Sample viewer

vx.netlux.org/Virus.DOS.SillyOC.FK.658

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:44:10.325754363Z 87 PC: 12b8a | Get or set file date and time
2018-12-17T22:44:10.328232394Z 78 PC: 12ba2 | Find first file
2018-12-17T22:44:10.333809211Z 42 PC: 12bd3 | Get date 0x12bd3: cmp dl, 0x1f
0x12bd6: je 0x12bda
0x12bd8: jmp 0x12be9
0x12bda: mov ah, 9
0x12bdc: mov dx, 0x1f6
0x12bdf: int 0x21
0x12be1: call 0x12c9b
0x12be4: call 0x12c9b
0x12be7: int 0x20
0x12be9: xor ax, ax
0x12beb: xor bx, bx
0x12bed: xor cx, cx
0x12bef: xor dx, dx
0x12bf1: mov ah, 0x1a
0x12bf3: mov dx, 0x105
0x12bf6: int 0x21
0x12bf8: mov ah, 0x47
0x12bfa: mov dl, 0
0x12bfc: mov si, 0x14e
0x12bff: int 0x21
2018-12-17T22:44:10.336345056Z 26 PC: 12bf8 | Set disk transfer address
2018-12-17T22:44:10.33791637Z 71 PC: 12c01 | Get current directory
2018-12-17T22:44:10.340903113Z 59 PC: 12c08 | Change current directory
2018-12-17T22:44:10.350940013Z 78 PC: 12c14 | Find first file
2018-12-17T22:44:10.360517698Z 67 PC: 12cba | Get or set file attributes
2018-12-17T22:44:10.376368854Z 61 PC: 12cbf | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:44:10.382889033Z 64 PC: 12ccd | Write file or device (Write 658 bytes on handle 5)
2018-12-17T22:44:10.391319438Z 79 PC: 12c14 | Find next file
2018-12-17T22:44:10.394908178Z 67 PC: 12cba | Get or set file attributes
2018-12-17T22:44:10.405707096Z 61 PC: 12cbf | Open file (Filename = 'PRINT.COM')
2018-12-17T22:44:10.417495039Z 64 PC: 12ccd | Write file or device (Write 658 bytes on handle 6)
2018-12-17T22:44:10.426188108Z 79 PC: 12c14 | Find next file
2018-12-17T22:44:10.438065318Z 67 PC: 12cba | Get or set file attributes
2018-12-17T22:44:10.448200905Z 61 PC: 12cbf | Open file (Filename = 'HELLO.COM')
2018-12-17T22:44:10.455611855Z 64 PC: 12ccd | Write file or device (Write 658 bytes on handle 7)
2018-12-17T22:44:10.46389392Z 79 PC: 12c14 | Find next file
2018-12-17T22:44:10.468015637Z 67 PC: 12cba | Get or set file attributes
2018-12-17T22:44:10.480137552Z 61 PC: 12cbf | Open file (Filename = 'PHANG.COM')
2018-12-17T22:44:10.487406013Z 64 PC: 12ccd | Write file or device (Write 658 bytes on handle 8)
2018-12-17T22:44:10.495776629Z 79 PC: 12c14 | Find next file
2018-12-17T22:44:10.499232162Z 67 PC: 12cba | Get or set file attributes
2018-12-17T22:44:10.51040919Z 61 PC: 12cbf | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:44:10.521300314Z 64 PC: 12ccd | Write file or device (Write 658 bytes on handle 9)
2018-12-17T22:44:10.533928034Z 79 PC: 12c14 | Find next file
2018-12-17T22:44:10.536816071Z 67 PC: 12cba | Get or set file attributes
2018-12-17T22:44:10.549049691Z 61 PC: 12cbf | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:44:10.558423735Z 64 PC: 12ccd | Write file or device (Write 658 bytes on handle 10)
2018-12-17T22:44:10.5669821Z 79 PC: 12c14 | Find next file
2018-12-17T22:44:10.570053603Z 67 PC: 12cba | Get or set file attributes
2018-12-17T22:44:10.581719706Z 61 PC: 12cbf | Open file (Filename = 'PAH.COM')
2018-12-17T22:44:10.587037502Z 64 PC: 12ccd | Write file or device (Write 658 bytes on handle 11)
2018-12-17T22:44:10.594162443Z 79 PC: 12c14 | Find next file
