Sample viewer

vx.netlux.org/Virus.DOS.VCL.Beast.1212

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:34:55.882243784Z 47 PC: 159cf | Get disk transfer address
2018-12-17T22:34:55.884303068Z 26 PC: 159df | Set disk transfer address
2018-12-17T22:34:55.885687334Z 71 PC: 15af6 | Get current directory
2018-12-17T22:34:55.88776383Z 59 PC: 15b03 | Change current directory
2018-12-17T22:34:55.890967184Z 47 PC: 15b29 | Get disk transfer address
2018-12-17T22:34:55.89217581Z 26 PC: 15b37 | Set disk transfer address
2018-12-17T22:34:55.893351822Z 78 PC: 15b42 | Find first file
2018-12-17T22:34:55.898842985Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:55.902153844Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:55.904843274Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:55.907864299Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:55.911195938Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:55.91352496Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:55.916004423Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:55.918633708Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:55.921058492Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:55.923251488Z 47 PC: 15b8e | Get disk transfer address
2018-12-17T22:34:55.924345637Z 26 PC: 15b9d | Set disk transfer address
2018-12-17T22:34:55.925224344Z 78 PC: 15ba5 | Find first file
2018-12-17T22:34:55.931490754Z 47 PC: 15bc3 | Get disk transfer address
2018-12-17T22:34:55.932962861Z 61 PC: 15be7 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:34:55.93926143Z 63 PC: 15bf9 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:34:55.945325526Z 66 PC: 15c01 | Move file pointer
2018-12-17T22:34:55.948097488Z 62 PC: 15c06 | Close file
2018-12-17T22:34:55.949811406Z 67 PC: 15c2d | Get or set file attributes
2018-12-17T22:34:55.954304157Z 61 PC: 15c35 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:34:55.961455306Z 64 PC: 15c53 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:34:55.964193995Z 66 PC: 15c65 | Move file pointer
2018-12-17T22:34:55.966496728Z 64 PC: 15e70 | Write file or device (Write 1212 bytes on handle 5)
2018-12-17T22:34:55.984733284Z 87 PC: 15c79 | Get or set file date and time
2018-12-17T22:34:55.986127768Z 62 PC: 15c7d | Close file
2018-12-17T22:34:55.993689732Z 67 PC: 15c8a | Get or set file attributes
2018-12-17T22:34:56.004817914Z 26 PC: 15bb7 | Set disk transfer address
2018-12-17T22:34:56.005886816Z 26 PC: 15b7a | Set disk transfer address
2018-12-17T22:34:56.006951463Z 59 PC: 15b18 | Change current directory
2018-12-17T22:34:56.009451916Z 71 PC: 15af6 | Get current directory
2018-12-17T22:34:56.012152931Z 59 PC: 15b03 | Change current directory
2018-12-17T22:34:56.016071757Z 47 PC: 15b29 | Get disk transfer address
2018-12-17T22:34:56.017821952Z 26 PC: 15b37 | Set disk transfer address
2018-12-17T22:34:56.01861882Z 78 PC: 15b42 | Find first file
2018-12-17T22:34:56.022224938Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:56.024642513Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:56.026421678Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:56.028080113Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:56.029983985Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:56.031995286Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:56.03448439Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:56.03715428Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:56.039854486Z 79 PC: 15b6a | Find next file
2018-12-17T22:34:56.042213352Z 47 PC: 15b8e | Get disk transfer address
2018-12-17T22:34:56.043889829Z 26 PC: 15b9d | Set disk transfer address
2018-12-17T22:34:56.045224038Z 78 PC: 15ba5 | Find first file
2018-12-17T22:34:56.050857447Z 47 PC: 15bc3 | Get disk transfer address
