Sample viewer

vx.netlux.org/Virus.DOS.Mindless.418

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:44:35.970618711Z 42 PC: 12a58 | Get date 0x12a58: cmp al, 0
0x12a5a: jne 0x12aca
0x12a5c: mov ax, 0x3301
0x12a5f: xor dl, dl
0x12a61: int 0x21
0x12a63: mov cx, 0x46
0x12a66: mov si, 0x218
0x12a69: mov di, 0x25e
0x12a6c: mov al, byte ptr [si]
0x12a6e: mov byte ptr [0x2a4], al
0x12a71: xor byte ptr [0x2a4], 1
0x12a76: mov al, byte ptr [0x2a4]
0x12a79: mov byte ptr [di], al
0x12a7b: inc si
0x12a7c: inc di
0x12a7d: loop 0x12a6c
0x12a7f: cmp byte ptr [0x210], 0x1b
0x12a84: jge 0x12a9d
0x12a86: pushf
0x12a87: mov al, byte ptr [0x210]
2018-12-17T22:44:35.975688402Z 78 PC: 12b0d | Find first file
2018-12-17T22:44:35.980597529Z 67 PC: 12b16 | Get or set file attributes
2018-12-17T22:44:35.987157473Z 67 PC: 12b20 | Get or set file attributes
2018-12-17T22:44:36.004304158Z 61 PC: 12b28 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:44:36.012543928Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:44:36.014095146Z 64 PC: 12b3c | Write file or device (Write 418 bytes on handle 5)
2018-12-17T22:44:36.022050766Z 87 PC: 12b44 | Get or set file date and time
2018-12-17T22:44:36.025836514Z 62 PC: 12b48 | Close file
2018-12-17T22:44:36.034537954Z 79 PC: 12b4c | Find next file
2018-12-17T22:44:36.038118777Z 67 PC: 12b16 | Get or set file attributes
2018-12-17T22:44:36.046175575Z 67 PC: 12b20 | Get or set file attributes
2018-12-17T22:44:36.057613548Z 61 PC: 12b28 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:44:36.065392404Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:44:36.068418476Z 64 PC: 12b3c | Write file or device (Write 418 bytes on handle 5)
2018-12-17T22:44:36.076509204Z 87 PC: 12b44 | Get or set file date and time
2018-12-17T22:44:36.078345548Z 62 PC: 12b48 | Close file
2018-12-17T22:44:36.088226841Z 79 PC: 12b4c | Find next file
2018-12-17T22:44:36.092320004Z 67 PC: 12b16 | Get or set file attributes
2018-12-17T22:44:36.099357569Z 67 PC: 12b20 | Get or set file attributes
2018-12-17T22:44:36.11254878Z 61 PC: 12b28 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:44:36.120660482Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:44:36.12198959Z 64 PC: 12b3c | Write file or device (Write 418 bytes on handle 5)
2018-12-17T22:44:36.129750507Z 87 PC: 12b44 | Get or set file date and time
2018-12-17T22:44:36.132115539Z 62 PC: 12b48 | Close file
2018-12-17T22:44:36.14095131Z 79 PC: 12b4c | Find next file
2018-12-17T22:44:36.144127165Z 67 PC: 12b16 | Get or set file attributes
2018-12-17T22:44:36.152165224Z 67 PC: 12b20 | Get or set file attributes
2018-12-17T22:44:36.163698917Z 61 PC: 12b28 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:44:36.177568685Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:44:36.180460798Z 64 PC: 12b3c | Write file or device (Write 418 bytes on handle 5)
2018-12-17T22:44:36.188589612Z 87 PC: 12b44 | Get or set file date and time
2018-12-17T22:44:36.190671938Z 62 PC: 12b48 | Close file
2018-12-17T22:44:36.200149152Z 79 PC: 12b4c | Find next file
2018-12-17T22:44:36.206509746Z 67 PC: 12b16 | Get or set file attributes
2018-12-17T22:44:36.213114348Z 67 PC: 12b20 | Get or set file attributes
2018-12-17T22:44:36.224140885Z 61 PC: 12b28 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:44:36.232287021Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:44:36.233905752Z 64 PC: 12b3c | Write file or device (Write 418 bytes on handle 5)
2018-12-17T22:44:36.241617659Z 87 PC: 12b44 | Get or set file date and time
2018-12-17T22:44:36.243237974Z 62 PC: 12b48 | Close file
2018-12-17T22:44:36.248199662Z 79 PC: 12b4c | Find next file
2018-12-17T22:44:36.250154052Z 67 PC: 12b16 | Get or set file attributes
2018-12-17T22:44:36.254428665Z 67 PC: 12b20 | Get or set file attributes
2018-12-17T22:44:36.265204578Z 61 PC: 12b28 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:44:36.272670158Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:44:36.275226674Z 64 PC: 12b3c | Write file or device (Write 418 bytes on handle 5)
