Sample viewer

vx.netlux.org/Virus.DOS.Munich.2355

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:58:46.42015878Z 74 PC: 138a6 | Reallocate memory
2018-12-17T21:58:46.422950289Z 26 PC: 138e0 | Set disk transfer address
2018-12-17T21:58:46.424532858Z 78 PC: 138eb | Find first file
2018-12-17T21:58:46.430531763Z 42 PC: 13a41 | Get date 0x13a41: mov bx, dx
0x13a43: mov ax, 0x1f
0x13a46: mul bh
0x13a48: xor bh, bh
0x13a4a: add ax, bx
0x13a4c: add ax, 5
0x13a4f: mov bh, 0x1f
0x13a51: div bh
0x13a53: mov byte ptr [0x6bb], ah
0x13a57: cmp al, 0xc
0x13a59: ja 0x13a60
0x13a5b: mov byte ptr [0x6ba], al
0x13a5e: jmp 0x13a6b
0x13a60: mov byte ptr [0x6ba], 1
0x13a65: nop
0x13a66: inc cx
0x13a67: mov word ptr [0x6b8], cx
0x13a6b: call 0x13a7e
0x13a6e: or byte ptr [0x64d], 1
0x13a73: nop
2018-12-17T21:58:46.433512367Z 67 PC: 13c9f | Get or set file attributes
2018-12-17T21:58:46.439384925Z 67 PC: 13cac | Get or set file attributes
2018-12-17T21:58:46.455681193Z 61 PC: 13cb2 | Open file (Filename = '��L�!�')
2018-12-17T21:58:46.462853249Z 87 PC: 13cc2 | Get or set file date and time
2018-12-17T21:58:46.46433225Z 66 PC: 13c1a | Move file pointer
2018-12-17T21:58:46.465611118Z 44 PC: 13dff | Get time 0x13dff: mov al, 0x3c
0x13e01: mul cl
0x13e03: push dx
0x13e04: mov dl, dh
0x13e06: mov dh, 0
0x13e08: add ax, dx
0x13e0a: pop dx
0x13e0b: xor dh, dh
0x13e0d: add ax, dx
0x13e0f: add byte ptr [0x75f], 0xb
0x13e14: xor ah, ah
0x13e16: xor al, byte ptr [0x75f]
0x13e1a: div bl
0x13e1c: mov al, ah
0x13e1e: ret
0x13e1f: mov bx, cx
0x13e21: xor al, al
0x13e23: mov dx, bx
0x13e25: and dx, 0xf800
0x13e29: mov cl, 3
2018-12-17T21:58:46.468626616Z 44 PC: 13dff | Get time 0x13dff: mov al, 0x3c
0x13e01: mul cl
0x13e03: push dx
0x13e04: mov dl, dh
0x13e06: mov dh, 0
0x13e08: add ax, dx
0x13e0a: pop dx
0x13e0b: xor dh, dh
0x13e0d: add ax, dx
0x13e0f: add byte ptr [0x75f], 0xb
0x13e14: xor ah, ah
0x13e16: xor al, byte ptr [0x75f]
0x13e1a: div bl
0x13e1c: mov al, ah
0x13e1e: ret
0x13e1f: mov bx, cx
0x13e21: xor al, al
0x13e23: mov dx, bx
0x13e25: and dx, 0xf800
0x13e29: mov cl, 3
2018-12-17T21:58:46.471407123Z 64 PC: 13c62 | Write file or device (Write 2355 bytes on handle 5)
2018-12-17T21:58:46.479083247Z 87 PC: 13ce1 | Get or set file date and time
2018-12-17T21:58:46.481287639Z 67 PC: 13cf0 | Get or set file attributes
2018-12-17T21:58:46.492038487Z 62 PC: 13cf9 | Close file
2018-12-17T21:58:46.499813077Z 71 PC: 13adc | Get current directory
2018-12-17T21:58:46.504351319Z 71 PC: 13ae8 | Get current directory
2018-12-17T21:58:46.50766122Z 44 PC: 13dff | Get time 0x13dff: mov al, 0x3c
0x13e01: mul cl
0x13e03: push dx
0x13e04: mov dl, dh
0x13e06: mov dh, 0
0x13e08: add ax, dx
0x13e0a: pop dx
0x13e0b: xor dh, dh
0x13e0d: add ax, dx
0x13e0f: add byte ptr [0x75f], 0xb
0x13e14: xor ah, ah
0x13e16: xor al, byte ptr [0x75f]
0x13e1a: div bl
0x13e1c: mov al, ah
0x13e1e: ret
0x13e1f: mov bx, cx
0x13e21: xor al, al
