Sample viewer

vx.netlux.org/Virus.DOS.Erase.669.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:41:47.655090072Z 26 PC: 12a47 | Set disk transfer address
2018-12-17T22:41:47.656302247Z 26 PC: 12a53 | Set disk transfer address
2018-12-17T22:41:47.658089092Z 42 PC: 12a57 | Get date 0x12a57: cmp dl, 0xb
0x12a5a: je 0x12a6e
0x12a5c: cmp dl, 0x17
0x12a5f: je 0x12a6e
0x12a61: call 0x12c69
0x12a64: clc
0x12a65: mov al, byte ptr [0xfbfa]
0x12a68: cmp al, 0xb
0x12a6a: je 0x12a9f
0x12a6c: jmp 0x12a81
0x12a6e: jmp 0x12b71
0x12a71: stosb byte ptr es:[di], al
0x12a72: scasb al, byte ptr es:[di]
0x12a73: ret
0x12a74: iret
0x12a75: int 0
0x12a77: ret
0x12a78: iret
0x12a79: int 0xd3
0x12a7b: rol ch, 1
2018-12-17T22:41:47.660142542Z 78 PC: 12c9b | Find first file
2018-12-17T22:41:47.664120547Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:41:47.995386067Z 61 PC: 12ac2 | Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:41:48.003829658Z 63 PC: 12ad5 | Read file or device (Read 669 bytes on handle 5)
2018-12-17T22:41:48.011325709Z 66 PC: 12ae1 | Move file pointer
2018-12-17T22:41:48.014651082Z 63 PC: 12aeb | Read file or device (Read 6 bytes on handle 5)
2018-12-17T22:41:48.018346092Z 66 PC: 12b02 | Move file pointer
2018-12-17T22:41:48.020011879Z 64 PC: 12b19 | Write file or device (Write 669 bytes on handle 5)
2018-12-17T22:41:48.03055889Z 66 PC: 12b24 | Move file pointer
2018-12-17T22:41:48.032394681Z 64 PC: 12b2e | Write file or device (Write 669 bytes on handle 5)
2018-12-17T22:41:48.039487137Z 87 PC: 12b3d | Get or set file date and time
2018-12-17T22:41:48.041936383Z 62 PC: 12b41 | Close file
2018-12-17T22:41:48.052100989Z 67 PC: 12b51 | Get or set file attributes
2018-12-17T22:41:48.063134247Z 78 PC: 12a94 | Find first file
2018-12-17T22:41:48.069869613Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:41:48.087151639Z 61 PC: 12ac2 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:41:48.095019417Z 63 PC: 12ad5 | Read file or device (Read 669 bytes on handle 5)
2018-12-17T22:41:48.102366249Z 66 PC: 12ae1 | Move file pointer
2018-12-17T22:41:48.105129387Z 63 PC: 12aeb | Read file or device (Read 6 bytes on handle 5)
2018-12-17T22:41:48.107527163Z 66 PC: 12b02 | Move file pointer
2018-12-17T22:41:48.109414492Z 62 PC: 12b41 | Close file
2018-12-17T22:41:48.112688922Z 67 PC: 12b51 | Get or set file attributes
2018-12-17T22:41:48.123522625Z 79 PC: 12b69 | Find next file
2018-12-17T22:41:48.126765135Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:41:48.15419946Z 61 PC: 12ac2 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:41:48.162040396Z 63 PC: 12ad5 | Read file or device (Read 669 bytes on handle 5)
2018-12-17T22:41:48.169288069Z 66 PC: 12ae1 | Move file pointer
2018-12-17T22:41:48.172894327Z 63 PC: 12aeb | Read file or device (Read 6 bytes on handle 5)
2018-12-17T22:41:48.175765351Z 66 PC: 12b02 | Move file pointer
2018-12-17T22:41:48.177599298Z 62 PC: 12b41 | Close file
2018-12-17T22:41:48.180032388Z 67 PC: 12b51 | Get or set file attributes
2018-12-17T22:41:48.192717303Z 79 PC: 12b69 | Find next file
