Sample viewer

vx.netlux.org/Virus.DOS.Sirius.Annihilator.357

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:45:28.631447563Z	26	PC: 15174 \| Set disk transfer address
2018-12-17T22:45:28.633329578Z	78	PC: 15188 \| Find first file
2018-12-17T22:45:28.640814265Z	61	PC: 15195 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:45:28.648055115Z	66	PC: 15259 \| Move file pointer
2018-12-17T22:45:28.649923354Z	62	PC: 151bc \| Close file
2018-12-17T22:45:28.653303502Z	79	PC: 15188 \| Find next file
2018-12-17T22:45:28.656024452Z	61	PC: 15195 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:45:28.662903482Z	66	PC: 15259 \| Move file pointer
2018-12-17T22:45:28.665574418Z	62	PC: 151bc \| Close file
2018-12-17T22:45:28.668050348Z	79	PC: 15188 \| Find next file
2018-12-17T22:45:28.670991923Z	61	PC: 15195 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:45:28.678887923Z	66	PC: 15259 \| Move file pointer
2018-12-17T22:45:28.680943033Z	62	PC: 151bc \| Close file
2018-12-17T22:45:28.683085667Z	79	PC: 15188 \| Find next file
2018-12-17T22:45:28.687382738Z	61	PC: 15195 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:45:28.697252986Z	66	PC: 15259 \| Move file pointer
2018-12-17T22:45:28.698799871Z	62	PC: 151bc \| Close file
2018-12-17T22:45:28.700722331Z	79	PC: 15188 \| Find next file
2018-12-17T22:45:28.704276146Z	61	PC: 15195 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:45:28.711291953Z	66	PC: 15259 \| Move file pointer
2018-12-17T22:45:28.713126769Z	62	PC: 151bc \| Close file
2018-12-17T22:45:28.718796417Z	79	PC: 15188 \| Find next file
2018-12-17T22:45:28.72147063Z	61	PC: 15195 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:45:28.728536801Z	66	PC: 15259 \| Move file pointer
2018-12-17T22:45:28.733960608Z	62	PC: 151bc \| Close file
2018-12-17T22:45:28.736206646Z	79	PC: 15188 \| Find next file
2018-12-17T22:45:28.739214535Z	61	PC: 15195 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:45:28.747720711Z	66	PC: 15259 \| Move file pointer
2018-12-17T22:45:28.749514199Z	62	PC: 151bc \| Close file
2018-12-17T22:45:28.751771228Z	79	PC: 15188 \| Find next file
2018-12-17T22:45:28.755018648Z	61	PC: 15195 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:45:28.771746726Z	66	PC: 15259 \| Move file pointer
2018-12-17T22:45:28.773851068Z	87	PC: 151ac \| Get or set file date and time
2018-12-17T22:45:28.776366141Z	44	PC: 151cc \| Get time 0x151cc: or dx, dx 0x151ce: je 0x151c8 0x151d0: mov word ptr [bp + 0x268], dx 0x151d4: mov ax, 0x4200 0x151d7: call 0x15253 0x151da: mov ah, 0x3f 0x151dc: lea dx, word ptr [bp + 0x213] 0x151e0: mov cx, 3 0x151e3: int 0x21 0x151e5: mov ax, 0x4202 0x151e8: call 0x15253 0x151eb: sub ax, 3 0x151ee: mov word ptr cs:[bp + 0x211], ax 0x151f3: lea si, word ptr [bp + 0x106] 0x151f7: mov di, 0xfb90 0x151fa: mov cx, 0x165 0x151fd: cld 0x151fe: rep movsb byte ptr es:[di], byte ptr [si] 0x15200: mov si, 0xfbad 0x15203: call 0x2515d
2018-12-17T22:45:28.779990909Z	66	PC: 15259 \| Move file pointer
2018-12-17T22:45:28.781617384Z	63	PC: 151e5 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:45:28.784507051Z	66	PC: 15259 \| Move file pointer
2018-12-17T22:45:28.7891544Z	64	PC: 15210 \| Write file or device (Write 357 bytes on handle 5)
2018-12-17T22:45:28.794789984Z	66	PC: 15259 \| Move file pointer
2018-12-17T22:45:28.796948598Z	64	PC: 15221 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:45:28.801347941Z	87	PC: 15228 \| Get or set file date and time
2018-12-17T22:45:28.803100102Z	62	PC: 1522c \| Close file
2018-12-17T22:45:28.821898698Z	42	PC: 15230 \| Get date 0x15230: cmp dh, dl 0x15232: jne 0x15247 0x15234: mov ah, 0x2c 0x15236: int 0x21 0x15238: and dh, 7 0x1523b: jne 0x15247 0x1523d: mov ah, 9 0x1523f: lea dx, word ptr [bp + 0x21c] 0x15243: int 0x21 0x15245: cli 0x15246: hlt 0x15247: mov ah, 0x1a 0x15249: mov dx, 0x80 0x1524c: int 0x21 0x1524e: mov ax, 0x100 0x15251: push ax 0x15252: ret 0x15253: xor cx, cx 0x15255: xor dx, dx 0x15257: int 0x21
2018-12-17T22:45:28.830461721Z	26	PC: 1524e \| Set disk transfer address
2018-12-17T22:45:28.844358451Z	9	PC: 12bb5 \| Display string (String= '')
2018-12-17T22:45:28.847650965Z	9	PC: 12bbc \| Display string (Could not find end pointer)
2018-12-17T22:45:28.859877027Z	76	PC: 12bd2 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8555,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:21:20.732764283Z	26	PC: 15174 \| Set disk transfer address
