Sample viewer

vx.netlux.org/Virus.DOS.SSTR.717

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:47:55.903470803Z	47	PC: 21fcb \| Get disk transfer address
2018-12-17T22:47:55.904657773Z	26	PC: 21fdb \| Set disk transfer address
2018-12-17T22:47:55.905562484Z	42	PC: 21e83 \| Get date 0x21e83: cmp cx, 0x7cd 0x21e87: jne 0x21e8f 0x21e89: call 0x21ff2 0x21e8c: jmp 0x21f6e 0x21e8f: lea dx, word ptr [si + 0x36f] 0x21e93: mov cx, 1 0x21e96: mov ah, 0x4e 0x21e98: int 0x21 0x21e9a: jae 0x21ea5 0x21e9c: jmp 0x21f6e 0x21e9f: call 0x21fed 0x21ea2: call 0x21fb9 0x21ea5: mov word ptr [si + 0x386], 0xffff 0x21eab: mov ah, 0x4f 0x21ead: int 0x21 0x21eaf: jae 0x21eb4 0x21eb1: jmp 0x21f6e 0x21eb4: push si 0x21eb5: lea di, word ptr [si + 0x375] 0x21eb9: lea si, word ptr [si + 0x3b2]
2018-12-17T22:47:55.907714032Z	78	PC: 21e9a \| Find first file
2018-12-17T22:47:55.913545917Z	79	PC: 21eaf \| Find next file
2018-12-17T22:47:55.915916032Z	67	PC: 21fad \| Get or set file attributes
2018-12-17T22:47:55.921605185Z	67	PC: 21fb8 \| Get or set file attributes
2018-12-17T22:47:55.938221752Z	61	PC: 21ecf \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:47:55.944969306Z	63	PC: 21ee5 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:47:55.951442717Z	66	PC: 21f02 \| Move file pointer
2018-12-17T22:47:55.952762544Z	62	PC: 21ff1 \| Close file
2018-12-17T22:47:55.954393264Z	67	PC: 21fc6 \| Get or set file attributes
2018-12-17T22:47:55.966720662Z	79	PC: 21eaf \| Find next file
2018-12-17T22:47:55.969474462Z	67	PC: 21fad \| Get or set file attributes
2018-12-17T22:47:55.974836201Z	67	PC: 21fb8 \| Get or set file attributes
2018-12-17T22:47:55.984404274Z	61	PC: 21ecf \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:47:55.990806101Z	63	PC: 21ee5 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:47:55.996820079Z	66	PC: 21f02 \| Move file pointer
2018-12-17T22:47:55.998381954Z	62	PC: 21ff1 \| Close file
2018-12-17T22:47:56.002848432Z	67	PC: 21fc6 \| Get or set file attributes
2018-12-17T22:47:56.012609175Z	79	PC: 21eaf \| Find next file
2018-12-17T22:47:56.01538683Z	67	PC: 21fad \| Get or set file attributes
2018-12-17T22:47:56.026119825Z	67	PC: 21fb8 \| Get or set file attributes
2018-12-17T22:47:56.038369747Z	61	PC: 21ecf \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:47:56.044835448Z	63	PC: 21ee5 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:47:56.051877148Z	66	PC: 21f02 \| Move file pointer
2018-12-17T22:47:56.053496795Z	62	PC: 21ff1 \| Close file
2018-12-17T22:47:56.055415834Z	67	PC: 21fc6 \| Get or set file attributes
2018-12-17T22:47:56.065473749Z	79	PC: 21eaf \| Find next file
2018-12-17T22:47:56.068041764Z	67	PC: 21fad \| Get or set file attributes
2018-12-17T22:47:56.073497236Z	67	PC: 21fb8 \| Get or set file attributes
2018-12-17T22:47:56.083526404Z	61	PC: 21ecf \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:47:56.095067544Z	63	PC: 21ee5 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:47:56.101052424Z	66	PC: 21f02 \| Move file pointer