2018-12-17T22:41:48.195957926Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:41:48.20704903Z 61 PC: 12ac2 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:41:48.215149053Z 63 PC: 12ad5 | Read file or device (Read 669 bytes on handle 5)
2018-12-17T22:41:48.222438349Z 66 PC: 12ae1 | Move file pointer
2018-12-17T22:41:48.224190417Z 63 PC: 12aeb | Read file or device (Read 6 bytes on handle 5)
2018-12-17T22:41:48.227074027Z 66 PC: 12b02 | Move file pointer
2018-12-17T22:41:48.228641572Z 62 PC: 12b41 | Close file
2018-12-17T22:41:48.231177032Z 67 PC: 12b51 | Get or set file attributes
2018-12-17T22:41:48.245209815Z 79 PC: 12b69 | Find next file
2018-12-17T22:41:48.250562069Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:41:48.261926475Z 61 PC: 12ac2 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:41:48.271125133Z 63 PC: 12ad5 | Read file or device (Read 669 bytes on handle 5)
2018-12-17T22:41:48.279478717Z 66 PC: 12ae1 | Move file pointer
2018-12-17T22:41:48.281293497Z 63 PC: 12aeb | Read file or device (Read 6 bytes on handle 5)
2018-12-17T22:41:48.283659771Z 66 PC: 12b02 | Move file pointer
2018-12-17T22:41:48.286509979Z 62 PC: 12b41 | Close file
2018-12-17T22:41:48.288806266Z 67 PC: 12b51 | Get or set file attributes
2018-12-17T22:41:48.300532655Z 79 PC: 12b69 | Find next file
2018-12-17T22:41:48.304568079Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:41:48.317342228Z 61 PC: 12ac2 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:41:48.324963039Z 63 PC: 12ad5 | Read file or device (Read 669 bytes on handle 5)
2018-12-17T22:41:48.332626723Z 66 PC: 12ae1 | Move file pointer
2018-12-17T22:41:48.334079768Z 63 PC: 12aeb | Read file or device (Read 6 bytes on handle 5)
2018-12-17T22:41:48.336102076Z 66 PC: 12b02 | Move file pointer
2018-12-17T22:41:48.3375291Z 62 PC: 12b41 | Close file
2018-12-17T22:41:48.341221103Z 67 PC: 12b51 | Get or set file attributes
2018-12-17T22:41:48.352737301Z 79 PC: 12b69 | Find next file
2018-12-17T22:41:48.355530856Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:41:48.367107822Z 61 PC: 12ac2 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:41:48.376072451Z 63 PC: 12ad5 | Read file or device (Read 669 bytes on handle 5)
2018-12-17T22:41:48.383445791Z 66 PC: 12ae1 | Move file pointer
2018-12-17T22:41:48.385550684Z 63 PC: 12aeb | Read file or device (Read 6 bytes on handle 5)
2018-12-17T22:41:48.388216652Z 66 PC: 12b02 | Move file pointer
2018-12-17T22:41:48.389784518Z 62 PC: 12b41 | Close file
2018-12-17T22:41:48.392395969Z 67 PC: 12b51 | Get or set file attributes
2018-12-17T22:41:48.403001343Z 79 PC: 12b69 | Find next file
2018-12-17T22:41:48.405751138Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:41:48.417299293Z 61 PC: 12ac2 | Open file (Filename = 'PAH.COM')
2018-12-17T22:41:48.425182901Z 63 PC: 12ad5 | Read file or device (Read 669 bytes on handle 5)
2018-12-17T22:41:48.432646896Z 66 PC: 12ae1 | Move file pointer
2018-12-17T22:41:48.435452786Z 63 PC: 12aeb | Read file or device (Read 6 bytes on handle 5)
2018-12-17T22:41:48.438335638Z 66 PC: 12b02 | Move file pointer
2018-12-17T22:41:48.441204241Z 62 PC: 12b41 | Close file
2018-12-17T22:41:48.443622273Z 67 PC: 12b51 | Get or set file attributes
