Sample viewer

vx.netlux.org/Virus.DOS.Luri.1216

Time	Syscall Op	Syscall Name
2018-12-17T22:55:22.409029828Z	53	PC: 133c5 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:55:22.41284832Z	37	PC: 133d5 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:55:22.414692278Z	42	PC: 133d9 \| Get date 0x133d9: cmp dx, 0x504 0x133dd: jne 0x133e2 0x133df: jmp 0x1333c 0x133e2: add word ptr [0x106], 0x10 0x133e7: add word ptr [0x10e], 0x10 0x133ec: add word ptr [0x106], bp 0x133f0: add word ptr [0x10e], bp 0x133f4: pop es 0x133f5: pop bp 0x133f6: mov sp, word ptr [0x108] 0x133fa: mov ss, word ptr [0x106] 0x133fe: mov si, word ptr [0x10e] 0x13402: mov di, word ptr [0x10c] 0x13406: push si 0x13407: push di 0x13408: push es 0x13409: pop ds 0x1340a: retf 0x1340b: add dl, bh 0x1340d: cmp ah, 0x3d
2018-12-17T22:55:22.417617159Z	9	PC: 12a4c \| Display string (Could not find end pointer)
2018-12-17T22:55:22.433298313Z	76	PC: 12a51 \| Terminate with return code (Return code = '0')

Time	Syscall Op	Syscall Name
2018-12-25T12:31:27.526993734Z	53	PC: 133c5 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:31:27.542861771Z	37	PC: 133d5 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:31:27.547025693Z	42	PC: 133d9 \| Get date 0x133d9: cmp dx, 0x504 0x133dd: jne 0x133e2 0x133df: jmp 0x1333c 0x133e2: add word ptr [0x106], 0x10 0x133e7: add word ptr [0x10e], 0x10 0x133ec: add word ptr [0x106], bp 0x133f0: add word ptr [0x10e], bp 0x133f4: pop es 0x133f5: pop bp 0x133f6: mov sp, word ptr [0x108] 0x133fa: mov ss, word ptr [0x106] 0x133fe: mov si, word ptr [0x10e] 0x13402: mov di, word ptr [0x10c] 0x13406: push si 0x13407: push di 0x13408: push es 0x13409: pop ds 0x1340a: retf 0x1340b: add dl, bh 0x1340d: cmp ah, 0x3d
2018-12-25T12:31:27.549406259Z	9	PC: 12a4c \| Display string (Could not find end pointer)
2018-12-25T12:31:27.567635129Z	76	PC: 12a51 \| Terminate with return code (Return code = '0')

Time	Syscall Op	Syscall Name
2018-12-25T12:31:27.612329538Z	53	PC: 133c5 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:31:27.614772282Z	37	PC: 133d5 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:31:27.616443961Z	42	PC: 133d9 \| Get date 0x133d9: cmp dx, 0x504 0x133dd: jne 0x133e2 0x133df: jmp 0x1333c 0x133e2: add word ptr [0x106], 0x10 0x133e7: add word ptr [0x10e], 0x10 0x133ec: add word ptr [0x106], bp 0x133f0: add word ptr [0x10e], bp 0x133f4: pop es 0x133f5: pop bp 0x133f6: mov sp, word ptr [0x108] 0x133fa: mov ss, word ptr [0x106] 0x133fe: mov si, word ptr [0x10e] 0x13402: mov di, word ptr [0x10c] 0x13406: push si 0x13407: push di 0x13408: push es 0x13409: pop ds 0x1340a: retf 0x1340b: add dl, bh 0x1340d: cmp ah, 0x3d