2018-12-17T22:47:56.102865854Z	62	PC: 21ff1 \| Close file
2018-12-17T22:47:56.104671284Z	67	PC: 21fc6 \| Get or set file attributes
2018-12-17T22:47:56.114387155Z	79	PC: 21eaf \| Find next file
2018-12-17T22:47:56.117484546Z	67	PC: 21fad \| Get or set file attributes
2018-12-17T22:47:56.122901897Z	67	PC: 21fb8 \| Get or set file attributes
2018-12-17T22:47:56.132546129Z	61	PC: 21ecf \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:47:56.139807131Z	63	PC: 21ee5 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:47:56.145953313Z	66	PC: 21f02 \| Move file pointer
2018-12-17T22:47:56.147235535Z	62	PC: 21ff1 \| Close file
2018-12-17T22:47:56.14967924Z	67	PC: 21fc6 \| Get or set file attributes
2018-12-17T22:47:56.162003441Z	79	PC: 21eaf \| Find next file
2018-12-17T22:47:56.16448395Z	67	PC: 21fad \| Get or set file attributes
2018-12-17T22:47:56.171146598Z	67	PC: 21fb8 \| Get or set file attributes
2018-12-17T22:47:56.181150018Z	61	PC: 21ecf \| Open file (Filename = 'PAH.COM')
2018-12-17T22:47:56.18757035Z	63	PC: 21ee5 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:47:56.195022397Z	66	PC: 21f02 \| Move file pointer
2018-12-17T22:47:56.196288644Z	62	PC: 21ff1 \| Close file
2018-12-17T22:47:56.197951954Z	67	PC: 21fc6 \| Get or set file attributes
2018-12-17T22:47:56.208011689Z	79	PC: 21eaf \| Find next file
2018-12-17T22:47:56.210916355Z	67	PC: 21fad \| Get or set file attributes
2018-12-17T22:47:56.223137489Z	67	PC: 21fb8 \| Get or set file attributes
2018-12-17T22:47:56.234769291Z	61	PC: 21ecf \| Open file (Filename = 'TEST.COM')
2018-12-17T22:47:56.238983232Z	63	PC: 21ee5 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:47:56.242876727Z	62	PC: 21ff1 \| Close file
2018-12-17T22:47:56.244595485Z	67	PC: 21fc6 \| Get or set file attributes
2018-12-17T22:47:56.254418883Z	79	PC: 21eaf \| Find next file
2018-12-17T22:47:56.25658768Z	62	PC: 21ff1 \| Close file
2018-12-17T22:47:56.258656148Z	26	PC: 21feb \| Set disk transfer address
2018-12-17T22:47:56.259636052Z	9	PC: 12a85 \| Display string (String= 'S ')
2018-12-17T22:47:56.265362633Z	0	PC: 12a89 \| Program terminate

{"DateBased":true,"Day":1,"Month":1,"Year":1997,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9389,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:22:59.297897761Z	47	PC: 21fcb \| Get disk transfer address
2018-12-25T12:22:59.29942548Z	26	PC: 21fdb \| Set disk transfer address
2018-12-25T12:22:59.300548168Z	42	PC: 21e83 \| Get date 0x21e83: cmp cx, 0x7cd 0x21e87: jne 0x21e8f 0x21e89: call 0x21ff2 0x21e8c: jmp 0x21f6e 0x21e8f: lea dx, word ptr [si + 0x36f] 0x21e93: mov cx, 1 0x21e96: mov ah, 0x4e 0x21e98: int 0x21 0x21e9a: jae 0x21ea5 0x21e9c: jmp 0x21f6e 0x21e9f: call 0x21fed 0x21ea2: call 0x21fb9 0x21ea5: mov word ptr [si + 0x386], 0xffff 0x21eab: mov ah, 0x4f 0x21ead: int 0x21 0x21eaf: jae 0x21eb4 0x21eb1: jmp 0x21f6e 0x21eb4: push si 0x21eb5: lea di, word ptr [si + 0x375] 0x21eb9: lea si, word ptr [si + 0x3b2]
