Sample viewer

vx.netlux.org/Virus.DOS.Trivial.Elben.161.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:44:10.502957779Z	78	PC: 12a77 \| Find first file
2018-12-17T22:44:10.510105742Z	44	PC: 12ad7 \| Get time 0x12ad7: cmp dh, 0 0x12ada: je 0x12ad3 0x12adc: mov byte ptr [0x154], dh 0x12ae0: ret 0x12ae1: or dl, dl 0x12ae3: je 0x12aec 0x12ae5: mov ah, 2 0x12ae7: int 0x21 0x12ae9: inc bx 0x12aea: jmp 0x12adf 0x12aec: pop cx 0x12aed: pop bx 0x12aee: ret 0x12aef: push ax 0x12af0: mov ax, 0x1213 0x12af3: int 0x2f 0x12af5: inc sp 0x12af6: inc sp 0x12af7: ret 0x12af8: pop ds
2018-12-17T22:44:10.518309887Z	61	PC: 12a5a \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:44:10.527478999Z	64	PC: 12a66 \| Write file or device (Write 161 bytes on handle 5)
2018-12-17T22:44:10.535519449Z	62	PC: 12a6a \| Close file
2018-12-17T22:44:10.552357273Z	79	PC: 12a86 \| Find next file
2018-12-17T22:44:10.555291409Z	44	PC: 12ad7 \| Get time 0x12ad7: cmp dh, 0 0x12ada: je 0x12ad3 0x12adc: mov byte ptr [0x154], dh 0x12ae0: ret 0x12ae1: or dl, dl 0x12ae3: je 0x12aec 0x12ae5: mov ah, 2 0x12ae7: int 0x21 0x12ae9: inc bx 0x12aea: jmp 0x12adf 0x12aec: pop cx 0x12aed: pop bx 0x12aee: ret 0x12aef: push ax 0x12af0: mov ax, 0x1213 0x12af3: int 0x2f 0x12af5: inc sp 0x12af6: inc sp 0x12af7: ret 0x12af8: pop ds
2018-12-17T22:44:10.55977992Z	61	PC: 12a5a \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:44:10.568896638Z	64	PC: 12a66 \| Write file or device (Write 161 bytes on handle 5)
2018-12-17T22:44:10.57572066Z	62	PC: 12a6a \| Close file
2018-12-17T22:44:10.583289719Z	79	PC: 12a86 \| Find next file
2018-12-17T22:44:10.586907409Z	44	PC: 12ad7 \| Get time 0x12ad7: cmp dh, 0 0x12ada: je 0x12ad3 0x12adc: mov byte ptr [0x154], dh 0x12ae0: ret 0x12ae1: or dl, dl 0x12ae3: je 0x12aec 0x12ae5: mov ah, 2 0x12ae7: int 0x21 0x12ae9: inc bx 0x12aea: jmp 0x12adf 0x12aec: pop cx 0x12aed: pop bx 0x12aee: ret 0x12aef: push ax 0x12af0: mov ax, 0x1213 0x12af3: int 0x2f 0x12af5: inc sp 0x12af6: inc sp 0x12af7: ret 0x12af8: pop ds
2018-12-17T22:44:10.589191655Z	61	PC: 12a5a \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:44:10.595567551Z	64	PC: 12a66 \| Write file or device (Write 161 bytes on handle 5)
2018-12-17T22:44:10.603767194Z	62	PC: 12a6a \| Close file
2018-12-17T22:44:10.612550962Z	79	PC: 12a86 \| Find next file
2018-12-17T22:44:10.615802248Z	44	PC: 12ad7 \| Get time 0x12ad7: cmp dh, 0 0x12ada: je 0x12ad3 0x12adc: mov byte ptr [0x154], dh 0x12ae0: ret 0x12ae1: or dl, dl 0x12ae3: je 0x12aec 0x12ae5: mov ah, 2 0x12ae7: int 0x21 0x12ae9: inc bx 0x12aea: jmp 0x12adf 0x12aec: pop cx 0x12aed: pop bx 0x12aee: ret 0x12aef: push ax 0x12af0: mov ax, 0x1213 0x12af3: int 0x2f 0x12af5: inc sp 0x12af6: inc sp 0x12af7: ret 0x12af8: pop ds
2018-12-17T22:44:10.619010358Z	61	PC: 12a5a \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:44:10.62594709Z	64	PC: 12a66 \| Write file or device (Write 161 bytes on handle 5)
2018-12-17T22:44:10.63235078Z	62	PC: 12a6a \| Close file
2018-12-17T22:44:10.642149599Z	79	PC: 12a86 \| Find next file
2018-12-17T22:44:10.644797818Z	44	PC: 12ad7 \| Get time 0x12ad7: cmp dh, 0 0x12ada: je 0x12ad3 0x12adc: mov byte ptr [0x154], dh 0x12ae0: ret 0x12ae1: or dl, dl 0x12ae3: je 0x12aec 0x12ae5: mov ah, 2 0x12ae7: int 0x21 0x12ae9: inc bx 0x12aea: jmp 0x12adf 0x12aec: pop cx 0x12aed: pop bx 0x12aee: ret 0x12aef: push ax 0x12af0: mov ax, 0x1213 0x12af3: int 0x2f 0x12af5: inc sp 0x12af6: inc sp 0x12af7: ret 0x12af8: pop ds
2018-12-17T22:44:10.647289481Z	61	PC: 12a5a \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:44:10.654185866Z	64	PC: 12a66 \| Write file or device (Write 161 bytes on handle 5)
2018-12-17T22:44:10.660656768Z	62	PC: 12a6a \| Close file
2018-12-17T22:44:10.668772929Z	79	PC: 12a86 \| Find next file
2018-12-17T22:44:10.672235141Z	44	PC: 12ad7 \| Get time 0x12ad7: cmp dh, 0 0x12ada: je 0x12ad3 0x12adc: mov byte ptr [0x154], dh 0x12ae0: ret 0x12ae1: or dl, dl 0x12ae3: je 0x12aec 0x12ae5: mov ah, 2 0x12ae7: int 0x21 0x12ae9: inc bx 0x12aea: jmp 0x12adf 0x12aec: pop cx 0x12aed: pop bx 0x12aee: ret 0x12aef: push ax 0x12af0: mov ax, 0x1213 0x12af3: int 0x2f 0x12af5: inc sp 0x12af6: inc sp 0x12af7: ret 0x12af8: pop ds
