Sample viewer

vx.netlux.org/Virus.DOS.Bobo.427

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:51:34.626334737Z 75 PC: 12ae3 | Execute program
2018-12-17T22:51:34.628270513Z 53 PC: 12aed | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:51:34.631646866Z 37 PC: 12b33 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:51:34.633236281Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":10605,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:28:34.8052323Z 75 PC: 12ae3 | Execute program
2018-12-25T12:28:34.808592122Z 53 PC: 12aed | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:28:34.810064864Z 37 PC: 12b33 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:28:34.811482349Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":16,"TimeBased":true,"OriginalID":10605,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:28:35.561770729Z 75 PC: 12ae3 | Execute program
2018-12-25T12:28:35.56329005Z 53 PC: 12aed | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:28:35.564628974Z 37 PC: 12b33 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:28:35.565684743Z 9 PC: 12aa2 | Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')