2018-12-25T12:21:20.733970001Z	78	PC: 15188 \| Find first file
2018-12-25T12:21:20.73783389Z	61	PC: 15195 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:21:20.741773169Z	66	PC: 15259 \| Move file pointer
2018-12-25T12:21:20.743149759Z	62	PC: 151bc \| Close file
2018-12-25T12:21:20.744369065Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:20.745911371Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:20.753447086Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:20.75473095Z	62	PC: 151bc \| Close file (See above)
2018-12-25T12:21:20.75592208Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:20.757913221Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:20.765398155Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:20.766409562Z	62	PC: 151bc \| Close file (See above)
2018-12-25T12:21:20.768031369Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:20.769610659Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:20.773431553Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:20.774636569Z	62	PC: 151bc \| Close file (See above)
2018-12-25T12:21:20.775813595Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:20.777336112Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:20.78154866Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:20.782570949Z	62	PC: 151bc \| Close file (See above)
2018-12-25T12:21:20.783837159Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:20.785725963Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:20.789666377Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:20.790602008Z	62	PC: 151bc \| Close file (See above)
2018-12-25T12:21:20.79207084Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:20.79362367Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:20.797474792Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:20.798682614Z	62	PC: 151bc \| Close file (See above)
2018-12-25T12:21:20.799739487Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:20.801265984Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:20.808677812Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:20.809627949Z	87	PC: 151ac \| Get or set file date and time
2018-12-25T12:21:20.811091642Z	44	PC: 151cc \| Get time 0x151cc: or dx, dx 0x151ce: je 0x151c8 0x151d0: mov word ptr [bp + 0x268], dx 0x151d4: mov ax, 0x4200 0x151d7: call 0x15253 0x151da: mov ah, 0x3f 0x151dc: lea dx, word ptr [bp + 0x213] 0x151e0: mov cx, 3 0x151e3: int 0x21 0x151e5: mov ax, 0x4202 0x151e8: call 0x15253 0x151eb: sub ax, 3 0x151ee: mov word ptr cs:[bp + 0x211], ax 0x151f3: lea si, word ptr [bp + 0x106] 0x151f7: mov di, 0xfb90 0x151fa: mov cx, 0x165 0x151fd: cld 0x151fe: rep movsb byte ptr es:[di], byte ptr [si] 0x15200: mov si, 0xfbad 0x15203: call 0x2515d
2018-12-25T12:21:20.812939457Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:20.814187058Z	63	PC: 151e5 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:21:20.818029491Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:20.819313547Z	64	PC: 15210 \| Write file or device (Write 357 bytes on handle 5)
2018-12-25T12:21:20.823388639Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:20.824227817Z	64	PC: 15221 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:21:20.826229736Z	87	PC: 15228 \| Get or set file date and time
2018-12-25T12:21:20.8271394Z	62	PC: 1522c \| Close file
2018-12-25T12:21:20.929407762Z	42	PC: 15230 \| Get date 0x15230: cmp dh, dl 0x15232: jne 0x15247 0x15234: mov ah, 0x2c 0x15236: int 0x21 0x15238: and dh, 7 0x1523b: jne 0x15247 0x1523d: mov ah, 9 0x1523f: lea dx, word ptr [bp + 0x21c] 0x15243: int 0x21 0x15245: cli 0x15246: hlt 0x15247: mov ah, 0x1a 0x15249: mov dx, 0x80 0x1524c: int 0x21 0x1524e: mov ax, 0x100 0x15251: push ax 0x15252: ret 0x15253: xor cx, cx 0x15255: xor dx, dx 0x15257: int 0x21
2018-12-25T12:21:20.931343395Z	44	PC: 15238 \| Get time 0x15238: and dh, 7 0x1523b: jne 0x15247 0x1523d: mov ah, 9 0x1523f: lea dx, word ptr [bp + 0x21c] 0x15243: int 0x21 0x15245: cli 0x15246: hlt 0x15247: mov ah, 0x1a 0x15249: mov dx, 0x80 0x1524c: int 0x21 0x1524e: mov ax, 0x100 0x15251: push ax 0x15252: ret 0x15253: xor cx, cx 0x15255: xor dx, dx 0x15257: int 0x21 0x15259: ret 0x1525a: jmp 0x17acf 0x1525d: jmp 0x1796d 0x15260: sub ch, byte ptr [0x6f63]
2018-12-25T12:21:20.93320354Z	26	PC: 1524e \| Set disk transfer address
2018-12-25T12:21:20.935090412Z	9	PC: 12bb5 \| Display string (String= '')
