154cd | Change current directory
2018-12-25T11:58:25.269380291Z 78 PC: 154e6 | Find first file
2018-12-25T11:58:25.279784168Z 47 PC: 154ef | Get disk transfer address
2018-12-25T11:58:25.281024525Z 61 PC: 154fb | Open file (Filename = 'SLEEP.COM')
2018-12-25T11:58:25.292561338Z 66 PC: 1550f | Move file pointer
2018-12-25T11:58:25.293760141Z 87 PC: 155e8 | Get or set file date and time
2018-12-25T11:58:25.295234277Z 66 PC: 15609 | Move file pointer
2018-12-25T11:58:25.296615441Z 64 PC: 15613 | Write file or device (Write 664 bytes on handle 5)
2018-12-25T11:58:25.310594159Z 66 PC: 15621 | Move file pointer
2018-12-25T11:58:25.311928463Z 63 PC: 1562c | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:58:25.318102169Z 66 PC: 1563e | Move file pointer
2018-12-25T11:58:25.319331095Z 64 PC: 15649 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:58:25.321765546Z 66 PC: 15657 | Move file pointer
2018-12-25T11:58:25.326822541Z 64 PC: 1566b | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:58:25.329217445Z 66 PC: 15678 | Move file pointer
2018-12-25T11:58:25.330434833Z 64 PC: 1568d | Write file or device (Write 2 bytes on handle 5)
2018-12-25T11:58:25.333030236Z 87 PC: 1569a | Get or set file date and time
2018-12-25T11:58:25.334342651Z 62 PC: 1569e | Close file
2018-12-25T11:58:25.341667226Z 59 PC: 156b5 | Change current directory
2018-12-25T11:58:25.346894319Z 59 PC: 156c2 | Change current directory
2018-12-25T11:58:25.348464388Z 73 PC: 156ca | Release memory
2018-12-25T11:58:25.349575261Z 42 PC: 15159 | Get date 0x15159: cmp dl, 0xe
0x1515c: jne 0x151ac
0x1515e: pushaw
0x1515f: pushaw
0x15160: mov ah, 6
0x15162: mov al, 0
0x15164: mov cx, 0
0x15167: mov dl, 0x4f
0x15169: mov dh, 0x18
0x1516b: mov bh, 7
0x1516d: int 0x10
0x1516f: popaw
0x15170: mov cx, 1
0x15173: mov di, 1
0x15176: mov bl, 2
0x15178: cmp di, 0x43
0x1517b: jne 0x15182
0x1517d: mov bl, 4
0x1517f: mov di, 1
0x15182: mov dx, di