0x13e23: mov dx, bx
0x13e25: and dx, 0xf800
0x13e29: mov cl, 3
2018-12-17T21:58:46.509837247Z 78 PC: 13d7f | Find first file
2018-12-17T21:58:46.515941404Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.519502177Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.523079753Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.526300823Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.530210378Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.53298458Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.536139347Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.540182792Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.542874374Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.545552568Z 78 PC: 13d7f | Find first file
2018-12-17T21:58:46.556888478Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.560708124Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.564207975Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.567543803Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.570245309Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.572851797Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.576525021Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.579259648Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.581753438Z 44 PC: 13dff | Get time 0x13dff: mov al, 0x3c
0x13e01: mul cl
0x13e03: push dx
0x13e04: mov dl, dh
0x13e06: mov dh, 0
0x13e08: add ax, dx
0x13e0a: pop dx
0x13e0b: xor dh, dh
0x13e0d: add ax, dx
0x13e0f: add byte ptr [0x75f], 0xb
0x13e14: xor ah, ah
0x13e16: xor al, byte ptr [0x75f]
0x13e1a: div bl
0x13e1c: mov al, ah
0x13e1e: ret
0x13e1f: mov bx, cx
0x13e21: xor al, al
0x13e23: mov dx, bx
0x13e25: and dx, 0xf800
0x13e29: mov cl, 3
2018-12-17T21:58:46.585144428Z 67 PC: 13c9f | Get or set file attributes
2018-12-17T21:58:46.590658288Z 67 PC: 13cac | Get or set file attributes
2018-12-17T21:58:46.600028566Z 61 PC: 13cb2 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T21:58:46.607354528Z 87 PC: 13cc2 | Get or set file date and time
2018-12-17T21:58:46.609130942Z 63 PC: 13bd4 | Read file or device (Read 18 bytes on handle 5)
2018-12-17T21:58:46.61551173Z 66 PC: 13be9 | Move file pointer
2018-12-17T21:58:46.617454031Z 66 PC: 13c1a | Move file pointer
2018-12-17T21:58:46.619167757Z 44 PC: 13dff | Get time 0x13dff: mov al, 0x3c
0x13e01: mul cl
0x13e03: push dx
0x13e04: mov dl, dh
0x13e06: mov dh, 0
0x13e08: add ax, dx
0x13e0a: pop dx
0x13e0b: xor dh, dh
0x13e0d: add ax, dx
0x13e0f: add byte ptr [0x75f], 0xb
0x13e14: xor ah, ah
0x13e16: xor al, byte ptr [0x75f]
0x13e1a: div bl
0x13e1c: mov al, ah
0x13e1e: ret
0x13e1f: mov bx, cx
0x13e21: xor al, al
0x13e23: mov dx, bx
0x13e25: and dx, 0xf800
0x13e29: mov cl, 3
2018-12-17T21:58:46.621576469Z 44 PC: 13dff | Get time 0x13dff: mov al, 0x3c
0x13e01: mul cl
0x13e03: push dx
0x13e04: mov dl, dh
0x13e06: mov dh, 0
0x13e08: add ax, dx
0x13e0a: pop dx