2018-12-25T12:21:20.936850504Z	9	PC: 12bbc \| Display string (Could not find end pointer)
2018-12-25T12:21:20.942890509Z	76	PC: 12bd2 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8555,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:21:20.996797139Z	26	PC: 15174 \| Set disk transfer address
2018-12-25T12:21:20.997807101Z	78	PC: 15188 \| Find first file
2018-12-25T12:21:21.00189901Z	61	PC: 15195 \| Open file (Filename = 'SLEEP.COM')
2018-12-25T12:21:21.005704117Z	66	PC: 15259 \| Move file pointer
2018-12-25T12:21:21.006980278Z	62	PC: 151bc \| Close file
2018-12-25T12:21:21.008049355Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:21.009691304Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:21.017283923Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:21.018320251Z	62	PC: 151bc \| Close file (See above)
2018-12-25T12:21:21.019486657Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:21.021486721Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:21.028615719Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:21.029592163Z	62	PC: 151bc \| Close file (See above)
2018-12-25T12:21:21.030987813Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:21.033010573Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:21.037602299Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:21.038927432Z	62	PC: 151bc \| Close file (See above)
2018-12-25T12:21:21.040469828Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:21.042173009Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:21.046353106Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:21.047265305Z	62	PC: 151bc \| Close file (See above)
2018-12-25T12:21:21.048359616Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:21.050117616Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:21.054006159Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:21.054923009Z	62	PC: 151bc \| Close file (See above)
2018-12-25T12:21:21.05638174Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:21.057909214Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:21.06180483Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:21.062945201Z	62	PC: 151bc \| Close file (See above)
2018-12-25T12:21:21.064005183Z	79	PC: 15188 \| Find next file (See above)
2018-12-25T12:21:21.065472071Z	61	PC: 15195 \| Open file (See above)
2018-12-25T12:21:21.069504124Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:21.070341844Z	87	PC: 151ac \| Get or set file date and time
2018-12-25T12:21:21.071196927Z	44	PC: 151cc \| Get time 0x151cc: or dx, dx 0x151ce: je 0x151c8 0x151d0: mov word ptr [bp + 0x268], dx 0x151d4: mov ax, 0x4200 0x151d7: call 0x15253 0x151da: mov ah, 0x3f 0x151dc: lea dx, word ptr [bp + 0x213] 0x151e0: mov cx, 3 0x151e3: int 0x21 0x151e5: mov ax, 0x4202 0x151e8: call 0x15253 0x151eb: sub ax, 3 0x151ee: mov word ptr cs:[bp + 0x211], ax 0x151f3: lea si, word ptr [bp + 0x106] 0x151f7: mov di, 0xfb90 0x151fa: mov cx, 0x165 0x151fd: cld 0x151fe: rep movsb byte ptr es:[di], byte ptr [si] 0x15200: mov si, 0xfbad 0x15203: call 0x2515d
2018-12-25T12:21:21.072874546Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:21.073667866Z	63	PC: 151e5 \| Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:21:21.077517166Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:21.07866273Z	64	PC: 15210 \| Write file or device (Write 357 bytes on handle 5)
2018-12-25T12:21:21.08288296Z	66	PC: 15259 \| Move file pointer (See above)
2018-12-25T12:21:21.083661239Z	64	PC: 15221 \| Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:21:21.085527677Z	87	PC: 15228 \| Get or set file date and time
2018-12-25T12:21:21.087028944Z	62	PC: 1522c \| Close file
2018-12-25T12:21:21.191988386Z	42	PC: 15230 \| Get date 0x15230: cmp dh, dl 0x15232: jne 0x15247 0x15234: mov ah, 0x2c 0x15236: int 0x21 0x15238: and dh, 7 0x1523b: jne 0x15247 0x1523d: mov ah, 9 0x1523f: lea dx, word ptr [bp + 0x21c] 0x15243: int 0x21 0x15245: cli 0x15246: hlt 0x15247: mov ah, 0x1a 0x15249: mov dx, 0x80 0x1524c: int 0x21 0x1524e: mov ax, 0x100 0x15251: push ax 0x15252: ret 0x15253: xor cx, cx 0x15255: xor dx, dx 0x15257: int 0x21
2018-12-25T12:21:21.194534218Z	26	PC: 1524e \| Set disk transfer address
2018-12-25T12:21:21.196618871Z	9	PC: 12bb5 \| Display string (String= '')
2018-12-25T12:21:21.197856326Z	9	PC: 12bbc \| Display string (Could not find end pointer)
2018-12-25T12:21:21.204894998Z	76	PC: 12bd2 \| Terminate with return code (Return code = '0')