Sample viewer

vx.netlux.org/Virus.DOS.DSME.Apex.2685

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:52:03.632867396Z 26 PC: 12ad5 | Set disk transfer address
2018-12-17T22:52:03.635695999Z 78 PC: 12ae2 | Find first file
2018-12-17T22:52:03.643579747Z 61 PC: 12bb2 | Open file (Filename = 'r€îëö€úPr€êOëö´2ÿÍ´2ÿÍP¸ ³ 2ÿ¹')
2018-12-17T22:52:03.650859082Z 63 PC: 12bbd | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:52:03.658009274Z 66 PC: 12bcf | Move file pointer
2018-12-17T22:52:03.682756195Z 64 PC: 12bf6 | Write file or device (Write 2913 bytes on handle 5)
2018-12-17T22:52:03.699233307Z 66 PC: 12c01 | Move file pointer
2018-12-17T22:52:03.700879485Z 64 PC: 12c0b | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:52:03.708897416Z 62 PC: 12c0f | Close file
2018-12-17T22:52:03.718199112Z 42 PC: 12af6 | Get date 0x12af6: cmp dh, 9
0x12af9: jne 0x12afe
0x12afb: call 0x12b09
0x12afe: pop es
0x12aff: push es
0x12b00: pop ds
0x12b01: mov dx, 0x80
0x12b04: mov ah, 0x1a
0x12b06: int 0x21
0x12b08: retf
0x12b09: call 0x12b0f
0x12b0c: jmp 0x12b09
0x12b0e: ret
0x12b0f: mov ah, 1
0x12b11: mov ch, 0x20
0x12b13: int 0x10
0x12b15: mov ax, ds
0x12b17: mov es, ax
0x12b19: mov bp, 0x18e
0x12b1c: mov ah, 0x13
2018-12-17T22:52:03.721998444Z 26 PC: 12b08 | Set disk transfer address

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10759,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:29:10.293250006Z 26 PC: 12ad5 | Set disk transfer address
2018-12-25T12:29:10.294995737Z 78 PC: 12ae2 | Find first file
2018-12-25T12:29:10.301586235Z 61 PC: 12bb2 | Open file (Filename = 'r€îëö€úPr€êOëö´2ÿÍ´2ÿÍP¸ ³ 2ÿ¹')
2018-12-25T12:29:10.308676183Z 63 PC: 12bbd | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:29:10.31502772Z 66 PC: 12bcf | Move file pointer
2018-12-25T12:29:10.340725769Z 64 PC: 12bf6 | Write file or device (Write 2870 bytes on handle 5)
2018-12-25T12:29:10.354035584Z 66 PC: 12c01 | Move file pointer
2018-12-25T12:29:10.355730996Z 64 PC: 12c0b | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:29:10.363838952Z 62 PC: 12c0f | Close file
2018-12-25T12:29:10.372572674Z 42 PC: 12af6 | Get date 0x12af6: cmp dh, 9
0x12af9: jne 0x12afe
0x12afb: call 0x12b09
0x12afe: pop es
0x12aff: push es
0x12b00: pop ds
0x12b01: mov dx, 0x80
0x12b04: mov ah, 0x1a
0x12b06: int 0x21
0x12b08: retf
0x12b09: call 0x12b0f
0x12b0c: jmp 0x12b09
0x12b0e: ret
0x12b0f: mov ah, 1
0x12b11: mov ch, 0x20
0x12b13: int 0x10
0x12b15: mov ax, ds
0x12b17: mov es, ax
0x12b19: mov bp, 0x18e
0x12b1c: mov ah, 0x13

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10759,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:29:10.359513734Z 26 PC: 12ad5 | Set disk transfer address
2018-12-25T12:29:10.360952134Z 78 PC: 12ae2 | Find first file
2018-12-25T12:29:10.367197688Z 61 PC: 12bb2 | Open file (Filename = 'r€îëö€úPr€êOëö´2ÿÍ´2ÿÍP¸ ³ 2ÿ¹')
2018-12-25T12:29:10.373954189Z 63 PC: 12bbd | Read file or device (Read 4 bytes on handle 5)
2018-12-25T12:29:10.380612527Z 66 PC: 12bcf | Move file pointer
2018-12-25T12:29:10.392496357Z 64 PC: 12bf6 | Write file or device (Write 2879 bytes on handle 5)
2018-12-25T12:29:10.408532098Z 66 PC: 12c01 | Move file pointer
2018-12-25T12:29:10.411124961Z 64 PC: 12c0b | Write file or device (Write 4 bytes on handle 5)
2018-12-25T12:29:10.41752517Z 62 PC: 12c0f | Close file
2018-12-25T12:29:10.425396423Z 42 PC: 12af6 | Get date 0x12af6: cmp dh, 9
0x12af9: jne 0x12afe
0x12afb: call 0x12b09
0x12afe: pop es
0x12aff: push es
0x12b00: pop ds
0x12b01: mov dx, 0x80
0x12b04: mov ah, 0x1a
0x12b06: int 0x21
0x12b08: retf
0x12b09: call 0x12b0f
0x12b0c: jmp 0x12b09
0x12b0e: ret
0x12b0f: mov ah, 1
0x12b11: mov ch, 0x20
0x12b13: int 0x10
0x12b15: mov ax, ds
0x12b17: mov es, ax
0x12b19: mov bp, 0x18e
0x12b1c: mov ah, 0x13
2018-12-25T12:29:10.428505808Z 26 PC: 12b08 | Set disk transfer address