Sample viewer

vx.netlux.org/Virus.DOS.Taiwan.743.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:49:15.696322616Z	25	PC: 12b1e \| Get default drive
2018-12-17T22:49:15.697675879Z	71	PC: 12b2d \| Get current directory
2018-12-17T22:49:15.701632646Z	14	PC: 12b48 \| Set default drive (Drive = 'C')
2018-12-17T22:49:15.707732795Z	59	PC: 12b4f \| Change current directory
2018-12-17T22:49:15.712416093Z	78	PC: 12b59 \| Find first file
2018-12-17T22:49:15.719682885Z	67	PC: 12b82 \| Get or set file attributes
2018-12-17T22:49:16.071240732Z	61	PC: 12b8b \| Open file (Filename = 'COMMAND.COM')
2018-12-17T22:49:16.078662688Z	63	PC: 12b97 \| Read file or device (Read 743 bytes on handle 5)
2018-12-17T22:49:16.087871553Z	66	PC: 12ba3 \| Move file pointer
2018-12-17T22:49:16.089746311Z	64	PC: 12bad \| Write file or device (Write 743 bytes on handle 5)
2018-12-17T22:49:16.097806485Z	66	PC: 12bb9 \| Move file pointer
2018-12-17T22:49:16.10133772Z	64	PC: 12bc3 \| Write file or device (Write 743 bytes on handle 5)
2018-12-17T22:49:16.112620124Z	87	PC: 12bd4 \| Get or set file date and time
2018-12-17T22:49:16.114906126Z	67	PC: 12be1 \| Get or set file attributes
2018-12-17T22:49:16.120270727Z	62	PC: 12be5 \| Close file
2018-12-17T22:49:16.129672389Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:49:16.132635601Z	78	PC: 12c03 \| Find first file
2018-12-17T22:49:16.138598767Z	59	PC: 12c1b \| Change current directory
2018-12-17T22:49:16.145824228Z	78	PC: 12b59 \| Find first file
2018-12-17T22:49:16.156328987Z	67	PC: 12b82 \| Get or set file attributes
2018-12-17T22:49:16.166833832Z	61	PC: 12b8b \| Open file (Filename = 'EDIT.COM')
2018-12-17T22:49:16.175331848Z	63	PC: 12b97 \| Read file or device (Read 743 bytes on handle 5)
2018-12-17T22:49:16.181776118Z	66	PC: 12ba3 \| Move file pointer
2018-12-17T22:49:16.18332523Z	64	PC: 12bad \| Write file or device (Write 743 bytes on handle 5)
2018-12-17T22:49:16.191327811Z	66	PC: 12bb9 \| Move file pointer
2018-12-17T22:49:16.193695189Z	64	PC: 12bc3 \| Write file or device (Write 743 bytes on handle 5)
2018-12-17T22:49:16.201048221Z	87	PC: 12bd4 \| Get or set file date and time
2018-12-17T22:49:16.20388954Z	67	PC: 12be1 \| Get or set file attributes
2018-12-17T22:49:16.209100581Z	62	PC: 12be5 \| Close file
2018-12-17T22:49:16.216609987Z	79	PC: 12bf4 \| Find next file
2018-12-17T22:49:16.221336169Z	67	PC: 12b82 \| Get or set file attributes
2018-12-17T22:49:16.232222458Z	61	PC: 12b8b \| Open file (Filename = 'FORMAT.COM')
2018-12-17T22:49:16.239982575Z	63	PC: 12b97 \| Read file or device (Read 743 bytes on handle 5)
2018-12-17T22:49:16.247271807Z	66	PC: 12ba3 \| Move file pointer
2018-12-17T22:49:16.249878219Z	64	PC: 12bad \| Write file or device (Write 743 bytes on handle 5)
2018-12-17T22:49:16.257830783Z	66	PC: 12bb9 \| Move file pointer
2018-12-17T22:49:16.259380866Z	64	PC: 12bc3 \| Write file or device (Write 743 bytes on handle 5)
