Sample viewer

vx.netlux.org/Virus.DOS.Stunning.1234

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:50:51.572855441Z 48 PC: 12c81 | Get DOS version
2018-12-17T22:50:51.574493738Z 105 PC: 12c93 | Get or set media id
2018-12-17T22:50:51.579633692Z 53 PC: 12cac | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:50:51.5819755Z 53 PC: 12cc2 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:50:51.583572492Z 42 PC: 12d02 | Get date 0x12d02: xor dh, byte ptr [0x4e0]
0x12d06: je 0x12d15
0x12d08: and dl, 3
0x12d0b: jne 0x12d15
0x12d0d: mov dx, 0x3db
0x12d10: mov ax, 0x2508
0x12d13: int 0x21
0x12d15: mov dx, 0x157
0x12d18: mov ax, 0x2521
0x12d1b: int 0x21
0x12d1d: cmp word ptr cs:[0x1c], -1
0x12d23: jne 0x12d5c
0x12d25: push cs
0x12d26: pop ds
0x12d27: mov dx, 0x113
0x12d2a: mov ah, 9
0x12d2c: int 0x21
0x12d2e: mov ax, 0x4c00
0x12d31: int 0x21
0x12d33: and byte ptr [bp + di + 0x74], dl
2018-12-17T22:50:51.586680496Z 37 PC: 12d1d | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:50:51.587857429Z 9 PC: 12c22 | Display string (Could not find end pointer)
2018-12-17T22:50:51.593089712Z 76 PC: 12c28 | Terminate with return code (Return code = '0')