Sample viewer

vx.netlux.org/Virus.DOS.XPEH.3600

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:00:19.346866045Z	42	PC: 13605 \| Get date 0x13605: cmp cx, 0x7c7 0x13609: ja 0x13613 0x1360b: cmp dh, 5 0x1360e: jae 0x13613 0x13610: stc 0x13611: jmp 0x13614 0x13613: clc 0x13614: pop dx 0x13615: pop cx 0x13616: pop ax 0x13617: jb 0x1361d 0x13619: clc 0x1361a: call 0x137cf 0x1361d: pushf 0x1361e: mov ax, 0x7f5 0x13621: push ax 0x13622: mov ax, 0x791 0x13625: push ax 0x13626: push bx 0x13627: call 0x13ac5
2018-12-17T22:00:19.379606847Z	37	PC: 13784 \| Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:00:19.380986483Z	9	PC: 12e26 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1149,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:42:55.843183337Z	42	PC: 13605 \| Get date 0x13605: cmp cx, 0x7c7 0x13609: ja 0x13613 0x1360b: cmp dh, 5 0x1360e: jae 0x13613 0x13610: stc 0x13611: jmp 0x13614 0x13613: clc 0x13614: pop dx 0x13615: pop cx 0x13616: pop ax 0x13617: jb 0x1361d 0x13619: clc 0x1361a: call 0x137cf 0x1361d: pushf 0x1361e: mov ax, 0x7f5 0x13621: push ax 0x13622: mov ax, 0x791 0x13625: push ax 0x13626: push bx 0x13627: call 0x13ac5
2018-12-25T11:42:55.847216368Z	9	PC: 12e26 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1149,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:42:55.862421407Z	42	PC: 13605 \| Get date 0x13605: cmp cx, 0x7c7 0x13609: ja 0x13613 0x1360b: cmp dh, 5 0x1360e: jae 0x13613 0x13610: stc 0x13611: jmp 0x13614 0x13613: clc 0x13614: pop dx 0x13615: pop cx 0x13616: pop ax 0x13617: jb 0x1361d 0x13619: clc 0x1361a: call 0x137cf 0x1361d: pushf 0x1361e: mov ax, 0x7f5 0x13621: push ax 0x13622: mov ax, 0x791 0x13625: push ax 0x13626: push bx 0x13627: call 0x13ac5
2018-12-25T11:42:55.894834533Z	37	PC: 13784 \| Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-25T11:42:55.896830755Z	9	PC: 12e26 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1149,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:42:56.181447939Z	42	PC: 13605 \| Get date 0x13605: cmp cx, 0x7c7 0x13609: ja 0x13613 0x1360b: cmp dh, 5 0x1360e: jae 0x13613 0x13610: stc 0x13611: jmp 0x13614 0x13613: clc 0x13614: pop dx 0x13615: pop cx 0x13616: pop ax 0x13617: jb 0x1361d 0x13619: clc 0x1361a: call 0x137cf 0x1361d: pushf 0x1361e: mov ax, 0x7f5 0x13621: push ax 0x13622: mov ax, 0x791 0x13625: push ax 0x13626: push bx 0x13627: call 0x13ac5
2018-12-25T11:42:56.220792855Z	37	PC: 13784 \| Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-25T11:42:56.222482651Z	9	PC: 12e26 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')