Sample viewer

vx.netlux.org/Virus.DOS.Xabaras.1972

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:45:09.282102847Z 44 PC: 12c2d | Get time 0x12c2d: cmp byte ptr [0x106], 0
0x12c32: je 0x12c39
0x12c34: cmp dh, 0xf
0x12c37: jg 0x12c42
0x12c39: cmp dl, 0
0x12c3c: je 0x12c29
0x12c3e: mov byte ptr [0x106], dl
0x12c42: mov byte ptr [0x2de], 0
0x12c47: mov byte ptr [0x2df], 4
0x12c4c: mov byte ptr [0x2e8], 0
0x12c51: mov cx, 0x27
0x12c54: mov dx, 0x1b4
0x12c57: mov ah, 0x4e
0x12c59: int 0x21
0x12c5b: cmp ax, 0x12
0x12c5e: je 0x12c63
0x12c60: call 0x12c85
0x12c63: mov cx, 0x27
0x12c66: mov dx, 0x1e1
0x12c69: mov ah, 0x4e
2018-12-17T22:45:09.292084563Z 78 PC: 12c5b | Find first file
2018-12-17T22:45:09.295711125Z 78 PC: 12c6d | Find first file
2018-12-17T22:45:09.29919261Z 67 PC: 12ca6 | Get or set file attributes
2018-12-17T22:45:09.313197815Z 61 PC: 12cac | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:45:09.319957849Z 63 PC: 12cbb | Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:45:09.323951149Z 62 PC: 12cef | Close file
2018-12-17T22:45:09.325490767Z 61 PC: 12cf8 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:45:09.332805903Z 64 PC: 12a9b | Write file or device (Write 1972 bytes on handle 5)
2018-12-17T22:45:09.338362301Z 87 PC: 12d20 | Get or set file date and time
2018-12-17T22:45:09.340037456Z 62 PC: 12d28 | Close file
2018-12-17T22:45:09.347552743Z 67 PC: 12d35 | Get or set file attributes
2018-12-17T22:45:09.35243758Z 79 PC: 12cdf | Find next file
2018-12-17T22:45:09.356480196Z 67 PC: 12ca6 | Get or set file attributes
2018-12-17T22:45:09.368413159Z 61 PC: 12cac | Open file (Filename = 'PRINT.COM')
2018-12-17T22:45:09.37506139Z 63 PC: 12cbb | Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:45:09.381659138Z 62 PC: 12cef | Close file
2018-12-17T22:45:09.383449662Z 61 PC: 12cf8 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:45:09.396128778Z 64 PC: 12a9b | Write file or device (Write 1972 bytes on handle 5)
2018-12-17T22:45:09.40567338Z 87 PC: 12d20 | Get or set file date and time
2018-12-17T22:45:09.407625956Z 62 PC: 12d28 | Close file
2018-12-17T22:45:09.414978563Z 67 PC: 12d35 | Get or set file attributes
2018-12-17T22:45:09.419474969Z 79 PC: 12cdf | Find next file
2018-12-17T22:45:09.42236237Z 67 PC: 12ca6 | Get or set file attributes
2018-12-17T22:45:09.428830494Z 61 PC: 12cac | Open file (Filename = 'HELLO.COM')
2018-12-17T22:45:09.434108926Z 63 PC: 12cbb | Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:45:09.438538523Z 62 PC: 12cef | Close file
2018-12-17T22:45:09.439979147Z 61 PC: 12cf8 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:45:09.448544997Z 64 PC: 12a9b | Write file or device (Write 1972 bytes on handle 5)
2018-12-17T22:45:09.454854492Z 87 PC: 12d20 | Get or set file date and time
2018-12-17T22:45:09.457010655Z 62 PC: 12d28 | Close file
2018-12-17T22:45:09.464209311Z 67 PC: 12d35 | Get or set file attributes
2018-12-17T22:45:09.468925772Z 79 PC: 12cdf | Find next file
2018-12-17T22:45:09.470629894Z 67 PC: 12ca6 | Get or set file attributes
2018-12-17T22:45:09.477221633Z 61 PC: 12cac | Open file (Filename = 'PHANG.COM')
2018-12-17T22:45:09.483969535Z 63 PC: 12cbb | Read file or device (Read 20 bytes on handle 5)
2018-12-17T22:45:09.490448859Z 62 PC: 12cef | Close file
2018-12-17T22:45:09.492034109Z 61 PC: 12cf8 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:45:09.499232053Z 64 PC: 12a9b | Write file or device (Write 1972 bytes on handle 5)
2018-12-17T22:45:09.507693506Z 87 PC: 12d20 | Get or set file date and time
2018-12-17T22:45:09.508987362Z 62 PC: 12d28 | Close file
2018-12-17T22:45:09.516696394Z 67 PC: 12d35 | Get or set file attributes
2018-12-17T22:45:09.521779518Z 9 PC: 12d4e | Display string (String= 'Access denied')
2018-12-17T22:45:09.523760932Z 76 PC: 12d52 | Terminate with return code (Return code = '36')