Sample viewer

vx.netlux.org/Virus.DOS.SillyC.657

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:39:25.951203791Z 78 PC: 12e85 | Find first file
2018-12-17T22:39:25.958098019Z 67 PC: 12eb3 | Get or set file attributes
2018-12-17T22:39:25.977277026Z 61 PC: 12ebd | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:39:25.988906319Z 63 PC: 12edf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:39:25.996245697Z 62 PC: 12ef0 | Close file
2018-12-17T22:39:25.999945707Z 67 PC: 12f03 | Get or set file attributes
2018-12-17T22:39:26.009960893Z 79 PC: 12ecb | Find next file
2018-12-17T22:39:26.01320019Z 67 PC: 12eb3 | Get or set file attributes
2018-12-17T22:39:26.022868673Z 61 PC: 12ebd | Open file (Filename = 'PRINT.COM')
2018-12-17T22:39:26.029296084Z 63 PC: 12edf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:39:26.036115201Z 62 PC: 12ef0 | Close file
2018-12-17T22:39:26.037784734Z 67 PC: 12f03 | Get or set file attributes
2018-12-17T22:39:26.047927197Z 79 PC: 12ecb | Find next file
2018-12-17T22:39:26.052247134Z 67 PC: 12eb3 | Get or set file attributes
2018-12-17T22:39:26.062190898Z 61 PC: 12ebd | Open file (Filename = 'HELLO.COM')
2018-12-17T22:39:26.069292798Z 63 PC: 12edf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:39:26.076345074Z 62 PC: 12ef0 | Close file
2018-12-17T22:39:26.078500807Z 67 PC: 12f03 | Get or set file attributes
2018-12-17T22:39:26.090828278Z 79 PC: 12ecb | Find next file
2018-12-17T22:39:26.093776399Z 67 PC: 12eb3 | Get or set file attributes
2018-12-17T22:39:26.109973613Z 61 PC: 12ebd | Open file (Filename = 'PHANG.COM')
2018-12-17T22:39:26.116396804Z 63 PC: 12edf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:39:26.123017971Z 62 PC: 12ef0 | Close file
2018-12-17T22:39:26.125656378Z 67 PC: 12f03 | Get or set file attributes
2018-12-17T22:39:26.145415585Z 79 PC: 12ecb | Find next file
2018-12-17T22:39:26.148110652Z 67 PC: 12eb3 | Get or set file attributes
2018-12-17T22:39:26.169432729Z 61 PC: 12ebd | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:39:26.176002827Z 63 PC: 12edf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:39:26.182219656Z 62 PC: 12ef0 | Close file
2018-12-17T22:39:26.185049221Z 67 PC: 12f03 | Get or set file attributes
2018-12-17T22:39:26.211952485Z 79 PC: 12ecb | Find next file
2018-12-17T22:39:26.214555303Z 67 PC: 12eb3 | Get or set file attributes
2018-12-17T22:39:26.250096076Z 61 PC: 12ebd | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:39:26.256887509Z 63 PC: 12edf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:39:26.263215775Z 62 PC: 12ef0 | Close file
2018-12-17T22:39:26.265641817Z 67 PC: 12f03 | Get or set file attributes
2018-12-17T22:39:26.300943962Z 79 PC: 12ecb | Find next file
2018-12-17T22:39:26.303586557Z 67 PC: 12eb3 | Get or set file attributes
2018-12-17T22:39:26.337570024Z 61 PC: 12ebd | Open file (Filename = 'PAH.COM')
2018-12-17T22:39:26.344539984Z 63 PC: 12edf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:39:26.351071008Z 62 PC: 12ef0 | Close file
2018-12-17T22:39:26.352850698Z 67 PC: 12f03 | Get or set file attributes
2018-12-17T22:39:26.398419111Z 79 PC: 12ecb | Find next file
2018-12-17T22:39:26.401685182Z 67 PC: 12eb3 | Get or set file attributes
2018-12-17T22:39:26.441367645Z 61 PC: 12ebd | Open file (Filename = 'TEST.COM')
2018-12-17T22:39:26.44908803Z 63 PC: 12edf | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:39:26.455403223Z 66 PC: 12f2a | Move file pointer
2018-12-17T22:39:26.456707662Z 63 PC: 12f39 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:39:26.464150652Z 62 PC: 12ef0 | Close file
2018-12-17T22:39:26.465930262Z 67 PC: 12f03 | Get or set file attributes
2018-12-17T22:39:26.475699318Z 79 PC: 12ecb | Find next file
2018-12-17T22:39:26.478889056Z 44 PC: 1303c | Get time 0x1303c: and ch, 1
0x1303f: cmp ch, 1
0x13042: je 0x13048
0x13044: mov al, 0x20
0x13046: mov byte ptr [bx], al
0x13048: mov al, 0x2a
0x1304a: mov byte ptr [bx + 0xc], al
0x1304d: mov al, 0x2e
0x1304f: mov byte ptr [bx + 0xd], al
0x13052: mov al, 0x44
0x13054: mov byte ptr [bx + 0xe], al
0x13057: mov al, 0x42
0x13059: mov byte ptr [bx + 0xf], al
0x1305c: mov al, 0x46
0x1305e: mov byte ptr [bx + 0x10], al
0x13061: mov al, 0
0x13063: mov byte ptr [bx + 0x11], al
0x13066: mov dx, di
0x13068: add dx, 0xc
0x1306b: mov ax, 0x4e00
2018-12-17T22:39:26.481616207Z 78 PC: 13074 | Find first file
