Sample viewer

vx.netlux.org/Virus.DOS.Vampiro.1000.f

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:42:33.988964324Z	250	PC: 12b56 \| UNKNOWN!
2018-12-17T22:42:33.990827433Z	42	PC: 12b5a \| Get date 0x12b5a: cmp dh, 6 0x12b5d: jb 0x12b6b 0x12b5f: mov ah, 0x2c 0x12b61: int 0x21 0x12b63: cmp ch, 0x16 0x12b66: jb 0x12b6b 0x12b68: jmp 0x12d97 0x12b6b: cld 0x12b6c: mov cx, 7 0x12b6f: lea si, word ptr [bp + 0x363] 0x12b73: lea di, word ptr [bp + 0x36a] 0x12b77: rep movsb byte ptr es:[di], byte ptr [si] 0x12b79: mov cx, 0x2b 0x12b7c: lea di, word ptr [bp + 0x39c] 0x12b80: mov si, 0x80 0x12b83: rep movsb byte ptr es:[di], byte ptr [si] 0x12b85: mov ah, 0x47 0x12b87: mov dl, 0 0x12b89: lea si, word ptr [bp + 0x3d0] 0x12b8d: int 0x21
2018-12-17T22:42:33.993746877Z	44	PC: 12b63 \| Get time 0x12b63: cmp ch, 0x16 0x12b66: jb 0x12b6b 0x12b68: jmp 0x12d97 0x12b6b: cld 0x12b6c: mov cx, 7 0x12b6f: lea si, word ptr [bp + 0x363] 0x12b73: lea di, word ptr [bp + 0x36a] 0x12b77: rep movsb byte ptr es:[di], byte ptr [si] 0x12b79: mov cx, 0x2b 0x12b7c: lea di, word ptr [bp + 0x39c] 0x12b80: mov si, 0x80 0x12b83: rep movsb byte ptr es:[di], byte ptr [si] 0x12b85: mov ah, 0x47 0x12b87: mov dl, 0 0x12b89: lea si, word ptr [bp + 0x3d0] 0x12b8d: int 0x21 0x12b8f: mov ah, 0x4e 0x12b91: lea dx, word ptr [bp + 0x477] 0x12b95: mov cx, 0x10 0x12b98: int 0x21
2018-12-17T22:42:33.996457508Z	71	PC: 12b8f \| Get current directory
2018-12-17T22:42:33.999835232Z	78	PC: 12b9a \| Find first file
2018-12-17T22:42:34.007378449Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.010443426Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.01349096Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.017327175Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.020414644Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.023382879Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.027476347Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.030402322Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.033264999Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.036978423Z	59	PC: 12bf5 \| Change current directory
2018-12-17T22:42:34.04156604Z	59	PC: 12d79 \| Change current directory
2018-12-17T22:42:34.046137616Z	250	PC: 12b56 \| UNKNOWN!
