Sample viewer

vx.netlux.org/Virus.DOS.Sailor.Saturn.4553

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:56:54.207841947Z 24 PC: 12a5b | Reserved
2018-12-17T22:56:54.209413666Z 82 PC: 12a69 | Get DOS internal pointers (SYSVARS)
2018-12-17T22:56:54.211632269Z 53 PC: 12ad2 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:56:54.213202242Z 37 PC: 12ae1 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:56:54.214789101Z 42 PC: 12aea | Get date 0x12aea: cmp dx, 0x90e
0x12aee: jne 0x12af3
0x12af0: call 0x12b57
0x12af3: pop es
0x12af4: pop di
0x12af5: pop ax
0x12af6: push es
0x12af7: pop ds
0x12af8: jmp 0x130de
0x12afb: push bx
0x12afc: popaw
0x12afd: imul bp, word ptr [si + 0x6f], 0x5f72
0x12b02: push bx
0x12b03: popaw
0x12b04: je 0x12b7b
0x12b06: jb 0x12b76
0x12b08: add byte ptr [di], ch
0x12b0a: bound si, dword ptr [bx + si]
0x12b0c: jp 0x12b3e
0x12b0e: das

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12377,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:34.275028833Z 24 PC: 12a5b | Reserved
2018-12-25T12:32:34.276316448Z 82 PC: 12a69 | Get DOS internal pointers (SYSVARS)
2018-12-25T12:32:34.278285869Z 53 PC: 12ad2 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:32:34.279918241Z 37 PC: 12ae1 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:32:34.281519327Z 42 PC: 12aea | Get date 0x12aea: cmp dx, 0x90e
0x12aee: jne 0x12af3
0x12af0: call 0x12b57
0x12af3: pop es
0x12af4: pop di
0x12af5: pop ax
0x12af6: push es
0x12af7: pop ds
0x12af8: jmp 0x130de
0x12afb: push bx
0x12afc: popaw
0x12afd: imul bp, word ptr [si + 0x6f], 0x5f72
0x12b02: push bx
0x12b03: popaw
0x12b04: je 0x12b7b
0x12b06: jb 0x12b76
0x12b08: add byte ptr [di], ch
0x12b0a: bound si, dword ptr [bx + si]
0x12b0c: jp 0x12b3e
0x12b0e: das

{"DateBased":true,"Day":14,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12377,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:32:34.731823812Z 24 PC: 12a5b | Reserved
2018-12-25T12:32:34.733280723Z 82 PC: 12a69 | Get DOS internal pointers (SYSVARS)
2018-12-25T12:32:34.734689939Z 53 PC: 12ad2 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:32:34.735827466Z 37 PC: 12ae1 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:32:34.737143628Z 42 PC: 12aea | Get date 0x12aea: cmp dx, 0x90e
0x12aee: jne 0x12af3
0x12af0: call 0x12b57
0x12af3: pop es
0x12af4: pop di
0x12af5: pop ax
0x12af6: push es
0x12af7: pop ds
0x12af8: jmp 0x130de
0x12afb: push bx
0x12afc: popaw
0x12afd: imul bp, word ptr [si + 0x6f], 0x5f72
0x12b02: push bx
0x12b03: popaw
0x12b04: je 0x12b7b
0x12b06: jb 0x12b76
0x12b08: add byte ptr [di], ch
0x12b0a: bound si, dword ptr [bx + si]
0x12b0c: jp 0x12b3e
0x12b0e: das