2018-12-17T22:44:10.597077837Z 67 PC: 12cba | Get or set file attributes
2018-12-17T22:44:10.604520783Z 61 PC: 12cbf | Open file (Filename = 'TEST.COM')
2018-12-17T22:44:10.608833237Z 64 PC: 12ccd | Write file or device (Write 658 bytes on handle 12)
2018-12-17T22:44:10.616563539Z 79 PC: 12c14 | Find next file
2018-12-17T22:44:10.619396858Z 78 PC: 12c3b | Find first file
2018-12-17T22:44:10.625205604Z 79 PC: 12c44 | Find next file
2018-12-17T22:44:10.627711129Z 79 PC: 12c44 | Find next file
2018-12-17T22:44:10.630753264Z 79 PC: 12c44 | Find next file
2018-12-17T22:44:10.633411498Z 79 PC: 12c44 | Find next file
2018-12-17T22:44:10.635982144Z 79 PC: 12c44 | Find next file
2018-12-17T22:44:10.639424336Z 79 PC: 12c44 | Find next file
2018-12-17T22:44:10.64236532Z 79 PC: 12c44 | Find next file
2018-12-17T22:44:10.645348984Z 79 PC: 12c44 | Find next file
2018-12-17T22:44:10.649226587Z 79 PC: 12c44 | Find next file
2018-12-17T22:44:10.651937628Z 59 PC: 12c8b | Change current directory
2018-12-17T22:44:10.656756177Z 59 PC: 12c92 | Change current directory
2018-12-17T22:44:10.659652669Z 9 PC: 12c99 | Display string (String= 'Incorrect DOS version ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8125,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:31.318918373Z 87 PC: 12b8a | Get or set file date and time
2018-12-25T12:03:31.32011971Z 78 PC: 12ba2 | Find first file
2018-12-25T12:03:31.324801636Z 42 PC: 12bd3 | Get date 0x12bd3: cmp dl, 0x1f
0x12bd6: je 0x12bda
0x12bd8: jmp 0x12be9
0x12bda: mov ah, 9
0x12bdc: mov dx, 0x1f6
0x12bdf: int 0x21
0x12be1: call 0x12c9b
0x12be4: call 0x12c9b
0x12be7: int 0x20
0x12be9: xor ax, ax
0x12beb: xor bx, bx
0x12bed: xor cx, cx
0x12bef: xor dx, dx
0x12bf1: mov ah, 0x1a
0x12bf3: mov dx, 0x105
0x12bf6: int 0x21
0x12bf8: mov ah, 0x47
0x12bfa: mov dl, 0
0x12bfc: mov si, 0x14e
0x12bff: int 0x21
2018-12-25T12:03:31.326463567Z 26 PC: 12bf8 | Set disk transfer address
2018-12-25T12:03:31.327440469Z 71 PC: 12c01 | Get current directory
2018-12-25T12:03:31.330161735Z 59 PC: 12c08 | Change current directory
2018-12-25T12:03:31.336467668Z 78 PC: 12c14 | Find first file
2018-12-25T12:03:31.342409626Z 67 PC: 12cba | Get or set file attributes
2018-12-25T12:03:31.356756645Z 61 PC: 12cbf | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:03:31.361266952Z 64 PC: 12ccd | Write file or device (Write 658 bytes on handle 5)
2018-12-25T12:03:31.368605778Z 79 PC: 12c14 | Find next file (See above)
2018-12-25T12:03:31.373565366Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:03:31.385854095Z 61 PC: 12cbf | Open file (See above)
2018-12-25T12:03:31.399081529Z 64 PC: 12ccd | Write file or device (See above)
2018-12-25T12:03:31.408962095Z 79 PC: 12c14 | Find next file (See above)
2018-12-25T12:03:31.412701948Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:03:31.424759816Z 61 PC: 12cbf | Open file (See above)
2018-12-25T12:03:31.432716525Z 64 PC: 12ccd | Write file or device (See above)
2018-12-25T12:03:31.443034098Z 79 PC: 12c14 | Find next file (See above)
2018-12-25T12:03:31.446437465Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:03:31.458635894Z 61 PC: 12cbf | Open file (See above)
