Sample viewer

vx.netlux.org/Virus.DOS.Leprosy.HTTM.651

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:43:54.430502889Z	44	PC: 12b9f \| Get time 0x12b9f: cmp byte ptr [0x11d], 0 0x12ba4: je 0x12bab 0x12ba6: cmp dh, 0xf 0x12ba9: jg 0x12bb4 0x12bab: cmp dl, 0 0x12bae: je 0x12b9b 0x12bb0: mov byte ptr [0x11d], dl 0x12bb4: mov byte ptr [0x250], 0 0x12bb9: mov byte ptr [0x251], 4 0x12bbe: mov byte ptr [0x25a], 0 0x12bc3: mov cx, 0x27 0x12bc6: mov dx, 0x13b 0x12bc9: mov ah, 0x4e 0x12bcb: int 0x21 0x12bcd: cmp ax, 0x12 0x12bd0: je 0x12bd5 0x12bd2: call 0x12bf7 0x12bd5: mov cx, 0x27 0x12bd8: mov dx, 0x141 0x12bdb: mov ah, 0x4e
2018-12-17T22:43:54.432982356Z	78	PC: 12bcd \| Find first file
2018-12-17T22:43:54.439736591Z	78	PC: 12bdf \| Find first file
2018-12-17T22:43:54.445973886Z	67	PC: 12c18 \| Get or set file attributes
2018-12-17T22:43:54.470137209Z	61	PC: 12c1e \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:43:54.479124138Z	63	PC: 12c2d \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:43:54.486613865Z	62	PC: 12c61 \| Close file
2018-12-17T22:43:54.488650369Z	61	PC: 12c6a \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:43:54.497193806Z	64	PC: 12a59 \| Write file or device (Write 651 bytes on handle 5)
2018-12-17T22:43:54.506757678Z	87	PC: 12c92 \| Get or set file date and time
2018-12-17T22:43:54.508550565Z	62	PC: 12c9a \| Close file
2018-12-17T22:43:54.517714457Z	67	PC: 12ca7 \| Get or set file attributes
2018-12-17T22:43:54.523668419Z	79	PC: 12c51 \| Find next file
2018-12-17T22:43:54.526767049Z	67	PC: 12c18 \| Get or set file attributes
2018-12-17T22:43:54.537435756Z	61	PC: 12c1e \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:43:54.551841773Z	63	PC: 12c2d \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:43:54.558716475Z	62	PC: 12c61 \| Close file
2018-12-17T22:43:54.560985758Z	61	PC: 12c6a \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:43:54.569595397Z	64	PC: 12a59 \| Write file or device (Write 651 bytes on handle 5)
2018-12-17T22:43:54.578618484Z	87	PC: 12c92 \| Get or set file date and time
2018-12-17T22:43:54.581916138Z	62	PC: 12c9a \| Close file
2018-12-17T22:43:54.591263534Z	67	PC: 12ca7 \| Get or set file attributes
2018-12-17T22:43:54.596791696Z	79	PC: 12c51 \| Find next file
2018-12-17T22:43:54.600106843Z	67	PC: 12c18 \| Get or set file attributes
2018-12-17T22:43:54.612064571Z	61	PC: 12c1e \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:43:54.621340604Z	63	PC: 12c2d \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:43:54.628748206Z	62	PC: 12c61 \| Close file
2018-12-17T22:43:54.630950753Z	61	PC: 12c6a \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:43:54.639203944Z	64	PC: 12a59 \| Write file or device (Write 651 bytes on handle 5)
2018-12-17T22:43:54.648094361Z	87	PC: 12c92 \| Get or set file date and time
2018-12-17T22:43:54.649612071Z	62	PC: 12c9a \| Close file
2018-12-17T22:43:54.667167544Z	67	PC: 12ca7 \| Get or set file attributes
2018-12-17T22:43:54.672863231Z	79	PC: 12c51 \| Find next file
2018-12-17T22:43:54.676296389Z	67	PC: 12c18 \| Get or set file attributes
2018-12-17T22:43:54.687697462Z	61	PC: 12c1e \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:43:54.694647005Z	63	PC: 12c2d \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:43:54.701317744Z	62	PC: 12c61 \| Close file
2018-12-17T22:43:54.704736174Z	61	PC: 12c6a \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:43:54.711273562Z	64	PC: 12a59 \| Write file or device (Write 651 bytes on handle 5)
2018-12-17T22:43:54.717503653Z	87	PC: 12c92 \| Get or set file date and time
2018-12-17T22:43:54.720282933Z	62	PC: 12c9a \| Close file
2018-12-17T22:43:54.727836931Z	67	PC: 12ca7 \| Get or set file attributes
2018-12-17T22:43:54.732409278Z	9	PC: 12cc7 \| Display string (String= 'Program too big to fit in memory')
2018-12-17T22:43:54.734777085Z	76	PC: 12ccb \| Terminate with return code (Return code = '36')