Sample viewer

vx.netlux.org/Virus.DOS.Yukom.392

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:40:20.518256979Z 26 PC: 12a5d | Set disk transfer address
2018-12-17T22:40:20.520238262Z 53 PC: 12a63 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:40:20.522182337Z 53 PC: 12a70 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:40:20.523903415Z 44 PC: 12a7b | Get time 0x12a7b: cmp dl, 0xd
0x12a7e: jg 0x12a84
0x12a80: mov al, 0x82
0x12a82: out 0x21, al
0x12a84: mov ah, 0x2c
0x12a86: int 0x21
0x12a88: cmp dl, 0x32
0x12a8b: jg 0x12aea
0x12a8d: mov si, 0
0x12a90: xor byte ptr [bp + si + 0x16c], 0x41
0x12a95: cmp si, 0x11
0x12a98: je 0x12a9d
0x12a9a: inc si
0x12a9b: jmp 0x12a90
0x12a9d: mov ah, 9
0x12a9f: lea dx, word ptr [bp + 0x16c]
0x12aa3: int 0x21
0x12aa5: mov ah, 0
0x12aa7: int 0x16
0x12aa9: jmp 0x12aea
2018-12-17T22:40:20.526466957Z 44 PC: 12a88 | Get time 0x12a88: cmp dl, 0x32
0x12a8b: jg 0x12aea
0x12a8d: mov si, 0
0x12a90: xor byte ptr [bp + si + 0x16c], 0x41
0x12a95: cmp si, 0x11
0x12a98: je 0x12a9d
0x12a9a: inc si
0x12a9b: jmp 0x12a90
0x12a9d: mov ah, 9
0x12a9f: lea dx, word ptr [bp + 0x16c]
0x12aa3: int 0x21
0x12aa5: mov ah, 0
0x12aa7: int 0x16
0x12aa9: jmp 0x12aea
0x12aab: nop
0x12aac: and byte ptr [di + 0x79], cl
0x12aaf: and byte ptr [bp + 0x61], cl
0x12ab2: insw word ptr es:[di], dx
0x12ab3: and byte ptr gs:[bx + di + 0x73], ch
0x12ab7: and byte ptr [bx + di + 0x75], bl
2018-12-17T22:40:20.528991088Z 78 PC: 12b03 | Find first file
2018-12-17T22:40:20.535854095Z 61 PC: 12b13 | Open file (Filename = '')
2018-12-17T22:40:20.543004068Z 63 PC: 12b21 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:40:20.550653189Z 66 PC: 12b30 | Move file pointer
2018-12-17T22:40:20.55227517Z 64 PC: 12b42 | Write file or device (Write 392 bytes on handle 5)
2018-12-17T22:40:20.585001897Z 66 PC: 12b4a | Move file pointer
2018-12-17T22:40:20.58723742Z 64 PC: 12b55 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:40:20.594571489Z 62 PC: 12b5e | Close file
2018-12-17T22:40:20.603949753Z 79 PC: 12b03 | Find next file
2018-12-17T22:40:20.608844889Z 61 PC: 12b13 | Open file (Filename = '')
2018-12-17T22:40:20.616040351Z 63 PC: 12b21 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:40:20.623109908Z 66 PC: 12b30 | Move file pointer
2018-12-17T22:40:20.624939611Z 64 PC: 12b42 | Write file or device (Write 392 bytes on handle 5)
2018-12-17T22:40:20.634344268Z 66 PC: 12b4a | Move file pointer
2018-12-17T22:40:20.637294582Z 64 PC: 12b55 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:40:20.640246008Z 62 PC: 12b5e | Close file
2018-12-17T22:40:20.649027544Z 79 PC: 12b03 | Find next file
2018-12-17T22:40:20.651992627Z 61 PC: 12b13 | Open file (Filename = '')
2018-12-17T22:40:20.659858411Z 63 PC: 12b21 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:40:20.668735722Z 66 PC: 12b30 | Move file pointer