2018-12-17T22:41:48.455857913Z 79 PC: 12b69 | Find next file
2018-12-17T22:41:48.458840279Z 67 PC: 12aaa | Get or set file attributes
2018-12-17T22:41:48.469334312Z 61 PC: 12ac2 | Open file (Filename = 'TEST.COM')
2018-12-17T22:41:48.475193891Z 63 PC: 12ad5 | Read file or device (Read 669 bytes on handle 5)
2018-12-17T22:41:48.479953451Z 66 PC: 12ae1 | Move file pointer
2018-12-17T22:41:48.481073545Z 63 PC: 12aeb | Read file or device (Read 6 bytes on handle 5)
2018-12-17T22:41:48.48475722Z 62 PC: 12b41 | Close file
2018-12-17T22:41:48.486562372Z 67 PC: 12b51 | Get or set file attributes
2018-12-17T22:41:48.497768713Z 79 PC: 12b69 | Find next file
2018-12-17T22:41:48.500746174Z 37 PC: 12c05 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7329,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:22.20196898Z 26 PC: 12a47 | Set disk transfer address
2018-12-25T12:01:22.204695286Z 26 PC: 12a53 | Set disk transfer address
2018-12-25T12:01:22.206561542Z 42 PC: 12a57 | Get date 0x12a57: cmp dl, 0xb
0x12a5a: je 0x12a6e
0x12a5c: cmp dl, 0x17
0x12a5f: je 0x12a6e
0x12a61: call 0x12c69
0x12a64: clc
0x12a65: mov al, byte ptr [0xfbfa]
0x12a68: cmp al, 0xb
0x12a6a: je 0x12a9f
0x12a6c: jmp 0x12a81
0x12a6e: jmp 0x12b71
0x12a71: stosb byte ptr es:[di], al
0x12a72: scasb al, byte ptr es:[di]
0x12a73: ret
0x12a74: iret
0x12a75: int 0
0x12a77: ret
0x12a78: iret
0x12a79: int 0xd3
0x12a7b: rol ch, 1
2018-12-25T12:01:22.209093232Z 78 PC: 12c9b | Find first file
2018-12-25T12:01:22.215577224Z 67 PC: 12aaa | Get or set file attributes
2018-12-25T12:01:22.993875559Z 61 PC: 12ac2 | Open file (Filename = 'C:\COMMAND.COM')
2018-12-25T12:01:23.009383833Z 63 PC: 12ad5 | Read file or device (Read 669 bytes on handle 5)
2018-12-25T12:01:23.019168189Z 66 PC: 12ae1 | Move file pointer
2018-12-25T12:01:23.022637299Z 63 PC: 12aeb | Read file or device (Read 6 bytes on handle 5)
2018-12-25T12:01:23.029923333Z 66 PC: 12b02 | Move file pointer
2018-12-25T12:01:23.032779765Z 64 PC: 12b19 | Write file or device (Write 669 bytes on handle 5)
2018-12-25T12:01:23.046738077Z 66 PC: 12b24 | Move file pointer
2018-12-25T12:01:23.048547462Z 64 PC: 12b2e | Write file or device (Write 669 bytes on handle 5)
2018-12-25T12:01:23.055965423Z 87 PC: 12b3d | Get or set file date and time
2018-12-25T12:01:23.0586925Z 62 PC: 12b41 | Close file
2018-12-25T12:01:23.067123462Z 67 PC: 12b51 | Get or set file attributes
2018-12-25T12:01:23.077847804Z 78 PC: 12a94 | Find first file
2018-12-25T12:01:23.086147701Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T12:01:23.115758254Z 61 PC: 12ac2 | Open file (See above)
2018-12-25T12:01:23.123586352Z 63 PC: 12ad5 | Read file or device (See above)
2018-12-25T12:01:23.131914112Z 66 PC: 12ae1 | Move file pointer (See above)
2018-12-25T12:01:23.133689598Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:01:23.136265715Z 66 PC: 12b02 | Move file pointer (See above)
2018-12-25T12:01:23.138607126Z 62 PC: 12b41 | Close file (See above)
2018-12-25T12:01:23.140999718Z 67 PC: 12b51 | Get or set file attributes (See above)
2018-12-25T12:01:23.152261053Z 79 PC: 12b69 | Find next file