2018-12-17T22:44:10.674506273Z	61	PC: 12a5a \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:44:10.680786188Z	64	PC: 12a66 \| Write file or device (Write 161 bytes on handle 5)
2018-12-17T22:44:10.687741408Z	62	PC: 12a6a \| Close file
2018-12-17T22:44:10.695266382Z	79	PC: 12a86 \| Find next file
2018-12-17T22:44:10.697841254Z	44	PC: 12ad7 \| Get time 0x12ad7: cmp dh, 0 0x12ada: je 0x12ad3 0x12adc: mov byte ptr [0x154], dh 0x12ae0: ret 0x12ae1: or dl, dl 0x12ae3: je 0x12aec 0x12ae5: mov ah, 2 0x12ae7: int 0x21 0x12ae9: inc bx 0x12aea: jmp 0x12adf 0x12aec: pop cx 0x12aed: pop bx 0x12aee: ret 0x12aef: push ax 0x12af0: mov ax, 0x1213 0x12af3: int 0x2f 0x12af5: inc sp 0x12af6: inc sp 0x12af7: ret 0x12af8: pop ds
2018-12-17T22:44:10.701034191Z	61	PC: 12a5a \| Open file (Filename = 'PAH.COM')
2018-12-17T22:44:10.707320173Z	64	PC: 12a66 \| Write file or device (Write 161 bytes on handle 5)
2018-12-17T22:44:10.713708266Z	62	PC: 12a6a \| Close file
2018-12-17T22:44:10.721352819Z	79	PC: 12a86 \| Find next file
2018-12-17T22:44:10.724575372Z	44	PC: 12ad7 \| Get time 0x12ad7: cmp dh, 0 0x12ada: je 0x12ad3 0x12adc: mov byte ptr [0x154], dh 0x12ae0: ret 0x12ae1: or dl, dl 0x12ae3: je 0x12aec 0x12ae5: mov ah, 2 0x12ae7: int 0x21 0x12ae9: inc bx 0x12aea: jmp 0x12adf 0x12aec: pop cx 0x12aed: pop bx 0x12aee: ret 0x12aef: push ax 0x12af0: mov ax, 0x1213 0x12af3: int 0x2f 0x12af5: inc sp 0x12af6: inc sp 0x12af7: ret 0x12af8: pop ds
2018-12-17T22:44:10.726754662Z	61	PC: 12a5a \| Open file (Filename = 'TEST.COM')
2018-12-17T22:44:10.738422066Z	64	PC: 12a66 \| Write file or device (Write 161 bytes on handle 5)
2018-12-17T22:44:10.745442946Z	62	PC: 12a6a \| Close file
2018-12-17T22:44:10.75295008Z	79	PC: 12a86 \| Find next file

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":8126,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:03:32.844408234Z	78	PC: 12a77 \| Find first file
2018-12-25T12:03:32.851681302Z	44	PC: 12ad7 \| Get time 0x12ad7: cmp dh, 0 0x12ada: je 0x12ad3 0x12adc: mov byte ptr [0x154], dh 0x12ae0: ret 0x12ae1: or dl, dl 0x12ae3: je 0x12aec 0x12ae5: mov ah, 2 0x12ae7: int 0x21 0x12ae9: inc bx 0x12aea: jmp 0x12adf 0x12aec: pop cx 0x12aed: pop bx 0x12aee: ret 0x12aef: push ax 0x12af0: mov ax, 0x1213 0x12af3: int 0x2f 0x12af5: inc sp 0x12af6: inc sp 0x12af7: ret 0x12af8: pop ds
2018-12-25T12:03:32.854507574Z	61	PC: 12a5a \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:03:32.861955298Z	64	PC: 12a66 \| Write file or device (Write 161 bytes on handle 5)
2018-12-25T12:03:32.870127294Z	62	PC: 12a6a \| Close file
2018-12-25T12:03:32.897636688Z	79	PC: 12a86 \| Find next file
2018-12-25T12:03:32.90885055Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:32.911389179Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:32.919718843Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:32.928377074Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:32.938380553Z	79	PC: 12a86 \| Find next file (See above)
2018-12-25T12:03:32.942747976Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:32.946077395Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:32.954095118Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:32.962042814Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:32.971377096Z	79	PC: 12a86 \| Find next file (See above)
2018-12-25T12:03:32.974825182Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:32.977963672Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:32.985883483Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:32.993683176Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:33.002664626Z	79	PC: 12a86 \| Find next file (See above)
2018-12-25T12:03:33.00653581Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:33.00891759Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:33.016959649Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:33.031822463Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:33.04072151Z	79	PC: 12a86 \| Find next file (See above)
