Sample viewer

vx.netlux.org/Virus.DOS.Corrupted.PS-MPC.478

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:40:15.224544459Z 26 PC: 12abc | Set disk transfer address
2018-12-17T22:40:15.225449131Z 78 PC: 12b2f | Find first file
2018-12-17T22:40:15.231274573Z 67 PC: 12c55 | Get or set file attributes
2018-12-17T22:40:15.247922739Z 61 PC: 12b3b | Open file (Filename = 'TEST.EXE')
2018-12-17T22:40:15.254972977Z 63 PC: 12b47 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:40:15.257280308Z 66 PC: 12b4f | Move file pointer
2018-12-17T22:40:15.259339244Z 87 PC: 12b88 | Get or set file date and time
2018-12-17T22:40:15.265694476Z 62 PC: 12b8c | Close file
2018-12-17T22:40:15.272765444Z 67 PC: 12c55 | Get or set file attributes
2018-12-17T22:40:15.283293202Z 79 PC: 12b2f | Find next file
2018-12-17T22:40:15.285700033Z 78 PC: 12b2f | Find first file
2018-12-17T22:40:15.291979711Z 67 PC: 12c55 | Get or set file attributes
2018-12-17T22:40:15.301850998Z 61 PC: 12b3b | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:40:15.3086209Z 63 PC: 12b47 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:40:15.314876698Z 66 PC: 12b4f | Move file pointer
2018-12-17T22:40:15.31656841Z 64 PC: 12c34 | Write file or device (Write 478 bytes on handle 5)
2018-12-17T22:40:15.325313727Z 66 PC: 12c3c | Move file pointer
2018-12-17T22:40:15.326590402Z 64 PC: 12c45 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:40:15.332911809Z 87 PC: 12b88 | Get or set file date and time
2018-12-17T22:40:15.335016834Z 62 PC: 12b8c | Close file
2018-12-17T22:40:15.342795633Z 67 PC: 12c55 | Get or set file attributes
2018-12-17T22:40:15.352594811Z 79 PC: 12b2f | Find next file
2018-12-17T22:40:15.355776963Z 67 PC: 12c55 | Get or set file attributes
2018-12-17T22:40:15.365348809Z 61 PC: 12b3b | Open file (Filename = 'PRINT.COM')
2018-12-17T22:40:15.371921839Z 63 PC: 12b47 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:40:15.379250522Z 66 PC: 12b4f | Move file pointer
2018-12-17T22:40:15.38068541Z 64 PC: 12c34 | Write file or device (Write 478 bytes on handle 5)
2018-12-17T22:40:15.384030234Z 66 PC: 12c3c | Move file pointer
2018-12-17T22:40:15.385971834Z 64 PC: 12c45 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:40:15.388435806Z 87 PC: 12b88 | Get or set file date and time
2018-12-17T22:40:15.389769314Z 62 PC: 12b8c | Close file
2018-12-17T22:40:15.397724983Z 67 PC: 12c55 | Get or set file attributes
2018-12-17T22:40:15.407191377Z 42 PC: 12ace | Get date 0x12ace: cmp dh, 6
0x12ad1: jb 0x12ae5
0x12ad3: cmp dl, 0x17
0x12ad6: jb 0x12ae5
0x12ad8: cmp cx, 0x7c9
0x12adc: jb 0x12ae5
0x12ade: mov ah, 0x2c
0x12ae0: int 0x21
0x12ae2: cmp dl, 3
0x12ae5: mov ah, 0x1a
0x12ae7: mov dx, 0x80
0x12aea: cmp sp, 0x533f
0x12aee: je 0x12af3
0x12af0: int 0x21
0x12af2: ret
0x12af3: pop es
0x12af4: pop ds
0x12af5: int 0x21
0x12af7: mov ax, es
0x12af9: add ax, 0x10
