Sample viewer

vx.netlux.org/Virus.DOS.Vienna.660

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:51:59.641495295Z	47	PC: 12a6b \| Get disk transfer address
2018-12-17T22:51:59.64343015Z	26	PC: 12a7b \| Set disk transfer address
2018-12-17T22:51:59.644650158Z	42	PC: 12a88 \| Get date 0x12a88: cmp dh, 9 0x12a8b: nop 0x12a8c: je 0x12a90 0x12a8e: jmp 0x12aa5 0x12a90: cmp dl, 0x10 0x12a93: je 0x12a97 0x12a95: jmp 0x12aa5 0x12a97: sub cx, 0x7c7 0x12a9b: mov word ptr [si + 0x8c], cx 0x12a9f: mov al, 1 0x12aa1: mov byte ptr [si + 0x8b], al 0x12aa5: pop si 0x12aa6: push si 0x12aa7: add si, 0x1b 0x12aaa: nop 0x12aab: lodsb al, byte ptr [si] 0x12aac: mov cx, 0x8000 0x12aaf: repne scasb al, byte ptr es:[di] 0x12ab1: mov cx, 4 0x12ab4: lodsb al, byte ptr [si]
2018-12-17T22:51:59.647093154Z	78	PC: 12b1f \| Find first file
2018-12-17T22:51:59.653872973Z	78	PC: 12b1f \| Find first file
2018-12-17T22:51:59.665371894Z	26	PC: 12c45 \| Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10733,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:58.511642366Z	47	PC: 12a6b \| Get disk transfer address
2018-12-25T12:28:58.512876799Z	26	PC: 12a7b \| Set disk transfer address
2018-12-25T12:28:58.514211936Z	42	PC: 12a88 \| Get date 0x12a88: cmp dh, 9 0x12a8b: nop 0x12a8c: je 0x12a90 0x12a8e: jmp 0x12aa5 0x12a90: cmp dl, 0x10 0x12a93: je 0x12a97 0x12a95: jmp 0x12aa5 0x12a97: sub cx, 0x7c7 0x12a9b: mov word ptr [si + 0x8c], cx 0x12a9f: mov al, 1 0x12aa1: mov byte ptr [si + 0x8b], al 0x12aa5: pop si 0x12aa6: push si 0x12aa7: add si, 0x1b 0x12aaa: nop 0x12aab: lodsb al, byte ptr [si] 0x12aac: mov cx, 0x8000 0x12aaf: repne scasb al, byte ptr es:[di] 0x12ab1: mov cx, 4 0x12ab4: lodsb al, byte ptr [si]
2018-12-25T12:28:58.516550666Z	78	PC: 12b1f \| Find first file
2018-12-25T12:28:58.522905856Z	78	PC: 12b1f \| Find first file (See above)
2018-12-25T12:28:58.533847798Z	26	PC: 12c45 \| Set disk transfer address

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10733,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:58.703759185Z	47	PC: 12a6b \| Get disk transfer address
2018-12-25T12:28:58.705150332Z	26	PC: 12a7b \| Set disk transfer address
2018-12-25T12:28:58.706078661Z	42	PC: 12a88 \| Get date 0x12a88: cmp dh, 9 0x12a8b: nop 0x12a8c: je 0x12a90 0x12a8e: jmp 0x12aa5 0x12a90: cmp dl, 0x10 0x12a93: je 0x12a97 0x12a95: jmp 0x12aa5 0x12a97: sub cx, 0x7c7 0x12a9b: mov word ptr [si + 0x8c], cx 0x12a9f: mov al, 1 0x12aa1: mov byte ptr [si + 0x8b], al 0x12aa5: pop si 0x12aa6: push si 0x12aa7: add si, 0x1b 0x12aaa: nop 0x12aab: lodsb al, byte ptr [si] 0x12aac: mov cx, 0x8000 0x12aaf: repne scasb al, byte ptr es:[di] 0x12ab1: mov cx, 4 0x12ab4: lodsb al, byte ptr [si]
2018-12-25T12:28:58.707680602Z	78	PC: 12b1f \| Find first file
2018-12-25T12:28:58.711879249Z	78	PC: 12b1f \| Find first file (See above)
2018-12-25T12:28:58.721084389Z	26	PC: 12c45 \| Set disk transfer address

{"DateBased":true,"Day":16,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10733,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:58.75090648Z	47	PC: 12a6b \| Get disk transfer address
2018-12-25T12:28:58.752985904Z	26	PC: 12a7b \| Set disk transfer address
2018-12-25T12:28:58.754522839Z	42	PC: 12a88 \| Get date 0x12a88: cmp dh, 9 0x12a8b: nop 0x12a8c: je 0x12a90 0x12a8e: jmp 0x12aa5 0x12a90: cmp dl, 0x10 0x12a93: je 0x12a97 0x12a95: jmp 0x12aa5 0x12a97: sub cx, 0x7c7 0x12a9b: mov word ptr [si + 0x8c], cx 0x12a9f: mov al, 1 0x12aa1: mov byte ptr [si + 0x8b], al 0x12aa5: pop si 0x12aa6: push si 0x12aa7: add si, 0x1b 0x12aaa: nop 0x12aab: lodsb al, byte ptr [si] 0x12aac: mov cx, 0x8000 0x12aaf: repne scasb al, byte ptr es:[di] 0x12ab1: mov cx, 4 0x12ab4: lodsb al, byte ptr [si]
2018-12-25T12:28:58.757028954Z	78	PC: 12b1f \| Find first file
2018-12-25T12:28:58.764057419Z	78	PC: 12b1f \| Find first file (See above)
2018-12-25T12:28:58.773477992Z	26	PC: 12c45 \| Set disk transfer address