2018-12-17T22:49:16.268606362Z	87	PC: 12bd4 \| Get or set file date and time
2018-12-17T22:49:16.271030807Z	67	PC: 12be1 \| Get or set file attributes
2018-12-17T22:49:16.275797743Z	62	PC: 12be5 \| Close file
2018-12-17T22:49:16.284029767Z	42	PC: 12c62 \| Get date 0x12c62: cmp dl, 8 0x12c65: jne 0x12c92 0x12c67: mov byte ptr [0x148], 1 0x12c6c: mov al, byte ptr [0x143] 0x12c6f: mov cx, 0xa0 0x12c72: mov dx, 0 0x12c75: mov bx, 0 0x12c78: int 0x26 0x12c7a: popf 0x12c7b: cmp byte ptr [0x142], 2 0x12c80: jne 0x12ca1 0x12c82: mov al, 3 0x12c84: mov cx, 0xa0 0x12c87: mov dx, 0 0x12c8a: mov bx, 0 0x12c8d: int 0x26 0x12c8f: popf 0x12c90: jmp 0x12ca1 0x12c92: mov ah, 0xe 0x12c94: mov dl, byte ptr [0x114]
2018-12-17T22:49:16.287495263Z	14	PC: 12c9a \| Set default drive (Drive = 'A')
2018-12-17T22:49:16.2891531Z	59	PC: 12ca1 \| Change current directory
2018-12-17T22:49:16.296157348Z	9	PC: 12d2e \| Display string (Could not find end pointer)

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9832,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:23:52.65161829Z	25	PC: 12b1e \| Get default drive
2018-12-25T12:23:52.653489779Z	71	PC: 12b2d \| Get current directory
2018-12-25T12:23:52.656863417Z	14	PC: 12b48 \| Set default drive (Drive = 'C')
2018-12-25T12:23:52.658685429Z	59	PC: 12b4f \| Change current directory
2018-12-25T12:23:52.664004788Z	78	PC: 12b59 \| Find first file
2018-12-25T12:23:52.671071444Z	67	PC: 12b82 \| Get or set file attributes
2018-12-25T12:23:53.012953465Z	61	PC: 12b8b \| Open file (Filename = 'COMMAND.COM')
2018-12-25T12:23:53.020373508Z	63	PC: 12b97 \| Read file or device (Read 743 bytes on handle 5)
2018-12-25T12:23:53.027689478Z	66	PC: 12ba3 \| Move file pointer
2018-12-25T12:23:53.028979509Z	64	PC: 12bad \| Write file or device (Write 743 bytes on handle 5)
2018-12-25T12:23:53.037062847Z	66	PC: 12bb9 \| Move file pointer
2018-12-25T12:23:53.039551111Z	64	PC: 12bc3 \| Write file or device (Write 743 bytes on handle 5)
2018-12-25T12:23:53.050065259Z	87	PC: 12bd4 \| Get or set file date and time
2018-12-25T12:23:53.051834361Z	67	PC: 12be1 \| Get or set file attributes
2018-12-25T12:23:53.058067257Z	62	PC: 12be5 \| Close file
2018-12-25T12:23:53.067004461Z	79	PC: 12bf4 \| Find next file
2018-12-25T12:23:53.069673608Z	78	PC: 12c03 \| Find first file
2018-12-25T12:23:53.075896975Z	59	PC: 12c1b \| Change current directory
2018-12-25T12:23:53.082925334Z	78	PC: 12b59 \| Find first file (See above)
2018-12-25T12:23:53.092427388Z	67	PC: 12b82 \| Get or set file attributes (See above)
2018-12-25T12:23:53.102555279Z	61	PC: 12b8b \| Open file (See above)
2018-12-25T12:23:53.111471026Z	63	PC: 12b97 \| Read file or device (See above)
2018-12-25T12:23:53.118110794Z	66	PC: 12ba3 \| Move file pointer (See above)
2018-12-25T12:23:53.120134062Z	64	PC: 12bad \| Write file or device (See above)
2018-12-25T12:23:53.129281961Z	66	PC: 12bb9 \| Move file pointer (See above)