2018-12-17T22:40:20.670763545Z 64 PC: 12b42 | Write file or device (Write 392 bytes on handle 5)
2018-12-17T22:40:20.674190988Z 66 PC: 12b4a | Move file pointer
2018-12-17T22:40:20.67718252Z 64 PC: 12b55 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:40:20.681546206Z 62 PC: 12b5e | Close file
2018-12-17T22:40:20.691308851Z 79 PC: 12b03 | Find next file
2018-12-17T22:40:20.695495597Z 61 PC: 12b13 | Open file (Filename = '')
2018-12-17T22:40:20.703501316Z 63 PC: 12b21 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:40:20.711268829Z 66 PC: 12b30 | Move file pointer
2018-12-17T22:40:20.71387862Z 64 PC: 12b42 | Write file or device (Write 392 bytes on handle 5)
2018-12-17T22:40:20.717774388Z 66 PC: 12b4a | Move file pointer
2018-12-17T22:40:20.71948324Z 64 PC: 12b55 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:40:20.723698815Z 62 PC: 12b5e | Close file
2018-12-17T22:40:20.91171814Z 79 PC: 12b03 | Find next file
2018-12-17T22:40:20.914944577Z 61 PC: 12b13 | Open file (Filename = '')
2018-12-17T22:40:20.923846553Z 63 PC: 12b21 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:40:20.931757418Z 66 PC: 12b30 | Move file pointer
2018-12-17T22:40:20.933818683Z 64 PC: 12b42 | Write file or device (Write 392 bytes on handle 5)
2018-12-17T22:40:20.937398216Z 66 PC: 12b4a | Move file pointer
2018-12-17T22:40:20.940517269Z 64 PC: 12b55 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:40:20.943523916Z 62 PC: 12b5e | Close file
2018-12-17T22:40:21.046036195Z 42 PC: 12b73 | Get date 0x12b73: cmp dh, 0x11
0x12b76: jl 0x12b97
0x12b78: cmp dl, 8
0x12b7b: jl 0x12b97
0x12b7d: mov ah, 0x19
0x12b7f: int 0x21
0x12b81: mov cx, 0x25
0x12b84: mov dx, 0
0x12b87: lea bx, word ptr [bp + 0x16c]
0x12b8b: push ds
0x12b8c: pop es
0x12b8d: mov byte ptr [bp + 0x253], 0x26
0x12b92: int 0x19
0x12b94: add sp, 2
0x12b97: mov ah, 0x1a
0x12b99: mov dx, 0x80
0x12b9c: int 0x21
0x12b9e: mov al, 0xb7
0x12ba0: out 0x43, al
0x12ba2: mov ax, 4
2018-12-17T22:40:21.049931651Z 26 PC: 12b9e | Set disk transfer address
2018-12-17T22:40:21.052197568Z 26 PC: 12a5d | Set disk transfer address
2018-12-17T22:40:21.053914481Z 53 PC: 12a63 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:40:21.056505618Z 53 PC: 12a70 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:40:21.058532585Z 44 PC: 12a7b | Get time 0x12a7b: cmp dl, 0xd
0x12a7e: jg 0x12a84
0x12a80: mov al, 0x82
0x12a82: out 0x21, al
0x12a84: mov ah, 0x2c
0x12a86: int 0x21
0x12a88: cmp dl, 0x32
0x12a8b: jg 0x12aea
0x12a8d: mov si, 0
0x12a90: xor byte ptr [bp + si + 0x16c], 0x41
0x12a95: cmp si, 0x11
0x12a98: je 0x12a9d
0x12a9a: inc si
0x12a9b: jmp 0x12a90
0x12a9d: mov ah, 9
0x12a9f: lea dx, word ptr [bp + 0x16c]
0x12aa3: int 0x21
0x12aa5: mov ah, 0
0x12aa7: int 0x16
0x12aa9: jmp 0x12aea
2018-12-17T22:40:21.06191938Z 44 PC: 12a88 | Get time 0x12a88: cmp dl, 0x32
0x12a8b: jg 0x12aea