2018-12-17T22:40:15.409276443Z 26 PC: 12af7 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6949,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:45.274788907Z 26 PC: 12abc | Set disk transfer address
2018-12-25T12:00:45.2760969Z 78 PC: 12b2f | Find first file
2018-12-25T12:00:45.283543026Z 67 PC: 12c55 | Get or set file attributes
2018-12-25T12:00:45.300146604Z 61 PC: 12b3b | Open file (Filename = 'TEST.EXE')
2018-12-25T12:00:45.313459384Z 63 PC: 12b47 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:00:45.321562007Z 66 PC: 12b4f | Move file pointer
2018-12-25T12:00:45.323560927Z 87 PC: 12b88 | Get or set file date and time
2018-12-25T12:00:45.325604252Z 62 PC: 12b8c | Close file
2018-12-25T12:00:45.334577184Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.345501787Z 79 PC: 12b2f | Find next file (See above)
2018-12-25T12:00:45.34806039Z 78 PC: 12b2f | Find first file (See above)
2018-12-25T12:00:45.355558038Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.36675227Z 61 PC: 12b3b | Open file (See above)
2018-12-25T12:00:45.379832315Z 63 PC: 12b47 | Read file or device (See above)
2018-12-25T12:00:45.39612718Z 66 PC: 12b4f | Move file pointer (See above)
2018-12-25T12:00:45.399038427Z 64 PC: 12c34 | Write file or device (Write 478 bytes on handle 5)
2018-12-25T12:00:45.408352386Z 66 PC: 12c3c | Move file pointer
2018-12-25T12:00:45.410302276Z 64 PC: 12c45 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:00:45.41823462Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:00:45.419886768Z 62 PC: 12b8c | Close file (See above)
2018-12-25T12:00:45.428563802Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.440107574Z 79 PC: 12b2f | Find next file (See above)
2018-12-25T12:00:45.443845656Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.454834985Z 61 PC: 12b3b | Open file (See above)
2018-12-25T12:00:45.463082311Z 63 PC: 12b47 | Read file or device (See above)
2018-12-25T12:00:45.470207577Z 66 PC: 12b4f | Move file pointer (See above)
2018-12-25T12:00:45.471840182Z 64 PC: 12c34 | Write file or device (See above)
2018-12-25T12:00:45.475780353Z 66 PC: 12c3c | Move file pointer (See above)
2018-12-25T12:00:45.477236043Z 64 PC: 12c45 | Write file or device (See above)
2018-12-25T12:00:45.480029403Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:00:45.482197675Z 62 PC: 12b8c | Close file (See above)
2018-12-25T12:00:45.490540356Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.50167433Z 42 PC: 12ace | Get date 0x12ace: cmp dh, 6
0x12ad1: jb 0x12ae5
0x12ad3: cmp dl, 0x17
0x12ad6: jb 0x12ae5
0x12ad8: cmp cx, 0x7c9
0x12adc: jb 0x12ae5
0x12ade: mov ah, 0x2c
0x12ae0: int 0x21
0x12ae2: cmp dl, 3
0x12ae5: mov ah, 0x1a
0x12ae7: mov dx, 0x80
0x12aea: cmp sp, 0x533f
0x12aee: je 0x12af3
0x12af0: int 0x21
0x12af2: ret
0x12af3: pop es
0x12af4: pop ds
0x12af5: int 0x21
0x12af7: mov ax, es
0x12af9: add ax, 0x10
2018-12-25T12:00:45.504252533Z 26 PC: 12af7 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6949,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:45.413384082Z 26 PC: 12abc | Set disk transfer address