2018-12-17T22:34:56.051961022Z 61 PC: 15be7 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:34:56.063551542Z 63 PC: 15bf9 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:34:56.070012311Z 66 PC: 15c01 | Move file pointer
2018-12-17T22:34:56.071603592Z 62 PC: 15c06 | Close file
2018-12-17T22:34:56.074892884Z 79 PC: 15ba5 | Find next file
2018-12-17T22:34:56.077536845Z 47 PC: 15bc3 | Get disk transfer address
2018-12-17T22:34:56.078602891Z 61 PC: 15be7 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:34:56.085894323Z 63 PC: 15bf9 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:34:56.092039677Z 66 PC: 15c01 | Move file pointer
2018-12-17T22:34:56.093538001Z 62 PC: 15c06 | Close file
2018-12-17T22:34:56.095763361Z 67 PC: 15c2d | Get or set file attributes
2018-12-17T22:34:56.100581694Z 61 PC: 15c35 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:34:56.107312658Z 64 PC: 15c53 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:34:56.11054389Z 66 PC: 15c65 | Move file pointer
2018-12-17T22:34:56.112578695Z 64 PC: 15e70 | Write file or device (Write 1212 bytes on handle 5)
2018-12-17T22:34:56.121041169Z 87 PC: 15c79 | Get or set file date and time
2018-12-17T22:34:56.122766312Z 62 PC: 15c7d | Close file
2018-12-17T22:34:56.130139662Z 67 PC: 15c8a | Get or set file attributes
2018-12-17T22:34:56.14012049Z 26 PC: 15bb7 | Set disk transfer address
2018-12-17T22:34:56.141519878Z 26 PC: 15b7a | Set disk transfer address
2018-12-17T22:34:56.142543978Z 59 PC: 15b18 | Change current directory
2018-12-17T22:34:56.144258937Z 42 PC: 15caf | Get date 0x15caf: xor al, ah
0x15cb1: or al, dh
0x15cb3: mov al, dl
0x15cb5: cwde
0x15cb6: ret
0x15cb7: xor ah, ah
0x15cb9: mov ah, 0x2c
0x15cbb: int 0x21
0x15cbd: mov al, ch
0x15cbf: cwde
0x15cc0: ret
0x15cc1: mov ah, 0x2c
0x15cc3: int 0x21
0x15cc5: mov al, cl
0x15cc7: cwde
0x15cc8: ret
0x15cc9: mov ah, 0x2a
0x15ccb: int 0x21
0x15ccd: mov al, dh
0x15ccf: cwde
2018-12-17T22:34:56.147303518Z 42 PC: 15caf | Get date 0x15caf: xor al, ah
0x15cb1: or al, dh
0x15cb3: mov al, dl
0x15cb5: cwde
0x15cb6: ret
0x15cb7: xor ah, ah
0x15cb9: mov ah, 0x2c
0x15cbb: int 0x21
0x15cbd: mov al, ch
0x15cbf: cwde
0x15cc0: ret
0x15cc1: mov ah, 0x2c
0x15cc3: int 0x21
0x15cc5: mov al, cl
0x15cc7: cwde
0x15cc8: ret
0x15cc9: mov ah, 0x2a
0x15ccb: int 0x21
0x15ccd: mov al, dh
0x15ccf: cwde
2018-12-17T22:34:56.149600885Z 42 PC: 15caf | Get date 0x15caf: xor al, ah
0x15cb1: or al, dh
0x15cb3: mov al, dl
0x15cb5: cwde
0x15cb6: ret
0x15cb7: xor ah, ah
0x15cb9: mov ah, 0x2c
0x15cbb: int 0x21
0x15cbd: mov al, ch
0x15cbf: cwde
0x15cc0: ret
0x15cc1: mov ah, 0x2c
0x15cc3: int 0x21
0x15cc5: mov al, cl
0x15cc7: cwde
0x15cc8: ret
0x15cc9: mov ah, 0x2a
0x15ccb: int 0x21
0x15ccd: mov al, dh
0x15ccf: cwde
2018-12-17T22:34:56.151947979Z 26 PC: 15ac8 | Set disk transfer address
2018-12-17T22:34:56.153990919Z 48 PC: 12a4b | Get DOS version
2018-12-17T22:34:56.155140185Z 53 PC: 12bca | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:34:56.156471857Z 53 PC: 12bd7 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:34:56.158400531Z 53 PC: 12be4 | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:34:56.159816578Z 53 PC: 12bf1 | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:34:56.161234783Z 37 PC: 12c05 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:34:56.16338302Z 74 PC: 12af6 | Reallocate memory
2018-12-17T22:34:56.165561124Z 68 PC: 13099 | I/O control for devices (Set for = 'WW')
2018-12-17T22:34:56.16745593Z 68 PC: 13099 | I/O control for devices (Set for = '� ��')
2018-12-17T22:34:56.171626879Z 68 PC: 13099 | I/O control for devices (Set for = '� ��')
2018-12-17T22:34:56.175166352Z 64 PC: 13f4b | Write file or device (Write 37 bytes on handle 1)
2018-12-17T22:34:56.181612449Z 63 PC: 13153 | Read file or device (Read 512 bytes on handle 0)