Sample viewer

vx.netlux.org/Virus.DOS.Andromeda.758

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:59:23.975755408Z	42	PC: 12aec \| Get date 0x12aec: cmp dl, 5 0x12aef: jne 0x12b03 0x12af1: cmp dh, 0xa 0x12af4: jne 0x12b03 0x12af6: mov al, 0 0x12af8: mov cx, 0xd 0x12afb: mov dx, 1 0x12afe: mov bx, 0x100 0x12b01: int 0x26 0x12b03: mov si, 0x1234 0x12b06: mov ah, 0x30 0x12b08: int 0x21 0x12b0a: cmp di, -0x23 0x12b0d: jne 0x12b27 0x12b0f: mov si, 0x3e1 0x12b12: pop bx 0x12b13: push bx 0x12b14: sub bx, 0x103 0x12b18: add si, bx 0x12b1a: mov di, 0x100
2018-12-17T21:59:23.977872224Z	48	PC: 12b0a \| Get DOS version
2018-12-17T21:59:23.979145122Z	38	PC: 12b4a \| Create PSP
2018-12-17T21:59:23.981608754Z	53	PC: 12b7a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:59:23.982816778Z	37	PC: 12b97 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1040,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:42:26.908863758Z	42	PC: 12aec \| Get date 0x12aec: cmp dl, 5 0x12aef: jne 0x12b03 0x12af1: cmp dh, 0xa 0x12af4: jne 0x12b03 0x12af6: mov al, 0 0x12af8: mov cx, 0xd 0x12afb: mov dx, 1 0x12afe: mov bx, 0x100 0x12b01: int 0x26 0x12b03: mov si, 0x1234 0x12b06: mov ah, 0x30 0x12b08: int 0x21 0x12b0a: cmp di, -0x23 0x12b0d: jne 0x12b27 0x12b0f: mov si, 0x3e1 0x12b12: pop bx 0x12b13: push bx 0x12b14: sub bx, 0x103 0x12b18: add si, bx 0x12b1a: mov di, 0x100
2018-12-25T11:42:26.911616144Z	48	PC: 12b0a \| Get DOS version
2018-12-25T11:42:26.912777467Z	38	PC: 12b4a \| Create PSP
2018-12-25T11:42:26.914049484Z	53	PC: 12b7a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:42:26.916141885Z	37	PC: 12b97 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')

{"DateBased":true,"Day":5,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1040,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:42:27.272685639Z	42	PC: 12aec \| Get date 0x12aec: cmp dl, 5 0x12aef: jne 0x12b03 0x12af1: cmp dh, 0xa 0x12af4: jne 0x12b03 0x12af6: mov al, 0 0x12af8: mov cx, 0xd 0x12afb: mov dx, 1 0x12afe: mov bx, 0x100 0x12b01: int 0x26 0x12b03: mov si, 0x1234 0x12b06: mov ah, 0x30 0x12b08: int 0x21 0x12b0a: cmp di, -0x23 0x12b0d: jne 0x12b27 0x12b0f: mov si, 0x3e1 0x12b12: pop bx 0x12b13: push bx 0x12b14: sub bx, 0x103 0x12b18: add si, bx 0x12b1a: mov di, 0x100
2018-12-25T11:42:27.275359392Z	48	PC: 12b0a \| Get DOS version
2018-12-25T11:42:27.27652417Z	38	PC: 12b4a \| Create PSP
2018-12-25T11:42:27.277771999Z	53	PC: 12b7a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:42:27.279279943Z	37	PC: 12b97 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')

{"DateBased":true,"Day":5,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1040,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:42:27.637566515Z	42	PC: 12aec \| Get date 0x12aec: cmp dl, 5 0x12aef: jne 0x12b03 0x12af1: cmp dh, 0xa 0x12af4: jne 0x12b03 0x12af6: mov al, 0 0x12af8: mov cx, 0xd 0x12afb: mov dx, 1 0x12afe: mov bx, 0x100 0x12b01: int 0x26 0x12b03: mov si, 0x1234 0x12b06: mov ah, 0x30 0x12b08: int 0x21 0x12b0a: cmp di, -0x23 0x12b0d: jne 0x12b27 0x12b0f: mov si, 0x3e1 0x12b12: pop bx 0x12b13: push bx 0x12b14: sub bx, 0x103 0x12b18: add si, bx 0x12b1a: mov di, 0x100
2018-12-25T11:42:27.655645759Z	48	PC: 12b0a \| Get DOS version
2018-12-25T11:42:27.656903223Z	38	PC: 12b4a \| Create PSP
2018-12-25T11:42:27.658606127Z	53	PC: 12b7a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:42:27.660626113Z	37	PC: 12b97 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1040,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:42:27.637979899Z	42	PC: 12aec \| Get date 0x12aec: cmp dl, 5 0x12aef: jne 0x12b03 0x12af1: cmp dh, 0xa 0x12af4: jne 0x12b03 0x12af6: mov al, 0 0x12af8: mov cx, 0xd 0x12afb: mov dx, 1 0x12afe: mov bx, 0x100 0x12b01: int 0x26 0x12b03: mov si, 0x1234 0x12b06: mov ah, 0x30 0x12b08: int 0x21 0x12b0a: cmp di, -0x23 0x12b0d: jne 0x12b27 0x12b0f: mov si, 0x3e1 0x12b12: pop bx 0x12b13: push bx 0x12b14: sub bx, 0x103 0x12b18: add si, bx 0x12b1a: mov di, 0x100
2018-12-25T11:42:27.641293113Z	48	PC: 12b0a \| Get DOS version
2018-12-25T11:42:27.643108282Z	38	PC: 12b4a \| Create PSP
2018-12-25T11:42:27.644877872Z	53	PC: 12b7a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:42:27.646334078Z	37	PC: 12b97 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1040,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:42:27.65221113Z	42	PC: 12aec \| Get date 0x12aec: cmp dl, 5 0x12aef: jne 0x12b03 0x12af1: cmp dh, 0xa 0x12af4: jne 0x12b03 0x12af6: mov al, 0 0x12af8: mov cx, 0xd 0x12afb: mov dx, 1 0x12afe: mov bx, 0x100 0x12b01: int 0x26 0x12b03: mov si, 0x1234 0x12b06: mov ah, 0x30 0x12b08: int 0x21 0x12b0a: cmp di, -0x23 0x12b0d: jne 0x12b27 0x12b0f: mov si, 0x3e1 0x12b12: pop bx 0x12b13: push bx 0x12b14: sub bx, 0x103 0x12b18: add si, bx 0x12b1a: mov di, 0x100
2018-12-25T11:42:27.655713259Z	48	PC: 12b0a \| Get DOS version
2018-12-25T11:42:27.657385375Z	38	PC: 12b4a \| Create PSP
2018-12-25T11:42:27.659039096Z	53	PC: 12b7a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:42:27.662447418Z	37	PC: 12b97 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')