Sample viewer

vx.netlux.org/Virus.DOS.Virogen.Offspring.1555

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:52:35.158853533Z	42	PC: 12a99 \| Get date 0x12a99: cmp dl, 9 0x12a9c: jne 0x12ad4 0x12a9e: mov ah, 9 0x12aa0: lea dx, word ptr [bp + 0x677] 0x12aa4: int 0x21 0x12aa6: xor ax, ax 0x12aa8: mov es, ax 0x12aaa: mov dx, 0xaaaa 0x12aad: mov word ptr es:[0x416], dx 0x12ab2: ror dx, 1 0x12ab4: mov cx, 0x101 0x12ab7: mov ah, 5 0x12ab9: int 0x16 0x12abb: mov ah, 0x10 0x12abd: int 0x16 0x12abf: int 5 0x12ac1: mov ax, 0xa07 0x12ac4: xor bh, bh 0x12ac6: mov cx, 1 0x12ac9: int 0x10
2018-12-17T22:52:35.161318271Z	125	PC: 12ad8 \| UNKNOWN!

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10934,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:29:39.084293855Z	42	PC: 12a99 \| Get date 0x12a99: cmp dl, 9 0x12a9c: jne 0x12ad4 0x12a9e: mov ah, 9 0x12aa0: lea dx, word ptr [bp + 0x677] 0x12aa4: int 0x21 0x12aa6: xor ax, ax 0x12aa8: mov es, ax 0x12aaa: mov dx, 0xaaaa 0x12aad: mov word ptr es:[0x416], dx 0x12ab2: ror dx, 1 0x12ab4: mov cx, 0x101 0x12ab7: mov ah, 5 0x12ab9: int 0x16 0x12abb: mov ah, 0x10 0x12abd: int 0x16 0x12abf: int 5 0x12ac1: mov ax, 0xa07 0x12ac4: xor bh, bh 0x12ac6: mov cx, 1 0x12ac9: int 0x10
2018-12-25T12:29:39.086749734Z	125	PC: 12ad8 \| UNKNOWN!

{"DateBased":true,"Day":9,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10934,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:29:41.161612236Z	42	PC: 12a99 \| Get date 0x12a99: cmp dl, 9 0x12a9c: jne 0x12ad4 0x12a9e: mov ah, 9 0x12aa0: lea dx, word ptr [bp + 0x677] 0x12aa4: int 0x21 0x12aa6: xor ax, ax 0x12aa8: mov es, ax 0x12aaa: mov dx, 0xaaaa 0x12aad: mov word ptr es:[0x416], dx 0x12ab2: ror dx, 1 0x12ab4: mov cx, 0x101 0x12ab7: mov ah, 5 0x12ab9: int 0x16 0x12abb: mov ah, 0x10 0x12abd: int 0x16 0x12abf: int 5 0x12ac1: mov ax, 0xa07 0x12ac4: xor bh, bh 0x12ac6: mov cx, 1 0x12ac9: int 0x10
2018-12-25T12:29:41.164420968Z	9	PC: 12aa6 \| Display string (String= ' O��spring Virus V0.89')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10934,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:29:42.226862563Z	42	PC: 12a99 \| Get date 0x12a99: cmp dl, 9 0x12a9c: jne 0x12ad4 0x12a9e: mov ah, 9 0x12aa0: lea dx, word ptr [bp + 0x677] 0x12aa4: int 0x21 0x12aa6: xor ax, ax 0x12aa8: mov es, ax 0x12aaa: mov dx, 0xaaaa 0x12aad: mov word ptr es:[0x416], dx 0x12ab2: ror dx, 1 0x12ab4: mov cx, 0x101 0x12ab7: mov ah, 5 0x12ab9: int 0x16 0x12abb: mov ah, 0x10 0x12abd: int 0x16 0x12abf: int 5 0x12ac1: mov ax, 0xa07 0x12ac4: xor bh, bh 0x12ac6: mov cx, 1 0x12ac9: int 0x10
2018-12-25T12:29:42.229929793Z	125	PC: 12ad8 \| UNKNOWN!

{"DateBased":true,"Day":9,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10934,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:29:42.318088304Z	42	PC: 12a99 \| Get date 0x12a99: cmp dl, 9 0x12a9c: jne 0x12ad4 0x12a9e: mov ah, 9 0x12aa0: lea dx, word ptr [bp + 0x677] 0x12aa4: int 0x21 0x12aa6: xor ax, ax 0x12aa8: mov es, ax 0x12aaa: mov dx, 0xaaaa 0x12aad: mov word ptr es:[0x416], dx 0x12ab2: ror dx, 1 0x12ab4: mov cx, 0x101 0x12ab7: mov ah, 5 0x12ab9: int 0x16 0x12abb: mov ah, 0x10 0x12abd: int 0x16 0x12abf: int 5 0x12ac1: mov ax, 0xa07 0x12ac4: xor bh, bh 0x12ac6: mov cx, 1 0x12ac9: int 0x10
2018-12-25T12:29:42.320703544Z	9	PC: 12aa6 \| Display string (String= ' O��spring Virus V0.89')