Sample viewer

vx.netlux.org/Virus.DOS.FastKiller.481

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:42:42.894281816Z 37 PC: 12a58 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:42:42.896314804Z 37 PC: 12a60 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:42:42.89795793Z 26 PC: 12a67 | Set disk transfer address
2018-12-17T22:42:42.899443921Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.901890066Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.90545458Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.908811806Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.9113965Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.914935667Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.917683779Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.920258034Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.923142151Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.925322747Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.927910507Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.931826231Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.934528907Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.937157965Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.940643301Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.94432719Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.94703165Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.950142843Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.953456537Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.955938969Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.958382088Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.961614298Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.964285536Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.967112505Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.970701546Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.974160323Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.976865283Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.980277171Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.982883125Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.985408839Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.98897157Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.991579007Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.994236839Z 78 PC: 12aab | Find first file
2018-12-17T22:42:42.99685704Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:42.998711513Z 78 PC: 12aab | Find first file
2018-12-17T22:42:43.000435321Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:43.002533632Z 78 PC: 12aab | Find first file
2018-12-17T22:42:43.004472093Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:43.006239542Z 78 PC: 12aab | Find first file
2018-12-17T22:42:43.007956347Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:43.010497049Z 78 PC: 12aab | Find first file
2018-12-17T22:42:43.01277647Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:43.014726763Z 78 PC: 12aab | Find first file
2018-12-17T22:42:43.017896927Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:43.020454401Z 78 PC: 12aab | Find first file
