Sample viewer

vx.netlux.org/Virus.DOS.Lyceum.1888

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:57:11.122329024Z	171	PC: 1321f \| UNKNOWN!
2018-12-17T22:57:11.124895051Z	44	PC: 13251 \| Get time 0x13251: cmp dl, 0x32 0x13254: jb 0x13259 0x13256: add si, 0x16 0x13259: mov cx, 0x16 0x1325c: rep movsb byte ptr es:[di], byte ptr [si] 0x1325e: pop si 0x1325f: push es 0x13260: pop ds 0x13261: mov word ptr [0x786], 0 0x13267: mov ax, 0x3508 0x1326a: int 0x21 0x1326c: mov word ptr [0x776], bx 0x13270: mov word ptr [0x778], es 0x13274: mov al, 9 0x13276: int 0x21 0x13278: mov word ptr [0x77a], bx 0x1327c: mov word ptr [0x77c], es 0x13280: mov al, 0x13 0x13282: int 0x21 0x13284: mov word ptr [0x77e], bx
2018-12-17T22:57:11.127703723Z	53	PC: 1326c \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:57:11.129410292Z	53	PC: 13278 \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:57:11.130829225Z	53	PC: 13284 \| Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:57:11.132905632Z	53	PC: 13290 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:57:11.134265994Z	37	PC: 132a0 \| Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:57:11.143587243Z	37	PC: 132a7 \| Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:57:11.146231585Z	37	PC: 132ae \| Set interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:57:11.147756103Z	37	PC: 132b5 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:57:11.149561576Z	9	PC: 131b9 \| Display string (String= 'Virus Loader (C) 1995 by GlukSoft. Original length of this program is 2000 bytes. ')