Sample viewer

vx.netlux.org/Virus.DOS.Asahi.1045

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:53:16.132228835Z 255 PC: 12a45 | UNKNOWN!
2018-12-17T22:53:16.1341636Z 48 PC: 12a4e | Get DOS version
2018-12-17T22:53:16.135642138Z 72 PC: 12b34 | Allocate memory
2018-12-17T22:53:16.138165967Z 42 PC: 12b87 | Get date 0x12b87: cmp al, 0
0x12b89: jne 0x12b9c
0x12b8b: mov ah, 0x2c
0x12b8d: int 0x21
0x12b8f: cmp ch, 9
0x12b92: je 0x12b99
0x12b94: cmp ch, 0x15
0x12b97: jne 0x12b9c
0x12b99: call 0x12bb5
0x12b9c: pop es
0x12b9d: ret
0x12b9e: cli
0x12b9f: xor cx, cx
0x12ba1: mov es, cx
0x12ba3: mov word ptr es:[0x84], 0x292
0x12baa: mov cx, word ptr [0x2d3]
0x12bae: mov word ptr es:[0x86], cx
0x12bb3: sti
0x12bb4: ret
0x12bb5: cli
2018-12-17T22:53:16.14272674Z 9 PC: 12a51 | Display string (String= 'This is a sample!')
2018-12-17T22:53:16.145924323Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11166,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:30:05.649696254Z 255 PC: 12a45 | UNKNOWN!
2018-12-25T12:30:05.650794544Z 48 PC: 12a4e | Get DOS version
2018-12-25T12:30:05.651800222Z 72 PC: 12b34 | Allocate memory
2018-12-25T12:30:05.65376284Z 42 PC: 12b87 | Get date 0x12b87: cmp al, 0
0x12b89: jne 0x12b9c
0x12b8b: mov ah, 0x2c
0x12b8d: int 0x21
0x12b8f: cmp ch, 9
0x12b92: je 0x12b99
0x12b94: cmp ch, 0x15
0x12b97: jne 0x12b9c
0x12b99: call 0x12bb5
0x12b9c: pop es
0x12b9d: ret
0x12b9e: cli
0x12b9f: xor cx, cx
0x12ba1: mov es, cx
0x12ba3: mov word ptr es:[0x84], 0x292
0x12baa: mov cx, word ptr [0x2d3]
0x12bae: mov word ptr es:[0x86], cx
0x12bb3: sti
0x12bb4: ret
0x12bb5: cli
2018-12-25T12:30:05.656751877Z 9 PC: 12a51 | Display string (String= 'This is a sample!')
2018-12-25T12:30:05.6589207Z 76 PC: 12a56 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11166,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:30:05.924207131Z 255 PC: 12a45 | UNKNOWN!
2018-12-25T12:30:05.925834215Z 48 PC: 12a4e | Get DOS version
2018-12-25T12:30:05.92704888Z 72 PC: 12b34 | Allocate memory
2018-12-25T12:30:05.928779664Z 42 PC: 12b87 | Get date 0x12b87: cmp al, 0
0x12b89: jne 0x12b9c
0x12b8b: mov ah, 0x2c
0x12b8d: int 0x21
0x12b8f: cmp ch, 9
0x12b92: je 0x12b99
0x12b94: cmp ch, 0x15
0x12b97: jne 0x12b9c
0x12b99: call 0x12bb5
0x12b9c: pop es
0x12b9d: ret
0x12b9e: cli
0x12b9f: xor cx, cx
0x12ba1: mov es, cx
0x12ba3: mov word ptr es:[0x84], 0x292
0x12baa: mov cx, word ptr [0x2d3]
0x12bae: mov word ptr es:[0x86], cx
0x12bb3: sti
0x12bb4: ret
0x12bb5: cli
2018-12-25T12:30:05.931681592Z 44 PC: 12b8f | Get time 0x12b8f: cmp ch, 9
0x12b92: je 0x12b99
0x12b94: cmp ch, 0x15
0x12b97: jne 0x12b9c
0x12b99: call 0x12bb5
0x12b9c: pop es
0x12b9d: ret
0x12b9e: cli
0x12b9f: xor cx, cx
0x12ba1: mov es, cx
0x12ba3: mov word ptr es:[0x84], 0x292
0x12baa: mov cx, word ptr [0x2d3]
0x12bae: mov word ptr es:[0x86], cx
0x12bb3: sti
0x12bb4: ret
0x12bb5: cli
0x12bb6: xor cx, cx
0x12bb8: mov es, cx
0x12bba: mov word ptr es:[0x20], 0x161
0x12bc1: mov cx, word ptr [0x2d3]
2018-12-25T12:30:05.934025605Z 9 PC: 12a51 | Display string (String= 'This is a sample!')
2018-12-25T12:30:05.935845021Z 76 PC: 12a56 | Terminate with return code (Return code = '0')