2018-12-17T22:42:43.022901677Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:43.026274572Z 78 PC: 12aab | Find first file
2018-12-17T22:42:43.032131643Z 78 PC: 12b67 | Find first file
2018-12-17T22:42:43.039101674Z 79 PC: 12bab | Find next file
2018-12-17T22:42:43.042604152Z 79 PC: 12bab | Find next file
2018-12-17T22:42:43.045386277Z 78 PC: 12aab | Find first file
2018-12-17T22:42:43.054608518Z 67 PC: 12acf | Get or set file attributes
2018-12-17T22:42:43.395371212Z 61 PC: 12ad9 | Open file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T22:42:43.403210746Z 44 PC: 12bb6 | Get time 0x12bb6: add bl, ch
0x12bb8: add bl, cl
0x12bba: add bl, dh
0x12bbc: add bl, dl
0x12bbe: add bl, 9
0x12bc1: mov byte ptr [0x280], bl
0x12bc5: ret
0x12bc6: mov al, 3
0x12bc8: iret
0x12bc9: sub ch, byte ptr [0x5845]
0x12bcd: inc bp
0x12bce: add byte ptr [bp + si], ch
0x12bd0: sub al, byte ptr cs:[bx + si]
0x12bd3: pop es
0x12bd4: pop es
0x12bd5: pop es
0x12bd6: dec ax
0x12bd7: insb byte ptr es:[di], dx
0x12bd9: insb byte ptr es:[di], dx
0x12bda: outsw dx, word ptr [si]
2018-12-17T22:42:43.405863098Z 64 PC: 12afb | Write file or device (Write 16 bytes on handle 5)
2018-12-17T22:42:43.412106654Z 64 PC: 12b05 | Write file or device (Write 465 bytes on handle 5)
2018-12-17T22:42:43.416280193Z 87 PC: 12b14 | Get or set file date and time
2018-12-17T22:42:43.418121181Z 62 PC: 12b18 | Close file
2018-12-17T22:42:43.425352472Z 67 PC: 12b2a | Get or set file attributes
2018-12-17T22:42:43.4375975Z 79 PC: 12b52 | Find next file
2018-12-17T22:42:43.440830062Z 67 PC: 12acf | Get or set file attributes
2018-12-17T22:42:43.450928739Z 61 PC: 12ad9 | Open file (Filename = 'C:\DOS\CHKDSK.EXE')
2018-12-17T22:42:43.459055773Z 44 PC: 12bb6 | Get time 0x12bb6: add bl, ch
0x12bb8: add bl, cl
0x12bba: add bl, dh
0x12bbc: add bl, dl
0x12bbe: add bl, 0x8d
0x12bc1: mov byte ptr [0x280], bl
0x12bc5: ret
0x12bc6: mov al, 3
0x12bc8: iret
0x12bc9: sub ch, byte ptr [0x5845]
0x12bcd: inc bp
0x12bce: add byte ptr [bp + si], ch
0x12bd0: sub al, byte ptr cs:[bx + si]
0x12bd3: pop es
0x12bd4: pop es
0x12bd5: pop es
0x12bd6: dec ax
0x12bd7: insb byte ptr es:[di], dx
0x12bd9: insb byte ptr es:[di], dx
0x12bda: outsw dx, word ptr [si]
2018-12-17T22:42:43.461683348Z 64 PC: 12afb | Write file or device (Write 16 bytes on handle 5)
2018-12-17T22:42:43.468267494Z 64 PC: 12b05 | Write file or device (Write 465 bytes on handle 5)
2018-12-17T22:42:43.471829505Z 87 PC: 12b14 | Get or set file date and time
2018-12-17T22:42:43.47396747Z 62 PC: 12b18 | Close file
2018-12-17T22:42:43.480902375Z 67 PC: 12b2a | Get or set file attributes
2018-12-17T22:42:43.492020186Z 79 PC: 12b52 | Find next file
2018-12-17T22:42:43.495442805Z 67 PC: 12acf | Get or set file attributes
2018-12-17T22:42:43.510526705Z 61 PC: 12ad9 | Open file (Filename = 'C:\DOS\DEBUG.EXE')
2018-12-17T22:42:43.517563972Z 44 PC: 12bb6 | Get time 0x12bb6: add bl, ch
0x12bb8: add bl, cl
0x12bba: add bl, dh
0x12bbc: add bl, dl
0x12bbe: add bl, 0x1b
0x12bc1: mov byte ptr [0x280], bl
0x12bc5: ret
0x12bc6: mov al, 3
0x12bc8: iret