2018-12-25T12:01:23.155445808Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T12:01:23.185278789Z 61 PC: 12ac2 | Open file (See above)
2018-12-25T12:01:23.192952124Z 63 PC: 12ad5 | Read file or device (See above)
2018-12-25T12:01:23.200363757Z 66 PC: 12ae1 | Move file pointer (See above)
2018-12-25T12:01:23.202761052Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:01:23.205208358Z 66 PC: 12b02 | Move file pointer (See above)
2018-12-25T12:01:23.207286803Z 62 PC: 12b41 | Close file (See above)
2018-12-25T12:01:23.210443074Z 67 PC: 12b51 | Get or set file attributes (See above)
2018-12-25T12:01:23.222907705Z 79 PC: 12b69 | Find next file (See above)
2018-12-25T12:01:23.227230418Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T12:01:23.239555527Z 61 PC: 12ac2 | Open file (See above)
2018-12-25T12:01:23.247862366Z 63 PC: 12ad5 | Read file or device (See above)
2018-12-25T12:01:23.255597976Z 66 PC: 12ae1 | Move file pointer (See above)
2018-12-25T12:01:23.258378355Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:01:23.261195522Z 66 PC: 12b02 | Move file pointer (See above)
2018-12-25T12:01:23.263162344Z 62 PC: 12b41 | Close file (See above)
2018-12-25T12:01:23.265752969Z 67 PC: 12b51 | Get or set file attributes (See above)
2018-12-25T12:01:23.278019845Z 79 PC: 12b69 | Find next file (See above)
2018-12-25T12:01:23.281380931Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T12:01:23.293116693Z 61 PC: 12ac2 | Open file (See above)
2018-12-25T12:01:23.302601215Z 63 PC: 12ad5 | Read file or device (See above)
2018-12-25T12:01:23.310239331Z 66 PC: 12ae1 | Move file pointer (See above)
2018-12-25T12:01:23.312223377Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:01:23.315552769Z 66 PC: 12b02 | Move file pointer (See above)
2018-12-25T12:01:23.317838007Z 62 PC: 12b41 | Close file (See above)
2018-12-25T12:01:23.320210699Z 67 PC: 12b51 | Get or set file attributes (See above)
2018-12-25T12:01:23.332464273Z 79 PC: 12b69 | Find next file (See above)
2018-12-25T12:01:23.33585762Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T12:01:23.347082577Z 61 PC: 12ac2 | Open file (See above)
2018-12-25T12:01:23.355460798Z 63 PC: 12ad5 | Read file or device (See above)
2018-12-25T12:01:23.36328532Z 66 PC: 12ae1 | Move file pointer (See above)
2018-12-25T12:01:23.365177661Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:01:23.367784171Z 66 PC: 12b02 | Move file pointer (See above)
2018-12-25T12:01:23.369911893Z 62 PC: 12b41 | Close file (See above)
2018-12-25T12:01:23.3722178Z 67 PC: 12b51 | Get or set file attributes (See above)
2018-12-25T12:01:23.383964859Z 79 PC: 12b69 | Find next file (See above)
2018-12-25T12:01:23.387637187Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T12:01:23.398783405Z 61 PC: 12ac2 | Open file (See above)
2018-12-25T12:01:23.406610375Z 63 PC: 12ad5 | Read file or device (See above)
2018-12-25T12:01:23.415056036Z 66 PC: 12ae1 | Move file pointer (See above)
2018-12-25T12:01:23.417103217Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:01:23.420445199Z 66 PC: 12b02 | Move file pointer (See above)
2018-12-25T12:01:23.423262396Z 62 PC: 12b41 | Close file (See above)
2018-12-25T12:01:23.426643632Z 67 PC: 12b51 | Get or set file attributes (See above)