2018-12-25T12:03:31.46782598Z 64 PC: 12ccd | Write file or device (See above)
2018-12-25T12:03:31.477482086Z 79 PC: 12c14 | Find next file (See above)
2018-12-25T12:03:31.481040295Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:03:31.494182031Z 61 PC: 12cbf | Open file (See above)
2018-12-25T12:03:31.501943027Z 64 PC: 12ccd | Write file or device (See above)
2018-12-25T12:03:31.511130275Z 79 PC: 12c14 | Find next file (See above)
2018-12-25T12:03:31.515087084Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:03:31.52699224Z 61 PC: 12cbf | Open file (See above)
2018-12-25T12:03:31.535950982Z 64 PC: 12ccd | Write file or device (See above)
2018-12-25T12:03:31.546945792Z 79 PC: 12c14 | Find next file (See above)
2018-12-25T12:03:31.550536377Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:03:31.562536322Z 61 PC: 12cbf | Open file (See above)
2018-12-25T12:03:31.575000721Z 64 PC: 12ccd | Write file or device (See above)
2018-12-25T12:03:31.585250014Z 79 PC: 12c14 | Find next file (See above)
2018-12-25T12:03:31.588386196Z 67 PC: 12cba | Get or set file attributes (See above)
2018-12-25T12:03:31.603033824Z 61 PC: 12cbf | Open file (See above)
2018-12-25T12:03:31.611238917Z 64 PC: 12ccd | Write file or device (See above)
2018-12-25T12:03:31.621558591Z 79 PC: 12c14 | Find next file (See above)
2018-12-25T12:03:31.62441108Z 78 PC: 12c3b | Find first file
2018-12-25T12:03:31.631592872Z 79 PC: 12c44 | Find next file
2018-12-25T12:03:31.634891435Z 79 PC: 12c44 | Find next file (See above)
2018-12-25T12:03:31.637862821Z 79 PC: 12c44 | Find next file (See above)
2018-12-25T12:03:31.641521394Z 79 PC: 12c44 | Find next file (See above)
2018-12-25T12:03:31.644537906Z 79 PC: 12c44 | Find next file (See above)
2018-12-25T12:03:31.647547817Z 79 PC: 12c44 | Find next file (See above)
2018-12-25T12:03:31.65120243Z 79 PC: 12c44 | Find next file (See above)
2018-12-25T12:03:31.654074388Z 79 PC: 12c44 | Find next file (See above)
2018-12-25T12:03:31.656772357Z 79 PC: 12c44 | Find next file (See above)
2018-12-25T12:03:31.66054027Z 59 PC: 12c8b | Change current directory
2018-12-25T12:03:31.666047786Z 59 PC: 12c92 | Change current directory
2018-12-25T12:03:31.668300546Z 9 PC: 12c99 | Display string (String= 'Incorrect DOS version ')

{"DateBased":true,"Day":31,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8125,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:03:32.420187702Z 87 PC: 12b8a | Get or set file date and time
2018-12-25T12:03:32.422003141Z 78 PC: 12ba2 | Find first file
2018-12-25T12:03:32.427631628Z 42 PC: 12bd3 | Get date 0x12bd3: cmp dl, 0x1f
0x12bd6: je 0x12bda
0x12bd8: jmp 0x12be9
0x12bda: mov ah, 9
0x12bdc: mov dx, 0x1f6
0x12bdf: int 0x21
0x12be1: call 0x12c9b
0x12be4: call 0x12c9b
0x12be7: int 0x20
0x12be9: xor ax, ax
0x12beb: xor bx, bx
0x12bed: xor cx, cx
0x12bef: xor dx, dx
0x12bf1: mov ah, 0x1a
0x12bf3: mov dx, 0x105
0x12bf6: int 0x21
0x12bf8: mov ah, 0x47
0x12bfa: mov dl, 0
0x12bfc: mov si, 0x14e
0x12bff: int 0x21
2018-12-25T12:03:32.429478733Z 9 PC: 12be1 | Display string (String= '(c) Copyleft 1997 10.29 by SVS/COREA [F.K Virus].MOV(Master Of Virus) ')