2018-12-17T22:44:36.283037627Z 87 PC: 12b44 | Get or set file date and time
2018-12-17T22:44:36.28519359Z 62 PC: 12b48 | Close file
2018-12-17T22:44:36.295049856Z 79 PC: 12b4c | Find next file
2018-12-17T22:44:36.298720058Z 67 PC: 12b16 | Get or set file attributes
2018-12-17T22:44:36.309206941Z 67 PC: 12b20 | Get or set file attributes
2018-12-17T22:44:36.318219124Z 61 PC: 12b28 | Open file (Filename = 'PAH.COM')
2018-12-17T22:44:36.325750707Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:44:36.32743492Z 64 PC: 12b3c | Write file or device (Write 418 bytes on handle 5)
2018-12-17T22:44:36.335748795Z 87 PC: 12b44 | Get or set file date and time
2018-12-17T22:44:36.338367872Z 62 PC: 12b48 | Close file
2018-12-17T22:44:36.347196914Z 79 PC: 12b4c | Find next file
2018-12-17T22:44:36.350412158Z 67 PC: 12b16 | Get or set file attributes
2018-12-17T22:44:36.358097597Z 67 PC: 12b20 | Get or set file attributes
2018-12-17T22:44:36.372635186Z 61 PC: 12b28 | Open file (Filename = 'TEST.COM')
2018-12-17T22:44:36.380121933Z 87 PC: 12b30 | Get or set file date and time
2018-12-17T22:44:36.382530426Z 64 PC: 12b3c | Write file or device (Write 418 bytes on handle 5)
2018-12-17T22:44:36.39067847Z 87 PC: 12b44 | Get or set file date and time
2018-12-17T22:44:36.39244202Z 62 PC: 12b48 | Close file
2018-12-17T22:44:36.401314075Z 79 PC: 12b4c | Find next file

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8271,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:04:00.274494388Z 42 PC: 12a58 | Get date 0x12a58: cmp al, 0
0x12a5a: jne 0x12aca
0x12a5c: mov ax, 0x3301
0x12a5f: xor dl, dl
0x12a61: int 0x21
0x12a63: mov cx, 0x46
0x12a66: mov si, 0x218
0x12a69: mov di, 0x25e
0x12a6c: mov al, byte ptr [si]
0x12a6e: mov byte ptr [0x2a4], al
0x12a71: xor byte ptr [0x2a4], 1
0x12a76: mov al, byte ptr [0x2a4]
0x12a79: mov byte ptr [di], al
0x12a7b: inc si
0x12a7c: inc di
0x12a7d: loop 0x12a6c
0x12a7f: cmp byte ptr [0x210], 0x1b
0x12a84: jge 0x12a9d
0x12a86: pushf
0x12a87: mov al, byte ptr [0x210]
2018-12-25T12:04:00.276651159Z 78 PC: 12b0d | Find first file
2018-12-25T12:04:00.280620444Z 67 PC: 12b16 | Get or set file attributes
2018-12-25T12:04:00.284166083Z 67 PC: 12b20 | Get or set file attributes
2018-12-25T12:04:00.296886432Z 61 PC: 12b28 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:04:00.301510435Z 87 PC: 12b30 | Get or set file date and time
2018-12-25T12:04:00.302517191Z 64 PC: 12b3c | Write file or device (Write 418 bytes on handle 5)
2018-12-25T12:04:00.306736225Z 87 PC: 12b44 | Get or set file date and time
2018-12-25T12:04:00.308154487Z 62 PC: 12b48 | Close file
2018-12-25T12:04:00.31295103Z 79 PC: 12b4c | Find next file
2018-12-25T12:04:00.315797591Z 67 PC: 12b16 | Get or set file attributes (See above)
2018-12-25T12:04:00.322452897Z 67 PC: 12b20 | Get or set file attributes (See above)
2018-12-25T12:04:00.333101357Z 61 PC: 12b28 | Open file (See above)
2018-12-25T12:04:00.346114204Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:04:00.34801913Z 64 PC: 12b3c | Write file or device (See above)
2018-12-25T12:04:00.355437813Z 87 PC: 12b44 | Get or set file date and time (See above)
2018-12-25T12:04:00.357941562Z 62 PC: 12b48 | Close file (See above)
2018-12-25T12:04:00.36647267Z 79 PC: 12b4c | Find next file (See above)
2018-12-25T12:04:00.369220072Z 67 PC: 12b16 | Get or set file attributes (See above)
2018-12-25T12:04:00.375123633Z 67 PC: 12b20 | Get or set file attributes (See above)
2018-12-25T12:04:00.386107855Z 61 PC: 12b28 | Open file (See above)
2018-12-25T12:04:00.393280844Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:04:00.394707171Z 64 PC: 12b3c | Write file or device (See above)
2018-12-25T12:04:00.402477116Z 87 PC: 12b44 | Get or set file date and time (See above)
2018-12-25T12:04:00.40362457Z 62 PC: 12b48 | Close file (See above)
2018-12-25T12:04:00.412072856Z 79 PC: 12b4c | Find next file (See above)
2018-12-25T12:04:00.416039982Z 67 PC: 12b16 | Get or set file attributes (See above)