2018-12-17T22:42:34.047290642Z	42	PC: 12b5a \| Get date 0x12b5a: cmp dh, 6 0x12b5d: jb 0x12b6b 0x12b5f: mov ah, 0x2c 0x12b61: int 0x21 0x12b63: cmp ch, 0x16 0x12b66: jb 0x12b6b 0x12b68: jmp 0x12d97 0x12b6b: cld 0x12b6c: mov cx, 7 0x12b6f: lea si, word ptr [bp + 0x363] 0x12b73: lea di, word ptr [bp + 0x36a] 0x12b77: rep movsb byte ptr es:[di], byte ptr [si] 0x12b79: mov cx, 0x2b 0x12b7c: lea di, word ptr [bp + 0x39c] 0x12b80: mov si, 0x80 0x12b83: rep movsb byte ptr es:[di], byte ptr [si] 0x12b85: mov ah, 0x47 0x12b87: mov dl, 0 0x12b89: lea si, word ptr [bp + 0x3d0] 0x12b8d: int 0x21
2018-12-17T22:42:34.052751949Z	44	PC: 12b63 \| Get time 0x12b63: cmp ch, 0x16 0x12b66: jb 0x12b6b 0x12b68: jmp 0x12d97 0x12b6b: cld 0x12b6c: mov cx, 7 0x12b6f: lea si, word ptr [bp + 0x363] 0x12b73: lea di, word ptr [bp + 0x36a] 0x12b77: rep movsb byte ptr es:[di], byte ptr [si] 0x12b79: mov cx, 0x2b 0x12b7c: lea di, word ptr [bp + 0x39c] 0x12b80: mov si, 0x80 0x12b83: rep movsb byte ptr es:[di], byte ptr [si] 0x12b85: mov ah, 0x47 0x12b87: mov dl, 0 0x12b89: lea si, word ptr [bp + 0x3d0] 0x12b8d: int 0x21 0x12b8f: mov ah, 0x4e 0x12b91: lea dx, word ptr [bp + 0x477] 0x12b95: mov cx, 0x10 0x12b98: int 0x21
2018-12-17T22:42:34.058725358Z	71	PC: 12b8f \| Get current directory
2018-12-17T22:42:34.062564549Z	78	PC: 12b9a \| Find first file
2018-12-17T22:42:34.069900698Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.073168215Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.077160112Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.081553234Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.084749657Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.08823331Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.092007769Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.095271479Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.098561548Z	79	PC: 12c0b \| Find next file
2018-12-17T22:42:34.102152312Z	59	PC: 12bf5 \| Change current directory
2018-12-17T22:42:34.107236421Z	59	PC: 12d79 \| Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":7599,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:02:01.846083597Z	250	PC: 12b56 \| UNKNOWN!
2018-12-25T12:02:01.8481571Z	42	PC: 12b5a \| Get date 0x12b5a: cmp dh, 6 0x12b5d: jb 0x12b6b 0x12b5f: mov ah, 0x2c 0x12b61: int 0x21 0x12b63: cmp ch, 0x16 0x12b66: jb 0x12b6b 0x12b68: jmp 0x12d97 0x12b6b: cld 0x12b6c: mov cx, 7 0x12b6f: lea si, word ptr [bp + 0x363] 0x12b73: lea di, word ptr [bp + 0x36a] 0x12b77: rep movsb byte ptr es:[di], byte ptr [si] 0x12b79: mov cx, 0x2b 0x12b7c: lea di, word ptr [bp + 0x39c] 0x12b80: mov si, 0x80 0x12b83: rep movsb byte ptr es:[di], byte ptr [si] 0x12b85: mov ah, 0x47 0x12b87: mov dl, 0 0x12b89: lea si, word ptr [bp + 0x3d0] 0x12b8d: int 0x21
2018-12-25T12:02:01.852152421Z	71	PC: 12b8f \| Get current directory
2018-12-25T12:02:01.855450845Z	78	PC: 12b9a \| Find first file
2018-12-25T12:02:01.862615792Z	79	PC: 12c0b \| Find next file
2018-12-25T12:02:01.866598379Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.86937533Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.872114114Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.879240452Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.88254772Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.885793325Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.889715679Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.893001668Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.895650103Z	59	PC: 12bf5 \| Change current directory
2018-12-25T12:02:01.900872192Z	59	PC: 12d79 \| Change current directory
2018-12-25T12:02:01.906592514Z	250	PC: 12b56 \| UNKNOWN! (See above)
2018-12-25T12:02:01.907813547Z	42	PC: 12b5a \| Get date (See above)
2018-12-25T12:02:01.911138014Z	71	PC: 12b8f \| Get current directory (See above)
2018-12-25T12:02:01.916722252Z	78	PC: 12b9a \| Find first file (See above)
2018-12-25T12:02:01.923403263Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.926643307Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.930347638Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.933252894Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.936162993Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.939742494Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.942721653Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.945669437Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.949789209Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:01.952925054Z	59	PC: 12bf5 \| Change current directory (See above)
2018-12-25T12:02:01.96065648Z	59	PC: 12d79 \| Change current directory (See above)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":7599,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:02:01.996222581Z	250	PC: 12b56 \| UNKNOWN!