2018-12-25T12:00:45.415056211Z 78 PC: 12b2f | Find first file
2018-12-25T12:00:45.421297686Z 67 PC: 12c55 | Get or set file attributes
2018-12-25T12:00:45.437439392Z 61 PC: 12b3b | Open file (Filename = 'TEST.EXE')
2018-12-25T12:00:45.444754135Z 63 PC: 12b47 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:00:45.44860682Z 66 PC: 12b4f | Move file pointer
2018-12-25T12:00:45.44952264Z 87 PC: 12b88 | Get or set file date and time
2018-12-25T12:00:45.451181699Z 62 PC: 12b8c | Close file
2018-12-25T12:00:45.46001185Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.469607834Z 79 PC: 12b2f | Find next file (See above)
2018-12-25T12:00:45.472345607Z 78 PC: 12b2f | Find first file (See above)
2018-12-25T12:00:45.47864935Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.489513518Z 61 PC: 12b3b | Open file (See above)
2018-12-25T12:00:45.496776721Z 63 PC: 12b47 | Read file or device (See above)
2018-12-25T12:00:45.502835968Z 66 PC: 12b4f | Move file pointer (See above)
2018-12-25T12:00:45.504060627Z 64 PC: 12c34 | Write file or device (Write 478 bytes on handle 5)
2018-12-25T12:00:45.512115524Z 66 PC: 12c3c | Move file pointer
2018-12-25T12:00:45.51314589Z 64 PC: 12c45 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:00:45.517627313Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:00:45.518878088Z 62 PC: 12b8c | Close file (See above)
2018-12-25T12:00:45.524951199Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.534593261Z 79 PC: 12b2f | Find next file (See above)
2018-12-25T12:00:45.536956157Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.545982861Z 61 PC: 12b3b | Open file (See above)
2018-12-25T12:00:45.550140826Z 63 PC: 12b47 | Read file or device (See above)
2018-12-25T12:00:45.556340475Z 66 PC: 12b4f | Move file pointer (See above)
2018-12-25T12:00:45.557852515Z 64 PC: 12c34 | Write file or device (See above)
2018-12-25T12:00:45.560323379Z 66 PC: 12c3c | Move file pointer (See above)
2018-12-25T12:00:45.561532219Z 64 PC: 12c45 | Write file or device (See above)
2018-12-25T12:00:45.564186662Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:00:45.565466126Z 62 PC: 12b8c | Close file (See above)
2018-12-25T12:00:45.572619574Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.585018621Z 42 PC: 12ace | Get date 0x12ace: cmp dh, 6
0x12ad1: jb 0x12ae5
0x12ad3: cmp dl, 0x17
0x12ad6: jb 0x12ae5
0x12ad8: cmp cx, 0x7c9
0x12adc: jb 0x12ae5
0x12ade: mov ah, 0x2c
0x12ae0: int 0x21
0x12ae2: cmp dl, 3
0x12ae5: mov ah, 0x1a
0x12ae7: mov dx, 0x80
0x12aea: cmp sp, 0x533f
0x12aee: je 0x12af3
0x12af0: int 0x21
0x12af2: ret
0x12af3: pop es
0x12af4: pop ds
0x12af5: int 0x21
0x12af7: mov ax, es
0x12af9: add ax, 0x10
2018-12-25T12:00:45.587806451Z 26 PC: 12af7 | Set disk transfer address
2018-12-25T12:00:45.642815094Z 60 PC: 1714f | Create or truncate file
2018-12-25T12:00:45.646162729Z 89 PC: 16f9c | Get extended error info
2018-12-25T12:00:45.647634409Z 65 PC: 1700d | Delete file (Filename = '!')