2018-12-25T12:22:59.30381024Z	61	PC: 21ffb \| Open file (Filename = 'GOATF4CO.COM')
2018-12-25T12:22:59.309924257Z	87	PC: 21f8d \| Get or set file date and time
2018-12-25T12:22:59.3112466Z	63	PC: 2200f \| Read file or device (Read 4 bytes on handle 2)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9389,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:22:59.317202044Z	47	PC: 21fcb \| Get disk transfer address
2018-12-25T12:22:59.318408177Z	26	PC: 21fdb \| Set disk transfer address
2018-12-25T12:22:59.319777155Z	42	PC: 21e83 \| Get date 0x21e83: cmp cx, 0x7cd 0x21e87: jne 0x21e8f 0x21e89: call 0x21ff2 0x21e8c: jmp 0x21f6e 0x21e8f: lea dx, word ptr [si + 0x36f] 0x21e93: mov cx, 1 0x21e96: mov ah, 0x4e 0x21e98: int 0x21 0x21e9a: jae 0x21ea5 0x21e9c: jmp 0x21f6e 0x21e9f: call 0x21fed 0x21ea2: call 0x21fb9 0x21ea5: mov word ptr [si + 0x386], 0xffff 0x21eab: mov ah, 0x4f 0x21ead: int 0x21 0x21eaf: jae 0x21eb4 0x21eb1: jmp 0x21f6e 0x21eb4: push si 0x21eb5: lea di, word ptr [si + 0x375] 0x21eb9: lea si, word ptr [si + 0x3b2]
2018-12-25T12:22:59.322811404Z	78	PC: 21e9a \| Find first file
2018-12-25T12:22:59.328733731Z	79	PC: 21eaf \| Find next file
2018-12-25T12:22:59.331539357Z	67	PC: 21fad \| Get or set file attributes
2018-12-25T12:22:59.337905537Z	67	PC: 21fb8 \| Get or set file attributes
2018-12-25T12:22:59.355432475Z	61	PC: 21ecf \| Open file (Filename = 'PRINT.COM')
2018-12-25T12:22:59.363115816Z	63	PC: 21ee5 \| Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:22:59.370845491Z	66	PC: 21f02 \| Move file pointer
2018-12-25T12:22:59.372583203Z	62	PC: 21ff1 \| Close file
2018-12-25T12:22:59.37466074Z	67	PC: 21fc6 \| Get or set file attributes
2018-12-25T12:22:59.385051345Z	79	PC: 21eaf \| Find next file (See above)
2018-12-25T12:22:59.388539638Z	67	PC: 21fad \| Get or set file attributes (See above)
2018-12-25T12:22:59.394370477Z	67	PC: 21fb8 \| Get or set file attributes (See above)
2018-12-25T12:22:59.404579836Z	61	PC: 21ecf \| Open file (See above)
2018-12-25T12:22:59.411975823Z	63	PC: 21ee5 \| Read file or device (See above)
2018-12-25T12:22:59.418250132Z	66	PC: 21f02 \| Move file pointer (See above)
2018-12-25T12:22:59.419624089Z	62	PC: 21ff1 \| Close file (See above)
2018-12-25T12:22:59.423036774Z	67	PC: 21fc6 \| Get or set file attributes (See above)
2018-12-25T12:22:59.435775551Z	79	PC: 21eaf \| Find next file (See above)
2018-12-25T12:22:59.439455645Z	67	PC: 21fad \| Get or set file attributes (See above)
2018-12-25T12:22:59.445823131Z	67	PC: 21fb8 \| Get or set file attributes (See above)
2018-12-25T12:22:59.459503711Z	61	PC: 21ecf \| Open file (See above)
2018-12-25T12:22:59.466334001Z	63	PC: 21ee5 \| Read file or device (See above)
2018-12-25T12:22:59.47398585Z	66	PC: 21f02 \| Move file pointer (See above)