2018-12-25T12:02:01.9979954Z	42	PC: 12b5a \| Get date 0x12b5a: cmp dh, 6 0x12b5d: jb 0x12b6b 0x12b5f: mov ah, 0x2c 0x12b61: int 0x21 0x12b63: cmp ch, 0x16 0x12b66: jb 0x12b6b 0x12b68: jmp 0x12d97 0x12b6b: cld 0x12b6c: mov cx, 7 0x12b6f: lea si, word ptr [bp + 0x363] 0x12b73: lea di, word ptr [bp + 0x36a] 0x12b77: rep movsb byte ptr es:[di], byte ptr [si] 0x12b79: mov cx, 0x2b 0x12b7c: lea di, word ptr [bp + 0x39c] 0x12b80: mov si, 0x80 0x12b83: rep movsb byte ptr es:[di], byte ptr [si] 0x12b85: mov ah, 0x47 0x12b87: mov dl, 0 0x12b89: lea si, word ptr [bp + 0x3d0] 0x12b8d: int 0x21
2018-12-25T12:02:02.000458479Z	71	PC: 12b8f \| Get current directory
2018-12-25T12:02:02.003713165Z	78	PC: 12b9a \| Find first file
2018-12-25T12:02:02.010332278Z	79	PC: 12c0b \| Find next file
2018-12-25T12:02:02.013470854Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.016534461Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.019544642Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.023393999Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.026671389Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.029851375Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.034121165Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.037819242Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.040362091Z	59	PC: 12bf5 \| Change current directory
2018-12-25T12:02:02.045293281Z	59	PC: 12d79 \| Change current directory
2018-12-25T12:02:02.04989518Z	250	PC: 12b56 \| UNKNOWN! (See above)
2018-12-25T12:02:02.050792599Z	42	PC: 12b5a \| Get date (See above)
2018-12-25T12:02:02.053598862Z	71	PC: 12b8f \| Get current directory (See above)
2018-12-25T12:02:02.057605123Z	78	PC: 12b9a \| Find first file (See above)
2018-12-25T12:02:02.064685417Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.067614494Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.071832398Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.07476966Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.077901139Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.081817356Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.084968854Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.088203064Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.09220437Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:02.095377215Z	59	PC: 12bf5 \| Change current directory (See above)
2018-12-25T12:02:02.100622182Z	59	PC: 12d79 \| Change current directory (See above)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":22,"Min":0,"Second":0,"TimeBased":true,"OriginalID":7599,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:02:03.356413862Z	250	PC: 12b56 \| UNKNOWN!