2018-12-25T12:00:45.649659961Z 65 PC: 17014 | Delete file (Filename = '6Q"��!�O"=��u�}=')
2018-12-25T12:00:45.656769854Z 64 PC: 19838 | Write file or device (Write 91 bytes on handle 2)
2018-12-25T12:00:45.665169825Z 64 PC: 19838 | Write file or device (See above)
2018-12-25T12:00:45.667816357Z 108 PC: 19d8b | Extended open/create file
2018-12-25T12:00:45.669976458Z 46 PC: 13d69 | Set verify flag

{"DateBased":true,"Day":23,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6949,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:45.459287106Z 26 PC: 12abc | Set disk transfer address
2018-12-25T12:00:45.469302085Z 78 PC: 12b2f | Find first file
2018-12-25T12:00:45.475087152Z 67 PC: 12c55 | Get or set file attributes
2018-12-25T12:00:45.490087921Z 61 PC: 12b3b | Open file (Filename = 'TEST.EXE')
2018-12-25T12:00:45.497517731Z 63 PC: 12b47 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:00:45.500744634Z 66 PC: 12b4f | Move file pointer
2018-12-25T12:00:45.501961481Z 87 PC: 12b88 | Get or set file date and time
2018-12-25T12:00:45.503659553Z 62 PC: 12b8c | Close file
2018-12-25T12:00:45.510721897Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.523085961Z 79 PC: 12b2f | Find next file (See above)
2018-12-25T12:00:45.525700661Z 78 PC: 12b2f | Find first file (See above)
2018-12-25T12:00:45.531940669Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.541837693Z 61 PC: 12b3b | Open file (See above)
2018-12-25T12:00:45.548254013Z 63 PC: 12b47 | Read file or device (See above)
2018-12-25T12:00:45.554930329Z 66 PC: 12b4f | Move file pointer (See above)
2018-12-25T12:00:45.556379951Z 64 PC: 12c34 | Write file or device (Write 478 bytes on handle 5)
2018-12-25T12:00:45.564006142Z 66 PC: 12c3c | Move file pointer
2018-12-25T12:00:45.565821573Z 64 PC: 12c45 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:00:45.572385417Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:00:45.573615478Z 62 PC: 12b8c | Close file (See above)
2018-12-25T12:00:45.581740087Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.591881424Z 79 PC: 12b2f | Find next file (See above)
2018-12-25T12:00:45.594390114Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.604370786Z 61 PC: 12b3b | Open file (See above)
2018-12-25T12:00:45.610767765Z 63 PC: 12b47 | Read file or device (See above)
2018-12-25T12:00:45.616772066Z 66 PC: 12b4f | Move file pointer (See above)
2018-12-25T12:00:45.618523095Z 64 PC: 12c34 | Write file or device (See above)
2018-12-25T12:00:45.621089656Z 66 PC: 12c3c | Move file pointer (See above)
2018-12-25T12:00:45.622451956Z 64 PC: 12c45 | Write file or device (See above)
2018-12-25T12:00:45.628999519Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:00:45.630504914Z 62 PC: 12b8c | Close file (See above)
2018-12-25T12:00:45.637393308Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.647406427Z 42 PC: 12ace | Get date 0x12ace: cmp dh, 6
0x12ad1: jb 0x12ae5
0x12ad3: cmp dl, 0x17
0x12ad6: jb 0x12ae5
0x12ad8: cmp cx, 0x7c9
0x12adc: jb 0x12ae5
0x12ade: mov ah, 0x2c
0x12ae0: int 0x21
0x12ae2: cmp dl, 3
0x12ae5: mov ah, 0x1a
0x12ae7: mov dx, 0x80
0x12aea: cmp sp, 0x533f
0x12aee: je 0x12af3
0x12af0: int 0x21
0x12af2: ret
0x12af3: pop es
0x12af4: pop ds
0x12af5: int 0x21
0x12af7: mov ax, es
0x12af9: add ax, 0x10
2018-12-25T12:00:45.649411668Z 26 PC: 12af7 | Set disk transfer address

{"DateBased":true,"Day":23,"Month":6,"Year":1993,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6949,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:45.896337081Z 26 PC: 12abc | Set disk transfer address