2018-12-25T12:23:53.130902659Z	64	PC: 12bc3 \| Write file or device (See above)
2018-12-25T12:23:53.138628447Z	87	PC: 12bd4 \| Get or set file date and time (See above)
2018-12-25T12:23:53.141658984Z	67	PC: 12be1 \| Get or set file attributes (See above)
2018-12-25T12:23:53.146450188Z	62	PC: 12be5 \| Close file (See above)
2018-12-25T12:23:53.153896938Z	79	PC: 12bf4 \| Find next file (See above)
2018-12-25T12:23:53.158523278Z	67	PC: 12b82 \| Get or set file attributes (See above)
2018-12-25T12:23:53.169160975Z	61	PC: 12b8b \| Open file (See above)
2018-12-25T12:23:53.17707651Z	63	PC: 12b97 \| Read file or device (See above)
2018-12-25T12:23:53.185543107Z	66	PC: 12ba3 \| Move file pointer (See above)
2018-12-25T12:23:53.187273506Z	64	PC: 12bad \| Write file or device (See above)
2018-12-25T12:23:53.196122518Z	66	PC: 12bb9 \| Move file pointer (See above)
2018-12-25T12:23:53.197703237Z	64	PC: 12bc3 \| Write file or device (See above)
2018-12-25T12:23:53.207252781Z	87	PC: 12bd4 \| Get or set file date and time (See above)
2018-12-25T12:23:53.209316389Z	67	PC: 12be1 \| Get or set file attributes (See above)
2018-12-25T12:23:53.214477911Z	62	PC: 12be5 \| Close file (See above)
2018-12-25T12:23:53.224396944Z	42	PC: 12c62 \| Get date 0x12c62: cmp dl, 8 0x12c65: jne 0x12c92 0x12c67: mov byte ptr [0x148], 1 0x12c6c: mov al, byte ptr [0x143] 0x12c6f: mov cx, 0xa0 0x12c72: mov dx, 0 0x12c75: mov bx, 0 0x12c78: int 0x26 0x12c7a: popf 0x12c7b: cmp byte ptr [0x142], 2 0x12c80: jne 0x12ca1 0x12c82: mov al, 3 0x12c84: mov cx, 0xa0 0x12c87: mov dx, 0 0x12c8a: mov bx, 0 0x12c8d: int 0x26 0x12c8f: popf 0x12c90: jmp 0x12ca1 0x12c92: mov ah, 0xe 0x12c94: mov dl, byte ptr [0x114]
2018-12-25T12:23:53.22685029Z	14	PC: 12c9a \| Set default drive (Drive = 'A')
2018-12-25T12:23:53.228254934Z	59	PC: 12ca1 \| Change current directory
2018-12-25T12:23:53.236156112Z	9	PC: 12d2e \| Display string (Could not find end pointer)

{"DateBased":true,"Day":8,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9832,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:23:53.001195603Z	25	PC: 12b1e \| Get default drive
2018-12-25T12:23:53.002864883Z	71	PC: 12b2d \| Get current directory
2018-12-25T12:23:53.006261663Z	14	PC: 12b48 \| Set default drive (Drive = 'C')
2018-12-25T12:23:53.007908077Z	59	PC: 12b4f \| Change current directory
2018-12-25T12:23:53.012071707Z	78	PC: 12b59 \| Find first file
2018-12-25T12:23:53.018305334Z	67	PC: 12b82 \| Get or set file attributes
2018-12-25T12:23:53.346295138Z	61	PC: 12b8b \| Open file (Filename = 'COMMAND.COM')
2018-12-25T12:23:53.352897747Z	63	PC: 12b97 \| Read file or device (Read 743 bytes on handle 5)
2018-12-25T12:23:53.360816723Z	66	PC: 12ba3 \| Move file pointer
2018-12-25T12:23:53.362210799Z	64	PC: 12bad \| Write file or device (Write 743 bytes on handle 5)
2018-12-25T12:23:53.368538943Z	66	PC: 12bb9 \| Move file pointer
2018-12-25T12:23:53.3704393Z	64	PC: 12bc3 \| Write file or device (Write 743 bytes on handle 5)