0x12bc9: sub ch, byte ptr [0x5845]
0x12bcd: inc bp
0x12bce: add byte ptr [bp + si], ch
0x12bd0: sub al, byte ptr cs:[bx + si]
0x12bd3: pop es
0x12bd4: pop es
0x12bd5: pop es
0x12bd6: dec ax
0x12bd7: insb byte ptr es:[di], dx
0x12bd9: insb byte ptr es:[di], dx
0x12bda: outsw dx, word ptr [si]
2018-12-17T22:42:43.52097074Z 64 PC: 12afb | Write file or device (Write 16 bytes on handle 5)
2018-12-17T22:42:43.527060508Z 64 PC: 12b05 | Write file or device (Write 465 bytes on handle 5)
2018-12-17T22:42:43.529922814Z 87 PC: 12b14 | Get or set file date and time
2018-12-17T22:42:43.53203422Z 62 PC: 12b18 | Close file
2018-12-17T22:42:43.539162728Z 67 PC: 12b2a | Get or set file attributes
2018-12-17T22:42:43.549708215Z 79 PC: 12b52 | Find next file
2018-12-17T22:42:43.553617326Z 67 PC: 12acf | Get or set file attributes
2018-12-17T22:42:43.564314548Z 61 PC: 12ad9 | Open file (Filename = 'C:\DOS\EXPAND.EXE')
2018-12-17T22:42:43.57233397Z 44 PC: 12bb6 | Get time 0x12bb6: add bl, ch
0x12bb8: add bl, cl
0x12bba: add bl, dh
0x12bbc: add bl, dl
0x12bbe: add bl, 0xaf
0x12bc1: mov byte ptr [0x280], bl
0x12bc5: ret
0x12bc6: mov al, 3
0x12bc8: iret
0x12bc9: sub ch, byte ptr [0x5845]
0x12bcd: inc bp
0x12bce: add byte ptr [bp + si], ch
0x12bd0: sub al, byte ptr cs:[bx + si]
0x12bd3: pop es
0x12bd4: pop es
0x12bd5: pop es
0x12bd6: dec ax
0x12bd7: insb byte ptr es:[di], dx
0x12bd9: insb byte ptr es:[di], dx
0x12bda: outsw dx, word ptr [si]
2018-12-17T22:42:43.575967214Z 64 PC: 12afb | Write file or device (Write 16 bytes on handle 5)
2018-12-17T22:42:43.582288567Z 64 PC: 12b05 | Write file or device (Write 465 bytes on handle 5)
2018-12-17T22:42:43.585336811Z 87 PC: 12b14 | Get or set file date and time
2018-12-17T22:42:43.587537605Z 62 PC: 12b18 | Close file
2018-12-17T22:42:43.594479433Z 67 PC: 12b2a | Get or set file attributes
2018-12-17T22:42:43.604850763Z 79 PC: 12b52 | Find next file
2018-12-17T22:42:43.608157423Z 67 PC: 12acf | Get or set file attributes
2018-12-17T22:42:43.617203333Z 61 PC: 12ad9 | Open file (Filename = 'C:\DOS\FDISK.EXE')
2018-12-17T22:42:43.622390034Z 44 PC: 12bb6 | Get time 0x12bb6: add bl, ch
0x12bb8: add bl, cl
0x12bba: add bl, dh
0x12bbc: add bl, dl
0x12bbe: add bl, 0x48
0x12bc1: mov byte ptr [0x280], bl
0x12bc5: ret
0x12bc6: mov al, 3
0x12bc8: iret
0x12bc9: sub ch, byte ptr [0x5845]
0x12bcd: inc bp
0x12bce: add byte ptr [bp + si], ch
0x12bd0: sub al, byte ptr cs:[bx + si]
0x12bd3: pop es
0x12bd4: pop es
0x12bd5: pop es
0x12bd6: dec ax
0x12bd7: insb byte ptr es:[di], dx
0x12bd9: insb byte ptr es:[di], dx
0x12bda: outsw dx, word ptr [si]
2018-12-17T22:42:43.624456014Z 64 PC: 12afb | Write file or device (Write 16 bytes on handle 5)
2018-12-17T22:42:43.629425197Z 64 PC: 12b05 | Write file or device (Write 465 bytes on handle 5)
2018-12-17T22:42:43.63158296Z 87 PC: 12b14 | Get or set file date and time
2018-12-17T22:42:43.632845061Z 62 PC: 12b18 | Close file
2018-12-17T22:42:43.638852013Z 67 PC: 12b2a | Get or set file attributes
2018-12-17T22:42:43.646061313Z 79 PC: 12b52 | Find next file
2018-12-17T22:42:43.648424522Z 67 PC: 12acf | Get or set file attributes