2018-12-25T12:00:45.898735058Z 78 PC: 12b2f | Find first file
2018-12-25T12:00:45.905549913Z 67 PC: 12c55 | Get or set file attributes
2018-12-25T12:00:45.922347101Z 61 PC: 12b3b | Open file (Filename = 'TEST.EXE')
2018-12-25T12:00:45.929802694Z 63 PC: 12b47 | Read file or device (Read 26 bytes on handle 5)
2018-12-25T12:00:45.933058959Z 66 PC: 12b4f | Move file pointer
2018-12-25T12:00:45.934848322Z 87 PC: 12b88 | Get or set file date and time
2018-12-25T12:00:45.936757457Z 62 PC: 12b8c | Close file
2018-12-25T12:00:45.945657416Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.960828976Z 79 PC: 12b2f | Find next file (See above)
2018-12-25T12:00:45.963755621Z 78 PC: 12b2f | Find first file (See above)
2018-12-25T12:00:45.970721Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:45.981624831Z 61 PC: 12b3b | Open file (See above)
2018-12-25T12:00:45.989385629Z 63 PC: 12b47 | Read file or device (See above)
2018-12-25T12:00:46.001983641Z 66 PC: 12b4f | Move file pointer (See above)
2018-12-25T12:00:46.014686739Z 64 PC: 12c34 | Write file or device (Write 478 bytes on handle 5)
2018-12-25T12:00:46.024179815Z 66 PC: 12c3c | Move file pointer
2018-12-25T12:00:46.026739154Z 64 PC: 12c45 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:00:46.034856766Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:00:46.036588243Z 62 PC: 12b8c | Close file (See above)
2018-12-25T12:00:46.045584453Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:46.057155901Z 79 PC: 12b2f | Find next file (See above)
2018-12-25T12:00:46.06073609Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:46.072247075Z 61 PC: 12b3b | Open file (See above)
2018-12-25T12:00:46.079970285Z 63 PC: 12b47 | Read file or device (See above)
2018-12-25T12:00:46.087365939Z 66 PC: 12b4f | Move file pointer (See above)
2018-12-25T12:00:46.089443574Z 64 PC: 12c34 | Write file or device (See above)
2018-12-25T12:00:46.094633401Z 66 PC: 12c3c | Move file pointer (See above)
2018-12-25T12:00:46.096498618Z 64 PC: 12c45 | Write file or device (See above)
2018-12-25T12:00:46.10035267Z 87 PC: 12b88 | Get or set file date and time (See above)
2018-12-25T12:00:46.103215989Z 62 PC: 12b8c | Close file (See above)
2018-12-25T12:00:46.111458953Z 67 PC: 12c55 | Get or set file attributes (See above)
2018-12-25T12:00:46.122785907Z 42 PC: 12ace | Get date 0x12ace: cmp dh, 6
0x12ad1: jb 0x12ae5
0x12ad3: cmp dl, 0x17
0x12ad6: jb 0x12ae5
0x12ad8: cmp cx, 0x7c9
0x12adc: jb 0x12ae5
0x12ade: mov ah, 0x2c
0x12ae0: int 0x21
0x12ae2: cmp dl, 3
0x12ae5: mov ah, 0x1a
0x12ae7: mov dx, 0x80
0x12aea: cmp sp, 0x533f
0x12aee: je 0x12af3
0x12af0: int 0x21
0x12af2: ret
0x12af3: pop es
0x12af4: pop ds
0x12af5: int 0x21
0x12af7: mov ax, es
0x12af9: add ax, 0x10
2018-12-25T12:00:46.126587453Z 44 PC: 12ae2 | Get time 0x12ae2: cmp dl, 3
0x12ae5: mov ah, 0x1a
0x12ae7: mov dx, 0x80
0x12aea: cmp sp, 0x533f
0x12aee: je 0x12af3
0x12af0: int 0x21
0x12af2: ret
0x12af3: pop es
0x12af4: pop ds
0x12af5: int 0x21
0x12af7: mov ax, es
0x12af9: add ax, 0x10
0x12afc: add word ptr cs:[bp + 0x191], ax
0x12b01: add ax, word ptr cs:[bp + 0x195]
0x12b06: cli
0x12b07: mov sp, word ptr cs:[bp + 0x193]
0x12b0c: mov ss, ax
0x12b0e: sti
0x12b0f: ljmp 0x10b:0xba00
2018-12-25T12:00:46.129540482Z 26 PC: 12af7 | Set disk transfer address
2018-12-25T12:00:46.270642646Z 14 PC: 13d54 | Set default drive (Drive = 'R')
2018-12-25T12:00:46.276239524Z 46 PC: 13d69 | Set verify flag