0x12a8d: mov si, 0
0x12a90: xor byte ptr [bp + si + 0x16c], 0x41
0x12a95: cmp si, 0x11
0x12a98: je 0x12a9d
0x12a9a: inc si
0x12a9b: jmp 0x12a90
0x12a9d: mov ah, 9
0x12a9f: lea dx, word ptr [bp + 0x16c]
0x12aa3: int 0x21
0x12aa5: mov ah, 0
0x12aa7: int 0x16
0x12aa9: jmp 0x12aea
0x12aab: nop
0x12aac: and byte ptr [di + 0x79], cl
0x12aaf: and byte ptr [bp + 0x61], cl
0x12ab2: insw word ptr es:[di], dx
0x12ab3: and byte ptr gs:[bx + di + 0x73], ch
0x12ab7: and byte ptr [bx + di + 0x75], bl
2018-12-17T22:40:21.065074043Z 78 PC: 12b03 | Find first file
2018-12-17T22:40:21.073054219Z 61 PC: 12b13 | Open file (Filename = '')
2018-12-17T22:40:21.080548912Z 63 PC: 12b21 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:40:21.08377064Z 62 PC: 12b5e | Close file
2018-12-17T22:40:21.087180428Z 79 PC: 12b03 | Find next file
2018-12-17T22:40:21.090536804Z 61 PC: 12b13 | Open file (Filename = '')
2018-12-17T22:40:21.098875626Z 63 PC: 12b21 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:40:21.103002666Z 62 PC: 12b5e | Close file
2018-12-17T22:40:21.105784351Z 79 PC: 12b03 | Find next file
2018-12-17T22:40:21.109129393Z 61 PC: 12b13 | Open file (Filename = '')
2018-12-17T22:40:21.11825264Z 63 PC: 12b21 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:40:21.121873624Z 62 PC: 12b5e | Close file
2018-12-17T22:40:21.124267095Z 79 PC: 12b03 | Find next file
2018-12-17T22:40:21.127854509Z 61 PC: 12b13 | Open file (Filename = '')
2018-12-17T22:40:21.136414262Z 63 PC: 12b21 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:40:21.13968082Z 62 PC: 12b5e | Close file
2018-12-17T22:40:21.142592199Z 79 PC: 12b03 | Find next file
2018-12-17T22:40:21.147282046Z 61 PC: 12b13 | Open file (Filename = '')
2018-12-17T22:40:21.155517533Z 63 PC: 12b21 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:40:21.15864471Z 62 PC: 12b5e | Close file
2018-12-17T22:40:21.161729362Z 79 PC: 12b03 | Find next file
2018-12-17T22:40:21.165043811Z 61 PC: 12b13 | Open file (Filename = '')
2018-12-17T22:40:21.173186379Z 63 PC: 12b21 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:40:21.181259796Z 66 PC: 12b30 | Move file pointer
2018-12-17T22:40:21.183202895Z 64 PC: 12b42 | Write file or device (Write 392 bytes on handle 5)
2018-12-17T22:40:21.192160206Z 66 PC: 12b4a | Move file pointer
2018-12-17T22:40:21.194110421Z 64 PC: 12b55 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:40:21.202201193Z 62 PC: 12b5e | Close file
2018-12-17T22:40:21.213490938Z 79 PC: 12b03 | Find next file
2018-12-17T22:40:21.217784399Z 61 PC: 12b13 | Open file (Filename = '')
2018-12-17T22:40:21.22606921Z 63 PC: 12b21 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:40:21.233657595Z 66 PC: 12b30 | Move file pointer
2018-12-17T22:40:21.235617426Z 64 PC: 12b42 | Write file or device (Write 392 bytes on handle 5)
2018-12-17T22:40:21.24005852Z 66 PC: 12b4a | Move file pointer
