Sample viewer

vx.netlux.org/Virus.DOS.Chameleon.dropper

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:46:57.558692499Z 44 PC: 12f2f | Get time 0x12f2f: xor dx, cx
0x12f31: mov word ptr [bp - 0x10], dx
0x12f34: call 0x22d43
0x12f37: mov di, 0x100
0x12f3a: push ds
0x12f3b: pop es
0x12f3c: mov cx, 0x8000
0x12f3f: mov si, 0x5e4
0x12f42: lodsb al, byte ptr [si]
0x12f43: repne scasb al, byte ptr es:[di]
0x12f45: cmp cx, 0
0x12f48: je 0x12f63
0x12f4a: cmp di, 0x5e4
0x12f4e: jge 0x12f63
0x12f50: lodsb al, byte ptr [si]
0x12f51: scasb al, byte ptr es:[di]
0x12f52: jne 0x12f3c
0x12f54: call 0x22d43
0x12f57: mov ax, word ptr [bp - 0x10]
0x12f5a: dec di
2018-12-17T22:46:57.562474875Z 48 PC: 12ab2 | Get DOS version
2018-12-17T22:46:57.564261382Z 47 PC: 12ac0 | Get disk transfer address
2018-12-17T22:46:57.565916321Z 26 PC: 12ad5 | Set disk transfer address
2018-12-17T22:46:57.567520164Z 78 PC: 12b58 | Find first file
2018-12-17T22:46:57.574552807Z 67 PC: 12b97 | Get or set file attributes
2018-12-17T22:46:57.581243858Z 67 PC: 12ba8 | Get or set file attributes
2018-12-17T22:46:57.675892985Z 61 PC: 12bb3 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:46:57.684186877Z 87 PC: 12bc0 | Get or set file date and time
2018-12-17T22:46:57.6860673Z 63 PC: 12bd3 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:46:57.693214068Z 66 PC: 12bef | Move file pointer
2018-12-17T22:46:57.696384525Z 44 PC: 12c1d | Get time 0x12c1d: xor dx, cx
0x12c1f: int3
0x12c20: idiv word ptr [bp + 0x56]
2018-12-17T22:46:57.700676699Z 64 PC: 1303f | Write file or device (Write 1246 bytes on handle 5)
2018-12-17T22:46:57.710738643Z 66 PC: 12cf0 | Move file pointer
2018-12-17T22:46:57.713706419Z 64 PC: 12d01 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:46:57.721184609Z 87 PC: 12d12 | Get or set file date and time
2018-12-17T22:46:57.72326125Z 62 PC: 12d16 | Close file
2018-12-17T22:46:57.732337473Z 67 PC: 12d24 | Get or set file attributes
2018-12-17T22:46:57.743760575Z 26 PC: 12d2f | Set disk transfer address