2018-12-17T22:42:43.656369293Z 61 PC: 12ad9 | Open file (Filename = 'C:\DOS\MEM.EXE')
2018-12-17T22:42:43.661892777Z 44 PC: 12bb6 | Get time 0x12bb6: add bl, ch
0x12bb8: add bl, cl
0x12bba: add bl, dh
0x12bbc: add bl, dl
0x12bbe: add bl, 0xe1
0x12bc1: mov byte ptr [0x280], bl
0x12bc5: ret
0x12bc6: mov al, 3
0x12bc8: iret
0x12bc9: sub ch, byte ptr [0x5845]
0x12bcd: inc bp
0x12bce: add byte ptr [bp + si], ch
0x12bd0: sub al, byte ptr cs:[bx + si]
0x12bd3: pop es
0x12bd4: pop es
0x12bd5: pop es
0x12bd6: dec ax
0x12bd7: insb byte ptr es:[di], dx
0x12bd9: insb byte ptr es:[di], dx
0x12bda: outsw dx, word ptr [si]
2018-12-17T22:42:43.664020824Z 64 PC: 12afb | Write file or device (Write 16 bytes on handle 5)
2018-12-17T22:42:43.669245377Z 64 PC: 12b05 | Write file or device (Write 465 bytes on handle 5)
2018-12-17T22:42:43.671432485Z 87 PC: 12b14 | Get or set file date and time
2018-12-17T22:42:43.672891034Z 62 PC: 12b18 | Close file
2018-12-17T22:42:43.678744257Z 67 PC: 12b2a | Get or set file attributes
2018-12-17T22:42:43.689280226Z 79 PC: 12b52 | Find next file
2018-12-17T22:42:43.695386966Z 67 PC: 12acf | Get or set file attributes
2018-12-17T22:42:43.707174635Z 61 PC: 12ad9 | Open file (Filename = 'C:\DOS\NLSFUNC.EXE')
2018-12-17T22:42:43.714732641Z 44 PC: 12bb6 | Get time 0x12bb6: add bl, ch
0x12bb8: add bl, cl
0x12bba: add bl, dh
0x12bbc: add bl, dl
0x12bbe: add bl, 0x80
0x12bc1: mov byte ptr [0x280], bl
0x12bc5: ret
0x12bc6: mov al, 3
0x12bc8: iret
0x12bc9: sub ch, byte ptr [0x5845]
0x12bcd: inc bp
0x12bce: add byte ptr [bp + si], ch
0x12bd0: sub al, byte ptr cs:[bx + si]
0x12bd3: pop es
0x12bd4: pop es
0x12bd5: pop es
0x12bd6: dec ax
0x12bd7: insb byte ptr es:[di], dx
0x12bd9: insb byte ptr es:[di], dx
0x12bda: outsw dx, word ptr [si]
2018-12-17T22:42:43.71731484Z 64 PC: 12afb | Write file or device (Write 16 bytes on handle 5)
2018-12-17T22:42:43.72391141Z 64 PC: 12b05 | Write file or device (Write 465 bytes on handle 5)
2018-12-17T22:42:43.726758407Z 87 PC: 12b14 | Get or set file date and time
2018-12-17T22:42:43.728377578Z 62 PC: 12b18 | Close file
2018-12-17T22:42:43.735814465Z 67 PC: 12b2a | Get or set file attributes
2018-12-17T22:42:43.745962726Z 79 PC: 12b52 | Find next file
2018-12-17T22:42:43.749113634Z 67 PC: 12acf | Get or set file attributes
2018-12-17T22:42:43.759349619Z 61 PC: 12ad9 | Open file (Filename = 'C:\DOS\QBASIC.EXE')
2018-12-17T22:42:43.768495476Z 44 PC: 12bb6 | Get time 0x12bb6: add bl, ch
0x12bb8: add bl, cl
0x12bba: add bl, dh
0x12bbc: add bl, dl
0x12bbe: add bl, 0xc1
0x12bc1: mov byte ptr [0x280], bl
0x12bc5: ret
0x12bc6: mov al, 3
0x12bc8: iret
0x12bc9: sub ch, byte ptr [0x5845]
0x12bcd: inc bp
0x12bce: add byte ptr [bp + si], ch
0x12bd0: sub al, byte ptr cs:[bx + si]
0x12bd3: pop es
0x12bd4: pop es
0x12bd5: pop es
0x12bd6: dec ax
0x12bd7: insb byte ptr es:[di], dx
0x12bd9: insb byte ptr es:[di], dx
0x12bda: outsw dx, word ptr [si]
2018-12-17T22:42:43.770982778Z 64 PC: 12afb | Write file or device (Write 16 bytes on handle 5)
2018-12-17T22:42:43.776769176Z 64 PC: 12b05 | Write file or device (Write 465 bytes on handle 5)