2018-12-17T22:40:21.241975981Z 64 PC: 12b55 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:40:21.245214735Z 62 PC: 12b5e | Close file
2018-12-17T22:40:21.254731037Z 79 PC: 12b03 | Find next file
2018-12-17T22:40:21.258370287Z 61 PC: 12b13 | Open file (Filename = '')
2018-12-17T22:40:21.26599459Z 63 PC: 12b21 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:40:21.269734363Z 66 PC: 12b30 | Move file pointer
2018-12-17T22:40:21.272090691Z 64 PC: 12b42 | Write file or device (Write 392 bytes on handle 5)
2018-12-17T22:40:21.281179958Z 66 PC: 12b4a | Move file pointer
2018-12-17T22:40:21.283087737Z 64 PC: 12b55 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:40:21.291579189Z 62 PC: 12b5e | Close file
2018-12-17T22:40:21.30113205Z 79 PC: 12b03 | Find next file
2018-12-17T22:40:21.304151175Z 59 PC: 12b6b | Change current directory
2018-12-17T22:40:21.310114929Z 42 PC: 12b73 | Get date 0x12b73: cmp dh, 0x11
0x12b76: jl 0x12b97
0x12b78: cmp dl, 8
0x12b7b: jl 0x12b97
0x12b7d: mov ah, 0x19
0x12b7f: int 0x21
0x12b81: mov cx, 0x25
0x12b84: mov dx, 0
0x12b87: lea bx, word ptr [bp + 0x16c]
0x12b8b: push ds
0x12b8c: pop es
0x12b8d: mov byte ptr [bp + 0x253], 0x26
0x12b92: int 0x19
0x12b94: add sp, 2
0x12b97: mov ah, 0x1a
0x12b99: mov dx, 0x80
0x12b9c: int 0x21
0x12b9e: mov al, 0xb7
0x12ba0: out 0x43, al
0x12ba2: mov ax, 4
2018-12-17T22:40:21.312631406Z 26 PC: 12b9e | Set disk transfer address
2018-12-17T22:40:21.313972566Z 26 PC: 12a5d | Set disk transfer address
2018-12-17T22:40:21.316010413Z 53 PC: 12a63 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:40:21.317483264Z 53 PC: 12a70 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:40:21.319174605Z 44 PC: 12a7b | Get time 0x12a7b: cmp dl, 0xd
0x12a7e: jg 0x12a84
0x12a80: mov al, 0x82
0x12a82: out 0x21, al
0x12a84: mov ah, 0x2c
0x12a86: int 0x21
0x12a88: cmp dl, 0x32
0x12a8b: jg 0x12aea
0x12a8d: mov si, 0
0x12a90: xor byte ptr [bp + si + 0x16c], 0x41
0x12a95: cmp si, 0x11
0x12a98: je 0x12a9d
0x12a9a: inc si
0x12a9b: jmp 0x12a90
0x12a9d: mov ah, 9
0x12a9f: lea dx, word ptr [bp + 0x16c]
0x12aa3: int 0x21
0x12aa5: mov ah, 0
0x12aa7: int 0x16
0x12aa9: jmp 0x12aea
2018-12-17T22:40:21.322073651Z 44 PC: 12a88 | Get time 0x12a88: cmp dl, 0x32
0x12a8b: jg 0x12aea
0x12a8d: mov si, 0
0x12a90: xor byte ptr [bp + si + 0x16c], 0x41
0x12a95: cmp si, 0x11
0x12a98: je 0x12a9d
0x12a9a: inc si
0x12a9b: jmp 0x12a90
0x12a9d: mov ah, 9
0x12a9f: lea dx, word ptr [bp + 0x16c]
0x12aa3: int 0x21
0x12aa5: mov ah, 0
0x12aa7: int 0x16
0x12aa9: jmp 0x12aea
0x12aab: nop
0x12aac: and byte ptr [di + 0x79], cl
0x12aaf: and byte ptr [bp + 0x61], cl
0x12ab2: insw word ptr es:[di], dx
0x12ab3: and byte ptr gs:[bx + di + 0x73], ch
0x12ab7: and byte ptr [bx + di + 0x75], bl
2018-12-17T22:40:21.325333037Z 9 PC: 12aa5 | Display string (Could not find end pointer)