Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.666.i

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:35:44.774597853Z	44	PC: 12b8f \| Get time 0x12b8f: cmp byte ptr [0x106], 0 0x12b94: je 0x12b9b 0x12b96: cmp dh, 0xf 0x12b99: jg 0x12ba4 0x12b9b: cmp dl, 0 0x12b9e: je 0x12b8b 0x12ba0: mov byte ptr [0x106], dl 0x12ba4: mov byte ptr [0x240], 0 0x12ba9: mov byte ptr [0x241], 4 0x12bae: mov byte ptr [0x24a], 0 0x12bb3: mov cx, 0x27 0x12bb6: mov dx, 0x131 0x12bb9: mov ah, 0x4e 0x12bbb: int 0x21 0x12bbd: cmp ax, 0x12 0x12bc0: je 0x12bc5 0x12bc2: call 0x12be7 0x12bc5: mov cx, 0x27 0x12bc8: mov dx, 0x137 0x12bcb: mov ah, 0x4e
2018-12-17T22:35:44.778364637Z	78	PC: 12bbd \| Find first file
2018-12-17T22:35:44.792348714Z	78	PC: 12bcf \| Find first file
2018-12-17T22:35:44.806511195Z	67	PC: 12c08 \| Get or set file attributes
2018-12-17T22:35:44.830198489Z	61	PC: 12c0e \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:35:44.838419137Z	63	PC: 12c1d \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:35:44.845305291Z	62	PC: 12c51 \| Close file
2018-12-17T22:35:44.847473718Z	61	PC: 12c5a \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:35:44.855917153Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:35:44.865812612Z	87	PC: 12c82 \| Get or set file date and time
2018-12-17T22:35:44.867718566Z	62	PC: 12c8a \| Close file
2018-12-17T22:35:44.876506267Z	67	PC: 12c97 \| Get or set file attributes
2018-12-17T22:35:44.881816106Z	79	PC: 12c41 \| Find next file
2018-12-17T22:35:44.884829978Z	67	PC: 12c08 \| Get or set file attributes
2018-12-17T22:35:44.895584067Z	61	PC: 12c0e \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:35:44.903877641Z	63	PC: 12c1d \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:35:44.910599327Z	62	PC: 12c51 \| Close file
2018-12-17T22:35:44.912599969Z	61	PC: 12c5a \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:35:44.920947645Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:35:44.929994071Z	87	PC: 12c82 \| Get or set file date and time
2018-12-17T22:35:44.931871913Z	62	PC: 12c8a \| Close file
2018-12-17T22:35:44.941682382Z	67	PC: 12c97 \| Get or set file attributes
2018-12-17T22:35:44.948361088Z	79	PC: 12c41 \| Find next file
2018-12-17T22:35:44.951851614Z	67	PC: 12c08 \| Get or set file attributes
2018-12-17T22:35:44.963667043Z	61	PC: 12c0e \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:35:44.97075153Z	63	PC: 12c1d \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:35:44.977236642Z	62	PC: 12c51 \| Close file
2018-12-17T22:35:44.979771917Z	61	PC: 12c5a \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:35:44.987563269Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:35:44.996481145Z	87	PC: 12c82 \| Get or set file date and time
2018-12-17T22:35:44.998516602Z	62	PC: 12c8a \| Close file
2018-12-17T22:35:45.009800374Z	67	PC: 12c97 \| Get or set file attributes
2018-12-17T22:35:45.018688934Z	79	PC: 12c41 \| Find next file
2018-12-17T22:35:45.021877033Z	67	PC: 12c08 \| Get or set file attributes
2018-12-17T22:35:45.190046297Z	61	PC: 12c0e \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:35:45.19667063Z	63	PC: 12c1d \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:35:45.201377328Z	62	PC: 12c51 \| Close file
2018-12-17T22:35:45.20693997Z	61	PC: 12c5a \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:35:45.21226107Z	64	PC: 12a5a \| Write file or device (Write 666 bytes on handle 5)
2018-12-17T22:35:45.376134366Z	87	PC: 12c82 \| Get or set file date and time
2018-12-17T22:35:45.387101875Z	62	PC: 12c8a \| Close file
2018-12-17T22:35:45.396389804Z	67	PC: 12c97 \| Get or set file attributes
2018-12-17T22:35:45.406397864Z	9	PC: 12cc6 \| Display string (String= ' Bad command of filename')
2018-12-17T22:35:45.412628439Z	76	PC: 12cca \| Terminate with return code (Return code = '36')