Sample viewer

vx.netlux.org/Virus.DOS.Prime.580

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:56:35.820107887Z 37 PC: 12afe | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:56:35.822034403Z 37 PC: 12b02 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:56:35.823449143Z 74 PC: 12b0d | Reallocate memory
2018-12-17T22:56:35.825374792Z 72 PC: 12b14 | Allocate memory
2018-12-17T22:56:35.827950409Z 37 PC: 12b20 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:35.829288232Z 42 PC: 12b24 | Get date 0x12b24: cmp dl, 1
0x12b27: jne 0x12b33
0x12b29: mov ah, 9
0x12b2b: mov dx, 0x133
0x12b2e: int 0x21
0x12b30: call 0x12c49
0x12b33: mov dx, 0x12e
0x12b36: mov ah, 0x4e
0x12b38: int 0x21
0x12b3a: jae 0x12b41
0x12b3c: xor al, al
0x12b3e: out 0x21, al
0x12b40: ret
0x12b41: mov ax, 0x4300
0x12b44: mov dx, 0x9e
0x12b47: int 0x21
0x12b49: push cx
0x12b4a: mov ax, 0x4301
0x12b4d: xor cx, cx
0x12b4f: int 0x21
2018-12-17T22:56:35.831449033Z 78 PC: 12b3a | Find first file
2018-12-17T22:56:35.853181145Z 67 PC: 12b49 | Get or set file attributes
2018-12-17T22:56:35.860382682Z 67 PC: 12b51 | Get or set file attributes

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12271,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:22.251147868Z 37 PC: 12afe | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T12:32:22.25304799Z 37 PC: 12b02 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:32:22.254581559Z 74 PC: 12b0d | Reallocate memory
2018-12-25T12:32:22.256898906Z 72 PC: 12b14 | Allocate memory
2018-12-25T12:32:22.258765848Z 37 PC: 12b20 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:32:22.259950208Z 42 PC: 12b24 | Get date 0x12b24: cmp dl, 1
0x12b27: jne 0x12b33
0x12b29: mov ah, 9
0x12b2b: mov dx, 0x133
0x12b2e: int 0x21
0x12b30: call 0x12c49
0x12b33: mov dx, 0x12e
0x12b36: mov ah, 0x4e
0x12b38: int 0x21
0x12b3a: jae 0x12b41
0x12b3c: xor al, al
0x12b3e: out 0x21, al
0x12b40: ret
0x12b41: mov ax, 0x4300
0x12b44: mov dx, 0x9e
0x12b47: int 0x21
0x12b49: push cx
0x12b4a: mov ax, 0x4301
0x12b4d: xor cx, cx
0x12b4f: int 0x21
2018-12-25T12:32:22.261472444Z 9 PC: 12b30 | Display string (String= 'Prime Evil! (C) Spellbound, Line Noise 1992. Coded in Stockholm, Sweden. Please spell my name right!')
2018-12-25T12:32:22.265724769Z 78 PC: 12b3a | Find first file
2018-12-25T12:32:22.269836246Z 67 PC: 12b49 | Get or set file attributes
2018-12-25T12:32:22.275734117Z 67 PC: 12b51 | Get or set file attributes

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12271,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:22.438998563Z 37 PC: 12afe | Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T12:32:22.440979764Z 37 PC: 12b02 | Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:32:22.442360489Z 74 PC: 12b0d | Reallocate memory
2018-12-25T12:32:22.444062732Z 72 PC: 12b14 | Allocate memory
2018-12-25T12:32:22.446397011Z 37 PC: 12b20 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:32:22.448530684Z 42 PC: 12b24 | Get date 0x12b24: cmp dl, 1
0x12b27: jne 0x12b33
0x12b29: mov ah, 9
0x12b2b: mov dx, 0x133
0x12b2e: int 0x21
0x12b30: call 0x12c49
0x12b33: mov dx, 0x12e
0x12b36: mov ah, 0x4e
0x12b38: int 0x21
0x12b3a: jae 0x12b41
0x12b3c: xor al, al
0x12b3e: out 0x21, al
0x12b40: ret
0x12b41: mov ax, 0x4300
0x12b44: mov dx, 0x9e
0x12b47: int 0x21
0x12b49: push cx
0x12b4a: mov ax, 0x4301
0x12b4d: xor cx, cx
0x12b4f: int 0x21
2018-12-25T12:32:22.450971419Z 78 PC: 12b3a | Find first file
2018-12-25T12:32:22.457359261Z 67 PC: 12b49 | Get or set file attributes
2018-12-25T12:32:22.464395365Z 67 PC: 12b51 | Get or set file attributes