Sample viewer

vx.netlux.org/Virus.DOS.Lauren.632

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:44:26.006767873Z	26	PC: 12a7c \| Set disk transfer address
2018-12-17T22:44:26.008386302Z	71	PC: 12a86 \| Get current directory
2018-12-17T22:44:26.010483288Z	53	PC: 12a8b \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:44:26.011591135Z	37	PC: 12a9d \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:44:26.013210774Z	78	PC: 12ab7 \| Find first file
2018-12-17T22:44:26.019773801Z	67	PC: 12b89 \| Get or set file attributes
2018-12-17T22:44:26.025296062Z	67	PC: 12b89 \| Get or set file attributes
2018-12-17T22:44:26.041764463Z	61	PC: 12aff \| Open file (Filename = '')
2018-12-17T22:44:26.048456381Z	63	PC: 12b0b \| Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:44:26.055303707Z	66	PC: 12b80 \| Move file pointer
2018-12-17T22:44:26.057493033Z	64	PC: 12b45 \| Write file or device (Write 632 bytes on handle 5)
2018-12-17T22:44:26.066329205Z	66	PC: 12b80 \| Move file pointer
2018-12-17T22:44:26.067704251Z	64	PC: 12b55 \| Write file or device (Write 7 bytes on handle 5)
2018-12-17T22:44:26.074544172Z	87	PC: 12b66 \| Get or set file date and time
2018-12-17T22:44:26.076454115Z	62	PC: 12b6a \| Close file
2018-12-17T22:44:26.084193975Z	67	PC: 12b89 \| Get or set file attributes
2018-12-17T22:44:26.094422471Z	79	PC: 12ab7 \| Find next file
2018-12-17T22:44:26.097339611Z	67	PC: 12b89 \| Get or set file attributes
2018-12-17T22:44:26.102860674Z	67	PC: 12b89 \| Get or set file attributes
2018-12-17T22:44:26.112392172Z	61	PC: 12aff \| Open file (Filename = '')
2018-12-17T22:44:26.119657245Z	63	PC: 12b0b \| Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:44:26.126245912Z	66	PC: 12b80 \| Move file pointer
2018-12-17T22:44:26.127805372Z	64	PC: 12b45 \| Write file or device (Write 632 bytes on handle 5)
2018-12-17T22:44:26.136376516Z	66	PC: 12b80 \| Move file pointer
2018-12-17T22:44:26.137887094Z	64	PC: 12b55 \| Write file or device (Write 7 bytes on handle 5)
2018-12-17T22:44:26.14420334Z	87	PC: 12b66 \| Get or set file date and time
2018-12-17T22:44:26.146413738Z	62	PC: 12b6a \| Close file
2018-12-17T22:44:26.154477077Z	67	PC: 12b89 \| Get or set file attributes
2018-12-17T22:44:26.164166599Z	79	PC: 12ab7 \| Find next file
2018-12-17T22:44:26.168092786Z	67	PC: 12b89 \| Get or set file attributes
2018-12-17T22:44:26.173777876Z	67	PC: 12b89 \| Get or set file attributes
2018-12-17T22:44:26.18334746Z	61	PC: 12aff \| Open file (Filename = '')
2018-12-17T22:44:26.190224191Z	63	PC: 12b0b \| Read file or device (Read 7 bytes on handle 5)
2018-12-17T22:44:26.19704326Z	66	PC: 12b80 \| Move file pointer
2018-12-17T22:44:26.198685394Z	64	PC: 12b45 \| Write file or device (Write 632 bytes on handle 5)
2018-12-17T22:44:26.20733178Z	66	PC: 12b80 \| Move file pointer
2018-12-17T22:44:26.208959432Z	64	PC: 12b55 \| Write file or device (Write 7 bytes on handle 5)
2018-12-17T22:44:26.215770482Z	87	PC: 12b66 \| Get or set file date and time
2018-12-17T22:44:26.218086356Z	62	PC: 12b6a \| Close file
2018-12-17T22:44:26.22590336Z	67	PC: 12b89 \| Get or set file attributes
2018-12-17T22:44:26.235463375Z	37	PC: 12b9b \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:44:26.236525206Z	26	PC: 12ba6 \| Set disk transfer address
2018-12-17T22:44:26.237809502Z	59	PC: 12bae \| Change current directory
2018-12-17T22:44:26.241555203Z	42	PC: 12bb2 \| Get date 0x12bb2: cmp dx, 0x520 0x12bb6: jne 0x12bc7 0x12bb8: mov ax, 3 0x12bbb: int 0x10 0x12bbd: mov ah, 9 0x12bbf: lea dx, word ptr [bp + 0x2ed] 0x12bc3: int 0x21 0x12bc5: jmp 0x12bc5 0x12bc7: cmp byte ptr cs:[bp + 0x366], 1 0x12bcd: je 0x12bda 0x12bcf: mov bx, 0xfeff 0x12bd2: mov ax, bx 0x12bd4: xor bx, bx 0x12bd6: not ax 0x12bd8: jmp ax 0x12bda: mov word ptr cs:[0x2db], 0x9090 0x12be1: mov word ptr cs:[0x2dd], 0x9090 0x12be8: mov word ptr cs:[0x2df], 0x20cd 0x12bef: mov dx, word ptr cs:[bp + 0x3bf] 0x12bf4: mov ax, word ptr cs:[bp + 0x3c1]