2018-12-17T22:42:43.779894185Z 87 PC: 12b14 | Get or set file date and time
2018-12-17T22:42:43.781483931Z 62 PC: 12b18 | Close file
2018-12-17T22:42:43.788054492Z 67 PC: 12b2a | Get or set file attributes
2018-12-17T22:42:43.798537862Z 79 PC: 12b52 | Find next file
2018-12-17T22:42:43.801818974Z 67 PC: 12acf | Get or set file attributes
2018-12-17T22:42:43.811752571Z 61 PC: 12ad9 | Open file (Filename = 'C:\DOS\REPLACE.EXE')
2018-12-17T22:42:43.81957845Z 44 PC: 12bb6 | Get time 0x12bb6: add bl, ch
0x12bb8: add bl, cl
0x12bba: add bl, dh
0x12bbc: add bl, dl
0x12bbe: add bl, 8
0x12bc1: mov byte ptr [0x280], bl
0x12bc5: ret
0x12bc6: mov al, 3
0x12bc8: iret
0x12bc9: sub ch, byte ptr [0x5845]
0x12bcd: inc bp
0x12bce: add byte ptr [bp + si], ch
0x12bd0: sub al, byte ptr cs:[bx + si]
0x12bd3: pop es
0x12bd4: pop es
0x12bd5: pop es
0x12bd6: dec ax
0x12bd7: insb byte ptr es:[di], dx
0x12bd9: insb byte ptr es:[di], dx
0x12bda: outsw dx, word ptr [si]
2018-12-17T22:42:43.822310591Z 64 PC: 12afb | Write file or device (Write 16 bytes on handle 5)
2018-12-17T22:42:43.82822528Z 64 PC: 12b05 | Write file or device (Write 465 bytes on handle 5)
2018-12-17T22:42:43.831612742Z 87 PC: 12b14 | Get or set file date and time
2018-12-17T22:42:43.834044459Z 62 PC: 12b18 | Close file
2018-12-17T22:42:43.840631451Z 67 PC: 12b2a | Get or set file attributes
2018-12-17T22:42:43.852481557Z 79 PC: 12b52 | Find next file
2018-12-17T22:42:43.855580017Z 67 PC: 12acf | Get or set file attributes
2018-12-17T22:42:43.865620024Z 61 PC: 12ad9 | Open file (Filename = 'C:\DOS\RESTORE.EXE')
2018-12-17T22:42:43.874880236Z 44 PC: 12bb6 | Get time 0x12bb6: add bl, ch
0x12bb8: add bl, cl
0x12bba: add bl, dh
0x12bbc: add bl, dl
0x12bbe: add bl, 0x4f
0x12bc1: mov byte ptr [0x280], bl
0x12bc5: ret
0x12bc6: mov al, 3
0x12bc8: iret
0x12bc9: sub ch, byte ptr [0x5845]
0x12bcd: inc bp
0x12bce: add byte ptr [bp + si], ch
0x12bd0: sub al, byte ptr cs:[bx + si]
0x12bd3: pop es
0x12bd4: pop es
0x12bd5: pop es
0x12bd6: dec ax
0x12bd7: insb byte ptr es:[di], dx
0x12bd9: insb byte ptr es:[di], dx
0x12bda: outsw dx, word ptr [si]
2018-12-17T22:42:43.877489567Z 64 PC: 12afb | Write file or device (Write 16 bytes on handle 5)
2018-12-17T22:42:43.883357057Z 64 PC: 12b05 | Write file or device (Write 465 bytes on handle 5)
2018-12-17T22:42:43.88627608Z 87 PC: 12b14 | Get or set file date and time
2018-12-17T22:42:43.887942009Z 62 PC: 12b18 | Close file
2018-12-17T22:42:43.895239444Z 67 PC: 12b2a | Get or set file attributes
2018-12-17T22:42:43.906070818Z 44 PC: 12bb6 | Get time 0x12bb6: add bl, ch
0x12bb8: add bl, cl
0x12bba: add bl, dh
0x12bbc: add bl, dl
0x12bbe: add bl, 0x9b
0x12bc1: mov byte ptr [0x280], bl
0x12bc5: ret
0x12bc6: mov al, 3
0x12bc8: iret
0x12bc9: sub ch, byte ptr [0x5845]
0x12bcd: inc bp
0x12bce: add byte ptr [bp + si], ch
0x12bd0: sub al, byte ptr cs:[bx + si]
0x12bd3: pop es
0x12bd4: pop es
0x12bd5: pop es
0x12bd6: dec ax
0x12bd7: insb byte ptr es:[di], dx
0x12bd9: insb byte ptr es:[di], dx
0x12bda: outsw dx, word ptr [si]
2018-12-17T22:42:43.909231985Z 76 PC: 12b4e | Terminate with return code (Return code = '0')