2018-12-25T12:22:59.475708745Z	62	PC: 21ff1 \| Close file (See above)
2018-12-25T12:22:59.477757368Z	67	PC: 21fc6 \| Get or set file attributes (See above)
2018-12-25T12:22:59.489136409Z	79	PC: 21eaf \| Find next file (See above)
2018-12-25T12:22:59.492063425Z	67	PC: 21fad \| Get or set file attributes (See above)
2018-12-25T12:22:59.49854722Z	67	PC: 21fb8 \| Get or set file attributes (See above)
2018-12-25T12:22:59.511258556Z	61	PC: 21ecf \| Open file (See above)
2018-12-25T12:22:59.517726971Z	63	PC: 21ee5 \| Read file or device (See above)
2018-12-25T12:22:59.524711282Z	66	PC: 21f02 \| Move file pointer (See above)
2018-12-25T12:22:59.52682136Z	62	PC: 21ff1 \| Close file (See above)
2018-12-25T12:22:59.52884931Z	67	PC: 21fc6 \| Get or set file attributes (See above)
2018-12-25T12:22:59.539463109Z	79	PC: 21eaf \| Find next file (See above)
2018-12-25T12:22:59.542802357Z	67	PC: 21fad \| Get or set file attributes (See above)
2018-12-25T12:22:59.549028238Z	67	PC: 21fb8 \| Get or set file attributes (See above)
2018-12-25T12:22:59.558951467Z	61	PC: 21ecf \| Open file (See above)
2018-12-25T12:22:59.567195854Z	63	PC: 21ee5 \| Read file or device (See above)
2018-12-25T12:22:59.573688109Z	66	PC: 21f02 \| Move file pointer (See above)
2018-12-25T12:22:59.57540607Z	62	PC: 21ff1 \| Close file (See above)
2018-12-25T12:22:59.578197218Z	67	PC: 21fc6 \| Get or set file attributes (See above)
2018-12-25T12:22:59.588346964Z	79	PC: 21eaf \| Find next file (See above)
2018-12-25T12:22:59.591167749Z	67	PC: 21fad \| Get or set file attributes (See above)
2018-12-25T12:22:59.597521788Z	67	PC: 21fb8 \| Get or set file attributes (See above)
2018-12-25T12:22:59.607225562Z	61	PC: 21ecf \| Open file (See above)
2018-12-25T12:22:59.614081358Z	63	PC: 21ee5 \| Read file or device (See above)
2018-12-25T12:22:59.621038137Z	66	PC: 21f02 \| Move file pointer (See above)
2018-12-25T12:22:59.623766303Z	62	PC: 21ff1 \| Close file (See above)
2018-12-25T12:22:59.626080354Z	67	PC: 21fc6 \| Get or set file attributes (See above)
2018-12-25T12:22:59.637203845Z	79	PC: 21eaf \| Find next file (See above)
2018-12-25T12:22:59.639845172Z	67	PC: 21fad \| Get or set file attributes (See above)
2018-12-25T12:22:59.645374308Z	67	PC: 21fb8 \| Get or set file attributes (See above)
2018-12-25T12:22:59.655786485Z	61	PC: 21ecf \| Open file (See above)
2018-12-25T12:22:59.66303857Z	63	PC: 21ee5 \| Read file or device (See above)
2018-12-25T12:22:59.669347436Z	62	PC: 21ff1 \| Close file (See above)
2018-12-25T12:22:59.671123708Z	67	PC: 21fc6 \| Get or set file attributes (See above)
2018-12-25T12:22:59.681472699Z	79	PC: 21eaf \| Find next file (See above)
2018-12-25T12:22:59.683856113Z	62	PC: 21ff1 \| Close file (See above)
2018-12-25T12:22:59.685335599Z	26	PC: 21feb \| Set disk transfer address
2018-12-25T12:22:59.687883732Z	9	PC: 12a85 \| Display string (String= 'S ')
2018-12-25T12:22:59.693141946Z	0	PC: 12a89 \| Program terminate