2018-12-25T12:23:53.379881163Z	87	PC: 12bd4 \| Get or set file date and time
2018-12-25T12:23:53.38143988Z	67	PC: 12be1 \| Get or set file attributes
2018-12-25T12:23:53.386346183Z	62	PC: 12be5 \| Close file
2018-12-25T12:23:53.393557734Z	79	PC: 12bf4 \| Find next file
2018-12-25T12:23:53.396171464Z	78	PC: 12c03 \| Find first file
2018-12-25T12:23:53.401929092Z	59	PC: 12c1b \| Change current directory
2018-12-25T12:23:53.407840034Z	78	PC: 12b59 \| Find first file (See above)
2018-12-25T12:23:53.416634654Z	67	PC: 12b82 \| Get or set file attributes (See above)
2018-12-25T12:23:53.427375902Z	61	PC: 12b8b \| Open file (See above)
2018-12-25T12:23:53.434138016Z	63	PC: 12b97 \| Read file or device (See above)
2018-12-25T12:23:53.439832527Z	66	PC: 12ba3 \| Move file pointer (See above)
2018-12-25T12:23:53.44238951Z	64	PC: 12bad \| Write file or device (See above)
2018-12-25T12:23:53.449587699Z	66	PC: 12bb9 \| Move file pointer (See above)
2018-12-25T12:23:53.451036845Z	64	PC: 12bc3 \| Write file or device (See above)
2018-12-25T12:23:53.45920665Z	87	PC: 12bd4 \| Get or set file date and time (See above)
2018-12-25T12:23:53.461060355Z	67	PC: 12be1 \| Get or set file attributes (See above)
2018-12-25T12:23:53.465592446Z	62	PC: 12be5 \| Close file (See above)
2018-12-25T12:23:53.472691458Z	79	PC: 12bf4 \| Find next file (See above)
2018-12-25T12:23:53.476362897Z	67	PC: 12b82 \| Get or set file attributes (See above)
2018-12-25T12:23:53.486944555Z	61	PC: 12b8b \| Open file (See above)
2018-12-25T12:23:53.494465698Z	63	PC: 12b97 \| Read file or device (See above)
2018-12-25T12:23:53.5013218Z	66	PC: 12ba3 \| Move file pointer (See above)
2018-12-25T12:23:53.503234947Z	64	PC: 12bad \| Write file or device (See above)
2018-12-25T12:23:53.51057432Z	66	PC: 12bb9 \| Move file pointer (See above)
2018-12-25T12:23:53.512342634Z	64	PC: 12bc3 \| Write file or device (See above)
2018-12-25T12:23:53.519916301Z	87	PC: 12bd4 \| Get or set file date and time (See above)
2018-12-25T12:23:53.52135508Z	67	PC: 12be1 \| Get or set file attributes (See above)
2018-12-25T12:23:53.525931549Z	62	PC: 12be5 \| Close file (See above)
2018-12-25T12:23:53.532576017Z	42	PC: 12c62 \| Get date 0x12c62: cmp dl, 8 0x12c65: jne 0x12c92 0x12c67: mov byte ptr [0x148], 1 0x12c6c: mov al, byte ptr [0x143] 0x12c6f: mov cx, 0xa0 0x12c72: mov dx, 0 0x12c75: mov bx, 0 0x12c78: int 0x26 0x12c7a: popf 0x12c7b: cmp byte ptr [0x142], 2 0x12c80: jne 0x12ca1 0x12c82: mov al, 3 0x12c84: mov cx, 0xa0 0x12c87: mov dx, 0 0x12c8a: mov bx, 0 0x12c8d: int 0x26 0x12c8f: popf 0x12c90: jmp 0x12ca1 0x12c92: mov ah, 0xe 0x12c94: mov dl, byte ptr [0x114]
2018-12-25T12:23:53.535372333Z	9	PC: 12cea \| Display string (String= 'Greetings from National Central University ! ')
2018-12-25T12:23:53.541367606Z	9	PC: 12cf1 \| Display string (String= 'Is today sunny ? ')
2018-12-25T12:23:53.545580589Z	7	PC: 12cf5 \| Direct console input without echo