0x13e0b: xor dh, dh
0x13e0d: add ax, dx
0x13e0f: add byte ptr [0x75f], 0xb
0x13e14: xor ah, ah
0x13e16: xor al, byte ptr [0x75f]
0x13e1a: div bl
0x13e1c: mov al, ah
0x13e1e: ret
0x13e1f: mov bx, cx
0x13e21: xor al, al
0x13e23: mov dx, bx
0x13e25: and dx, 0xf800
0x13e29: mov cl, 3
2018-12-17T21:58:46.624270401Z 64 PC: 13c62 | Write file or device (Write 2355 bytes on handle 5)
2018-12-17T21:58:46.633709134Z 66 PC: 13c7d | Move file pointer
2018-12-17T21:58:46.63527918Z 64 PC: 13c8d | Write file or device (Write 18 bytes on handle 5)
2018-12-17T21:58:46.642010038Z 87 PC: 13ce1 | Get or set file date and time
2018-12-17T21:58:46.644535356Z 67 PC: 13cf0 | Get or set file attributes
2018-12-17T21:58:46.655225809Z 62 PC: 13cf9 | Close file
2018-12-17T21:58:46.666041604Z 78 PC: 13d7f | Find first file
2018-12-17T21:58:46.672849179Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.675807412Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.678698259Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.681877681Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.684461455Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.687143755Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.690544721Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.693037568Z 79 PC: 13d8b | Find next file
2018-12-17T21:58:46.696018987Z 44 PC: 13dff | Get time 0x13dff: mov al, 0x3c
0x13e01: mul cl
0x13e03: push dx
0x13e04: mov dl, dh
0x13e06: mov dh, 0
0x13e08: add ax, dx
0x13e0a: pop dx
0x13e0b: xor dh, dh
0x13e0d: add ax, dx
0x13e0f: add byte ptr [0x75f], 0xb
0x13e14: xor ah, ah
0x13e16: xor al, byte ptr [0x75f]
0x13e1a: div bl
0x13e1c: mov al, ah
0x13e1e: ret
0x13e1f: mov bx, cx
0x13e21: xor al, al
0x13e23: mov dx, bx
0x13e25: and dx, 0xf800
0x13e29: mov cl, 3
2018-12-17T21:58:46.699836782Z 67 PC: 13c9f | Get or set file attributes
2018-12-17T21:58:46.705606255Z 67 PC: 13cac | Get or set file attributes
2018-12-17T21:58:46.715365783Z 61 PC: 13cb2 | Open file (Filename = 'SLEEP.COM')
2018-12-17T21:58:46.724442738Z 87 PC: 13cc2 | Get or set file date and time
2018-12-17T21:58:46.72605473Z 63 PC: 13bd4 | Read file or device (Read 18 bytes on handle 5)
2018-12-17T21:58:46.735376895Z 66 PC: 13be9 | Move file pointer
2018-12-17T21:58:46.737678158Z 66 PC: 13c1a | Move file pointer
2018-12-17T21:58:46.739056611Z 44 PC: 13dff | Get time 0x13dff: mov al, 0x3c
0x13e01: mul cl
0x13e03: push dx
0x13e04: mov dl, dh
0x13e06: mov dh, 0
0x13e08: add ax, dx
0x13e0a: pop dx
0x13e0b: xor dh, dh
0x13e0d: add ax, dx
0x13e0f: add byte ptr [0x75f], 0xb
0x13e14: xor ah, ah
0x13e16: xor al, byte ptr [0x75f]
0x13e1a: div bl
0x13e1c: mov al, ah
0x13e1e: ret
0x13e1f: mov bx, cx
0x13e21: xor al, al
0x13e23: mov dx, bx
0x13e25: and dx, 0xf800
0x13e29: mov cl, 3
2018-12-17T21:58:46.741224829Z 44 PC: 13dff | Get time 0x13dff: mov al, 0x3c
0x13e01: mul cl
0x13e03: push dx
0x13e04: mov dl, dh
0x13e06: mov dh, 0
0x13e08: add ax, dx