2018-12-17T22:39:26.487179906Z 9 PC: 12e26 | Display string (String= 'BCDEF- This is a 1000 byte COM test, 1994 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6774,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:18.571061395Z 78 PC: 12e85 | Find first file
2018-12-25T12:00:18.578873017Z 67 PC: 12eb3 | Get or set file attributes
2018-12-25T12:00:19.579261098Z 61 PC: 12ebd | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:19.590056372Z 63 PC: 12edf | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:00:19.598199215Z 62 PC: 12ef0 | Close file
2018-12-25T12:00:19.604669828Z 67 PC: 12f03 | Get or set file attributes
2018-12-25T12:00:19.617418869Z 79 PC: 12ecb | Find next file
2018-12-25T12:00:19.621131937Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:19.637566094Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:19.646657705Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:19.654530611Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:19.659007438Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:19.67283454Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:19.681385049Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:19.693297245Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:19.700752221Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:19.708485753Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:19.710832031Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:19.723365256Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:19.726714889Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:19.737901383Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:19.746998241Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:19.754644499Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:19.757143781Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:19.769899651Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:19.774679269Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:20.03266323Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:20.040523462Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:20.048256077Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:20.050437266Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:20.233774513Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:20.237222681Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:20.326685256Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:20.331505907Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:20.386951809Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:20.388939256Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:20.684652686Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:20.689615002Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:20.709207763Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:20.716635181Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:20.724529039Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:20.726570151Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:20.77620217Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:20.779992861Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:20.813151937Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:20.818853772Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:20.822204481Z 66 PC: 12f2a | Move file pointer
2018-12-25T12:00:20.823734732Z 63 PC: 12f39 | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:00:20.826913022Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:20.829162342Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:20.935674819Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:20.938365441Z 44 PC: 1303c | Get time 0x1303c: and ch, 1
0x1303f: cmp ch, 1
0x13042: je 0x13048
0x13044: mov al, 0x20
0x13046: mov byte ptr [bx], al
0x13048: mov al, 0x2a
0x1304a: mov byte ptr [bx + 0xc], al
0x1304d: mov al, 0x2e
0x1304f: mov byte ptr [bx + 0xd], al
0x13052: mov al, 0x44
0x13054: mov byte ptr [bx + 0xe], al
0x13057: mov al, 0x42
0x13059: mov byte ptr [bx + 0xf], al
0x1305c: mov al, 0x46
0x1305e: mov byte ptr [bx + 0x10], al
0x13061: mov al, 0
0x13063: mov byte ptr [bx + 0x11], al
0x13066: mov dx, di
0x13068: add dx, 0xc
0x1306b: mov ax, 0x4e00
2018-12-25T12:00:20.941312099Z 78 PC: 13074 | Find first file