2018-12-25T12:01:23.438038867Z 79 PC: 12b69 | Find next file (See above)
2018-12-25T12:01:23.442226702Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T12:01:23.453717128Z 61 PC: 12ac2 | Open file (See above)
2018-12-25T12:01:23.462040388Z 63 PC: 12ad5 | Read file or device (See above)
2018-12-25T12:01:23.469799271Z 66 PC: 12ae1 | Move file pointer (See above)
2018-12-25T12:01:23.472062261Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:01:23.47450353Z 66 PC: 12b02 | Move file pointer (See above)
2018-12-25T12:01:23.476470002Z 62 PC: 12b41 | Close file (See above)
2018-12-25T12:01:23.479266631Z 67 PC: 12b51 | Get or set file attributes (See above)
2018-12-25T12:01:23.491209934Z 79 PC: 12b69 | Find next file (See above)
2018-12-25T12:01:23.494544434Z 67 PC: 12aaa | Get or set file attributes (See above)
2018-12-25T12:01:23.506392588Z 61 PC: 12ac2 | Open file (See above)
2018-12-25T12:01:23.514260411Z 63 PC: 12ad5 | Read file or device (See above)
2018-12-25T12:01:23.522762952Z 66 PC: 12ae1 | Move file pointer (See above)
2018-12-25T12:01:23.525140715Z 63 PC: 12aeb | Read file or device (See above)
2018-12-25T12:01:23.528437705Z 62 PC: 12b41 | Close file (See above)
2018-12-25T12:01:23.530828298Z 67 PC: 12b51 | Get or set file attributes (See above)
2018-12-25T12:01:23.54371718Z 79 PC: 12b69 | Find next file (See above)
2018-12-25T12:01:23.54699744Z 37 PC: 12c05 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')

{"DateBased":true,"Day":11,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7329,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:22.207003067Z 26 PC: 12a47 | Set disk transfer address
2018-12-25T12:01:22.208077814Z 26 PC: 12a53 | Set disk transfer address
2018-12-25T12:01:22.209488817Z 42 PC: 12a57 | Get date 0x12a57: cmp dl, 0xb
0x12a5a: je 0x12a6e
0x12a5c: cmp dl, 0x17
0x12a5f: je 0x12a6e
0x12a61: call 0x12c69
0x12a64: clc
0x12a65: mov al, byte ptr [0xfbfa]
0x12a68: cmp al, 0xb
0x12a6a: je 0x12a9f
0x12a6c: jmp 0x12a81
0x12a6e: jmp 0x12b71
0x12a71: stosb byte ptr es:[di], al
0x12a72: scasb al, byte ptr es:[di]
0x12a73: ret
0x12a74: iret
0x12a75: int 0
0x12a77: ret
0x12a78: iret
0x12a79: int 0xd3
0x12a7b: rol ch, 1
2018-12-25T12:01:22.220691136Z 37 PC: 12c05 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')

{"DateBased":true,"Day":23,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7329,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:22.22644094Z 26 PC: 12a47 | Set disk transfer address
2018-12-25T12:01:22.227975473Z 26 PC: 12a53 | Set disk transfer address
2018-12-25T12:01:22.228889509Z 42 PC: 12a57 | Get date 0x12a57: cmp dl, 0xb
0x12a5a: je 0x12a6e
0x12a5c: cmp dl, 0x17
0x12a5f: je 0x12a6e
0x12a61: call 0x12c69
0x12a64: clc
0x12a65: mov al, byte ptr [0xfbfa]
0x12a68: cmp al, 0xb
0x12a6a: je 0x12a9f
0x12a6c: jmp 0x12a81
0x12a6e: jmp 0x12b71
0x12a71: stosb byte ptr es:[di], al
0x12a72: scasb al, byte ptr es:[di]
0x12a73: ret
0x12a74: iret
0x12a75: int 0
0x12a77: ret
0x12a78: iret
0x12a79: int 0xd3
0x12a7b: rol ch, 1
2018-12-25T12:01:22.241592061Z 37 PC: 12c05 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')