0x13e0a: pop dx
0x13e0b: xor dh, dh
0x13e0d: add ax, dx
0x13e0f: add byte ptr [0x75f], 0xb
0x13e14: xor ah, ah
0x13e16: xor al, byte ptr [0x75f]
0x13e1a: div bl
0x13e1c: mov al, ah
0x13e1e: ret
0x13e1f: mov bx, cx
0x13e21: xor al, al
0x13e23: mov dx, bx
0x13e25: and dx, 0xf800
0x13e29: mov cl, 3
2018-12-17T21:58:46.744626479Z 64 PC: 13c62 | Write file or device (Write 2355 bytes on handle 5)
2018-12-17T21:58:46.757266269Z 66 PC: 13c7d | Move file pointer
2018-12-17T21:58:46.758617393Z 64 PC: 13c8d | Write file or device (Write 18 bytes on handle 5)
2018-12-17T21:58:46.765714756Z 87 PC: 13ce1 | Get or set file date and time
2018-12-17T21:58:46.767133512Z 67 PC: 13cf0 | Get or set file attributes
2018-12-17T21:58:46.777441891Z 62 PC: 13cf9 | Close file
2018-12-17T21:58:46.784561006Z 59 PC: 13bb2 | Change current directory
2018-12-17T21:58:46.78850664Z 42 PC: 1391b | Get date 0x1391b: mov word ptr [0x6bc], cx
0x1391f: mov byte ptr [0x6be], dh
0x13923: mov byte ptr [0x6bf], dl
0x13927: lea si, word ptr [0x6bc]
0x1392b: lea di, word ptr [0x6b8]
0x1392f: mov cx, 4
0x13932: cld
0x13933: repe cmpsb byte ptr [si], byte ptr es:[di]
0x13935: jge 0x1393a
0x13937: jmp 0x13a09
0x1393a: cli
0x1393b: mov al, 0x23
0x1393d: mov ah, 0x35
0x1393f: int 0x21
0x13941: mov word ptr [0x92b], bx
0x13945: mov word ptr [0x92d], es
0x13949: push ds
0x1394a: pop es
0x1394b: mov al, 0x23
0x1394d: lea dx, word ptr [0x1eb]
2018-12-17T21:58:46.790644556Z 53 PC: 13941 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:58:46.793057349Z 37 PC: 13955 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:58:46.794388666Z 67 PC: 13c9f | Get or set file attributes
2018-12-17T21:58:46.800234098Z 67 PC: 13cac | Get or set file attributes
2018-12-17T21:58:46.813615626Z 61 PC: 13cb2 | Open file (Filename = '��L�!�')
2018-12-17T21:58:46.82478015Z 87 PC: 13cc2 | Get or set file date and time
2018-12-17T21:58:46.826109867Z 64 PC: 13d25 | Write file or device (Write 18 bytes on handle 5)
2018-12-17T21:58:46.83359731Z 66 PC: 13d35 | Move file pointer
2018-12-17T21:58:46.835017124Z 64 PC: 13d3b | Write file or device (Write 0 bytes on handle 5)
2018-12-17T21:58:46.842999736Z 87 PC: 13ce1 | Get or set file date and time
2018-12-17T21:58:46.845160914Z 67 PC: 13cf0 | Get or set file attributes
2018-12-17T21:58:46.854914157Z 62 PC: 13cf9 | Close file
2018-12-17T21:58:46.861886179Z 44 PC: 13dff | Get time 0x13dff: mov al, 0x3c
0x13e01: mul cl
0x13e03: push dx
0x13e04: mov dl, dh
0x13e06: mov dh, 0
0x13e08: add ax, dx
0x13e0a: pop dx
0x13e0b: xor dh, dh
0x13e0d: add ax, dx
0x13e0f: add byte ptr [0x75f], 0xb
0x13e14: xor ah, ah
0x13e16: xor al, byte ptr [0x75f]
0x13e1a: div bl
0x13e1c: mov al, ah
0x13e1e: ret
0x13e1f: mov bx, cx
0x13e21: xor al, al
0x13e23: mov dx, bx
0x13e25: and dx, 0xf800
0x13e29: mov cl, 3
2018-12-17T21:58:46.865291888Z 9 PC: 139d8 | Display string (String= '�dv�zli �nt a M�nnich Ferenc T�rsas�g! ')