2018-12-25T12:02:03.357924991Z	42	PC: 12b5a \| Get date 0x12b5a: cmp dh, 6 0x12b5d: jb 0x12b6b 0x12b5f: mov ah, 0x2c 0x12b61: int 0x21 0x12b63: cmp ch, 0x16 0x12b66: jb 0x12b6b 0x12b68: jmp 0x12d97 0x12b6b: cld 0x12b6c: mov cx, 7 0x12b6f: lea si, word ptr [bp + 0x363] 0x12b73: lea di, word ptr [bp + 0x36a] 0x12b77: rep movsb byte ptr es:[di], byte ptr [si] 0x12b79: mov cx, 0x2b 0x12b7c: lea di, word ptr [bp + 0x39c] 0x12b80: mov si, 0x80 0x12b83: rep movsb byte ptr es:[di], byte ptr [si] 0x12b85: mov ah, 0x47 0x12b87: mov dl, 0 0x12b89: lea si, word ptr [bp + 0x3d0] 0x12b8d: int 0x21
2018-12-25T12:02:03.360494335Z	71	PC: 12b8f \| Get current directory
2018-12-25T12:02:03.363573966Z	78	PC: 12b9a \| Find first file
2018-12-25T12:02:03.370076986Z	79	PC: 12c0b \| Find next file
2018-12-25T12:02:03.373453347Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.376602927Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.379137686Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.382117696Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.384787344Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.38786344Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.391682623Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.394249447Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.39652003Z	59	PC: 12bf5 \| Change current directory
2018-12-25T12:02:03.40119531Z	59	PC: 12d79 \| Change current directory
2018-12-25T12:02:03.405719162Z	250	PC: 12b56 \| UNKNOWN! (See above)
2018-12-25T12:02:03.406714623Z	42	PC: 12b5a \| Get date (See above)
2018-12-25T12:02:03.409753524Z	71	PC: 12b8f \| Get current directory (See above)
2018-12-25T12:02:03.413131713Z	78	PC: 12b9a \| Find first file (See above)
2018-12-25T12:02:03.417387039Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.419209425Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.421938187Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.42461675Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.427069447Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.430875657Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.433690005Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.436341992Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.439264117Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:03.441690951Z	59	PC: 12bf5 \| Change current directory (See above)
2018-12-25T12:02:03.446480981Z	59	PC: 12d79 \| Change current directory (See above)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":22,"Min":0,"Second":0,"TimeBased":true,"OriginalID":7599,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:02:04.439371411Z	250	PC: 12b56 \| UNKNOWN!
2018-12-25T12:02:04.440774926Z	42	PC: 12b5a \| Get date 0x12b5a: cmp dh, 6 0x12b5d: jb 0x12b6b 0x12b5f: mov ah, 0x2c 0x12b61: int 0x21 0x12b63: cmp ch, 0x16 0x12b66: jb 0x12b6b 0x12b68: jmp 0x12d97 0x12b6b: cld 0x12b6c: mov cx, 7 0x12b6f: lea si, word ptr [bp + 0x363] 0x12b73: lea di, word ptr [bp + 0x36a] 0x12b77: rep movsb byte ptr es:[di], byte ptr [si] 0x12b79: mov cx, 0x2b 0x12b7c: lea di, word ptr [bp + 0x39c] 0x12b80: mov si, 0x80 0x12b83: rep movsb byte ptr es:[di], byte ptr [si] 0x12b85: mov ah, 0x47 0x12b87: mov dl, 0 0x12b89: lea si, word ptr [bp + 0x3d0] 0x12b8d: int 0x21
2018-12-25T12:02:04.442969754Z	71	PC: 12b8f \| Get current directory
2018-12-25T12:02:04.44562563Z	78	PC: 12b9a \| Find first file
2018-12-25T12:02:04.451597447Z	79	PC: 12c0b \| Find next file
2018-12-25T12:02:04.454841106Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.45767484Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.46045162Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.463549761Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.465888524Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.468220913Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.471211523Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.474117253Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.476552354Z	59	PC: 12bf5 \| Change current directory
2018-12-25T12:02:04.481084185Z	59	PC: 12d79 \| Change current directory
2018-12-25T12:02:04.484883523Z	250	PC: 12b56 \| UNKNOWN! (See above)
2018-12-25T12:02:04.485635642Z	42	PC: 12b5a \| Get date (See above)
2018-12-25T12:02:04.496634025Z	71	PC: 12b8f \| Get current directory (See above)
2018-12-25T12:02:04.503755927Z	78	PC: 12b9a \| Find first file (See above)
2018-12-25T12:02:04.511125407Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.513325904Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.515109042Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.516749912Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.518858288Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.520570412Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.522085786Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.524097211Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.525750633Z	79	PC: 12c0b \| Find next file (See above)
2018-12-25T12:02:04.527218182Z	59	PC: 12bf5 \| Change current directory (See above)
2018-12-25T12:02:04.529929669Z	59	PC: 12d79 \| Change current directory (See above)