2018-12-25T12:04:00.422453424Z 67 PC: 12b20 | Get or set file attributes (See above)
2018-12-25T12:04:00.429952079Z 61 PC: 12b28 | Open file (See above)
2018-12-25T12:04:00.437498859Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:04:00.438867287Z 64 PC: 12b3c | Write file or device (See above)
2018-12-25T12:04:00.444699217Z 87 PC: 12b44 | Get or set file date and time (See above)
2018-12-25T12:04:00.446326212Z 62 PC: 12b48 | Close file (See above)
2018-12-25T12:04:00.454654069Z 79 PC: 12b4c | Find next file (See above)
2018-12-25T12:04:00.457482396Z 67 PC: 12b16 | Get or set file attributes (See above)
2018-12-25T12:04:00.469576425Z 67 PC: 12b20 | Get or set file attributes (See above)
2018-12-25T12:04:00.476234109Z 61 PC: 12b28 | Open file (See above)
2018-12-25T12:04:00.483737935Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:04:00.484787286Z 64 PC: 12b3c | Write file or device (See above)
2018-12-25T12:04:00.490126147Z 87 PC: 12b44 | Get or set file date and time (See above)
2018-12-25T12:04:00.491263082Z 62 PC: 12b48 | Close file (See above)
2018-12-25T12:04:00.49615401Z 79 PC: 12b4c | Find next file (See above)
2018-12-25T12:04:00.498478353Z 67 PC: 12b16 | Get or set file attributes (See above)
2018-12-25T12:04:00.502278537Z 67 PC: 12b20 | Get or set file attributes (See above)
2018-12-25T12:04:00.51045547Z 61 PC: 12b28 | Open file (See above)
2018-12-25T12:04:00.519979686Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:04:00.521300651Z 64 PC: 12b3c | Write file or device (See above)
2018-12-25T12:04:00.527596556Z 87 PC: 12b44 | Get or set file date and time (See above)
2018-12-25T12:04:00.529350336Z 62 PC: 12b48 | Close file (See above)
2018-12-25T12:04:00.537880798Z 79 PC: 12b4c | Find next file (See above)
2018-12-25T12:04:00.540434641Z 67 PC: 12b16 | Get or set file attributes (See above)
2018-12-25T12:04:00.546299413Z 67 PC: 12b20 | Get or set file attributes (See above)
2018-12-25T12:04:00.557171912Z 61 PC: 12b28 | Open file (See above)
2018-12-25T12:04:00.564400161Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:04:00.565773888Z 64 PC: 12b3c | Write file or device (See above)
2018-12-25T12:04:00.573416557Z 87 PC: 12b44 | Get or set file date and time (See above)
2018-12-25T12:04:00.574946402Z 62 PC: 12b48 | Close file (See above)
2018-12-25T12:04:00.583100821Z 79 PC: 12b4c | Find next file (See above)
2018-12-25T12:04:00.586161483Z 67 PC: 12b16 | Get or set file attributes (See above)
2018-12-25T12:04:00.598269322Z 67 PC: 12b20 | Get or set file attributes (See above)
2018-12-25T12:04:00.608993803Z 61 PC: 12b28 | Open file (See above)
2018-12-25T12:04:00.6164629Z 87 PC: 12b30 | Get or set file date and time (See above)
2018-12-25T12:04:00.617841921Z 64 PC: 12b3c | Write file or device (See above)
2018-12-25T12:04:00.624878946Z 87 PC: 12b44 | Get or set file date and time (See above)
2018-12-25T12:04:00.626697927Z 62 PC: 12b48 | Close file (See above)
2018-12-25T12:04:00.634630829Z 79 PC: 12b4c | Find next file (See above)

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8271,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:04:00.339125689Z 42 PC: 12a58 | Get date 0x12a58: cmp al, 0
0x12a5a: jne 0x12aca
0x12a5c: mov ax, 0x3301
0x12a5f: xor dl, dl
0x12a61: int 0x21
0x12a63: mov cx, 0x46
0x12a66: mov si, 0x218
0x12a69: mov di, 0x25e
0x12a6c: mov al, byte ptr [si]
0x12a6e: mov byte ptr [0x2a4], al
0x12a71: xor byte ptr [0x2a4], 1
0x12a76: mov al, byte ptr [0x2a4]
0x12a79: mov byte ptr [di], al
0x12a7b: inc si
0x12a7c: inc di
0x12a7d: loop 0x12a6c
0x12a7f: cmp byte ptr [0x210], 0x1b
0x12a84: jge 0x12a9d
0x12a86: pushf
0x12a87: mov al, byte ptr [0x210]
2018-12-25T12:04:00.34164758Z 51 PC: 12a63 | Get or set Ctrl-Break
2018-12-25T12:04:00.36112137Z 2 PC: 12aa1 | Character output (Char = '2c')
2018-12-25T12:04:00.362952364Z 43 PC: 12ab2 | Set date
2018-12-25T12:04:00.364268697Z 45 PC: 12abc | Set time
2018-12-25T12:04:00.367070722Z 51 PC: 12ac3 | Get or set Ctrl-Break
2018-12-25T12:04:00.367719026Z 76 PC: 12ac8 | Terminate with return code (Return code = '0')