2018-12-25T12:00:20.949276825Z 9 PC: 12e26 | Display string (String= 'BCDEF- This is a 1000 byte COM test, 1994 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":1,"Min":0,"Second":0,"TimeBased":true,"OriginalID":6774,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:18.595652718Z 78 PC: 12e85 | Find first file
2018-12-25T12:00:18.602627328Z 67 PC: 12eb3 | Get or set file attributes
2018-12-25T12:00:19.579451092Z 61 PC: 12ebd | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:00:19.58737118Z 63 PC: 12edf | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:00:19.597042352Z 62 PC: 12ef0 | Close file
2018-12-25T12:00:19.599378756Z 67 PC: 12f03 | Get or set file attributes
2018-12-25T12:00:19.613291214Z 79 PC: 12ecb | Find next file
2018-12-25T12:00:19.616393481Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:19.628795556Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:19.636441454Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:19.64429844Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:19.647396401Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:19.65884015Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:19.662380962Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:19.677459154Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:19.685476084Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:19.692893023Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:19.699249009Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:19.710882768Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:19.713867293Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:19.724457925Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:19.732140378Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:19.740132152Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:19.742033902Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:19.753161101Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:19.756170117Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:19.943635486Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:19.952395931Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:19.959911749Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:19.962405731Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:20.234442866Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:20.238049735Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:20.406285847Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:20.412019465Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:20.417033455Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:20.419176089Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:20.56735029Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:20.570250236Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:20.846921061Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:20.854054841Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:20.860957698Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:20.862688668Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:20.933200728Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:20.9366584Z 67 PC: 12eb3 | Get or set file attributes (See above)
2018-12-25T12:00:21.200138769Z 61 PC: 12ebd | Open file (See above)
2018-12-25T12:00:21.207833023Z 63 PC: 12edf | Read file or device (See above)
2018-12-25T12:00:21.210782685Z 66 PC: 12f2a | Move file pointer
2018-12-25T12:00:21.21280885Z 63 PC: 12f39 | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:00:21.215114562Z 62 PC: 12ef0 | Close file (See above)
2018-12-25T12:00:21.21787479Z 67 PC: 12f03 | Get or set file attributes (See above)
2018-12-25T12:00:21.486215651Z 79 PC: 12ecb | Find next file (See above)
2018-12-25T12:00:21.491095643Z 44 PC: 1303c | Get time 0x1303c: and ch, 1
0x1303f: cmp ch, 1
0x13042: je 0x13048
0x13044: mov al, 0x20
0x13046: mov byte ptr [bx], al
0x13048: mov al, 0x2a
0x1304a: mov byte ptr [bx + 0xc], al
0x1304d: mov al, 0x2e
0x1304f: mov byte ptr [bx + 0xd], al
0x13052: mov al, 0x44
0x13054: mov byte ptr [bx + 0xe], al
0x13057: mov al, 0x42
0x13059: mov byte ptr [bx + 0xf], al
0x1305c: mov al, 0x46
0x1305e: mov byte ptr [bx + 0x10], al
0x13061: mov al, 0
0x13063: mov byte ptr [bx + 0x11], al
0x13066: mov dx, di
0x13068: add dx, 0xc
0x1306b: mov ax, 0x4e00
2018-12-25T12:00:21.496305758Z 78 PC: 13074 | Find first file
2018-12-25T12:00:21.503240298Z 9 PC: 12e26 | Display string (String= 'BCDEF- This is a 1000 byte COM test, 1994 ')