2018-12-25T12:03:33.04396798Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:33.047435461Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:33.055362612Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:33.062797724Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:33.072478886Z	79	PC: 12a86 \| Find next file (See above)
2018-12-25T12:03:33.076305869Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:33.079302084Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:33.088786069Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:33.096467279Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:33.105529683Z	79	PC: 12a86 \| Find next file (See above)
2018-12-25T12:03:33.108739281Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:33.112473312Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:33.121167802Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:33.125591912Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:33.135312833Z	79	PC: 12a86 \| Find next file (See above)

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":8126,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:03:32.87554985Z	78	PC: 12a77 \| Find first file
2018-12-25T12:03:32.882266044Z	44	PC: 12ad7 \| Get time 0x12ad7: cmp dh, 0 0x12ada: je 0x12ad3 0x12adc: mov byte ptr [0x154], dh 0x12ae0: ret 0x12ae1: or dl, dl 0x12ae3: je 0x12aec 0x12ae5: mov ah, 2 0x12ae7: int 0x21 0x12ae9: inc bx 0x12aea: jmp 0x12adf 0x12aec: pop cx 0x12aed: pop bx 0x12aee: ret 0x12aef: push ax 0x12af0: mov ax, 0x1213 0x12af3: int 0x2f 0x12af5: inc sp 0x12af6: inc sp 0x12af7: ret 0x12af8: pop ds
2018-12-25T12:03:32.884394846Z	61	PC: 12a5a \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:03:32.891293168Z	64	PC: 12a66 \| Write file or device (Write 161 bytes on handle 5)
2018-12-25T12:03:32.90529046Z	62	PC: 12a6a \| Close file
2018-12-25T12:03:32.920142406Z	79	PC: 12a86 \| Find next file
2018-12-25T12:03:32.922820208Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:32.925500553Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:32.93341393Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:32.940765783Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:32.949375201Z	79	PC: 12a86 \| Find next file (See above)
2018-12-25T12:03:32.952465367Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:32.954775494Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:32.961262303Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:32.968042402Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:32.976272065Z	79	PC: 12a86 \| Find next file (See above)
2018-12-25T12:03:32.979086867Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:32.981979694Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:32.987769763Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:32.992041135Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:32.997794722Z	79	PC: 12a86 \| Find next file (See above)
2018-12-25T12:03:32.99960529Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:33.001179308Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:33.005755999Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:33.009714515Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:33.016719342Z	79	PC: 12a86 \| Find next file (See above)
2018-12-25T12:03:33.020242033Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:33.022794965Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:33.029307821Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:33.036610013Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:33.043865609Z	79	PC: 12a86 \| Find next file (See above)
2018-12-25T12:03:33.045745708Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:33.047998977Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:33.055001021Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:33.059168585Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:33.07096441Z	79	PC: 12a86 \| Find next file (See above)
2018-12-25T12:03:33.073832318Z	44	PC: 12ad7 \| Get time (See above)
2018-12-25T12:03:33.076286752Z	61	PC: 12a5a \| Open file (See above)
2018-12-25T12:03:33.084536746Z	64	PC: 12a66 \| Write file or device (See above)
2018-12-25T12:03:33.092005519Z	62	PC: 12a6a \| Close file (See above)
2018-12-25T12:03:33.099991083Z	79	PC: 12a86 \| Find next file (See above)