Sample viewer

vx.netlux.org/Virus.DOS.V.1125

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:01:20.587515361Z 192 PC: 12db4 | UNKNOWN!
2018-12-17T22:01:20.589287337Z 74 PC: 12df3 | Reallocate memory
2018-12-17T22:01:20.591218119Z 72 PC: 12dfa | Allocate memory
2018-12-17T22:01:20.593871209Z 53 PC: 9ee7b | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:01:20.596430536Z 37 PC: 9ee8b | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:01:20.598798312Z 42 PC: 9ee99 | Get date 0x9ee99: cmp al, 0
0x9ee9b: jne 0x9eeb2
0x9ee9d: mov ax, 0x351c
0x9eea0: int 0x21
0x9eea2: mov word ptr [0x202], bx
0x9eea6: mov word ptr [0x204], es
0x9eeaa: mov ax, 0x251c
0x9eead: mov dx, 0x390
0x9eeb0: int 0x21
0x9eeb2: pop ds
0x9eeb3: pop es
0x9eeb4: retf
0x9eeb5: add byte ptr [bx + si], al
0x9eeb7: add byte ptr [bx + si], al
0x9eeb9: add byte ptr [bx + si], al
0x9eebb: add byte ptr [bx + si], al
0x9eebd: add byte ptr [bx + si], al
0x9eebf: add byte ptr [bx + si], al
0x9eec1: add byte ptr [bx + si], al
0x9eec3: add byte ptr [bx + si], al

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1265,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:43:05.165792119Z 192 PC: 12db4 | UNKNOWN!
2018-12-25T11:43:05.167662487Z 74 PC: 12df3 | Reallocate memory
2018-12-25T11:43:05.169213715Z 72 PC: 12dfa | Allocate memory
2018-12-25T11:43:05.17104844Z 53 PC: 9ee7b | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:43:05.173481268Z 37 PC: 9ee8b | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:43:05.174831452Z 42 PC: 9ee99 | Get date 0x9ee99: cmp al, 0
0x9ee9b: jne 0x9eeb2
0x9ee9d: mov ax, 0x351c
0x9eea0: int 0x21
0x9eea2: mov word ptr [0x202], bx
0x9eea6: mov word ptr [0x204], es
0x9eeaa: mov ax, 0x251c
0x9eead: mov dx, 0x390
0x9eeb0: int 0x21
0x9eeb2: pop ds
0x9eeb3: pop es
0x9eeb4: retf
0x9eeb5: add byte ptr [bx + si], al
0x9eeb7: add byte ptr [bx + si], al
0x9eeb9: add byte ptr [bx + si], al
0x9eebb: add byte ptr [bx + si], al
0x9eebd: add byte ptr [bx + si], al
0x9eebf: add byte ptr [bx + si], al
0x9eec1: add byte ptr [bx + si], al
0x9eec3: add byte ptr [bx + si], al

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1265,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:43:05.211185593Z 192 PC: 12db4 | UNKNOWN!
2018-12-25T11:43:05.213337605Z 74 PC: 12df3 | Reallocate memory
2018-12-25T11:43:05.21490654Z 72 PC: 12dfa | Allocate memory
2018-12-25T11:43:05.216777144Z 53 PC: 9ee7b | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:43:05.219018351Z 37 PC: 9ee8b | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:43:05.220601506Z 42 PC: 9ee99 | Get date 0x9ee99: cmp al, 0
0x9ee9b: jne 0x9eeb2
0x9ee9d: mov ax, 0x351c
0x9eea0: int 0x21
0x9eea2: mov word ptr [0x202], bx
0x9eea6: mov word ptr [0x204], es
0x9eeaa: mov ax, 0x251c
0x9eead: mov dx, 0x390
0x9eeb0: int 0x21
0x9eeb2: pop ds
0x9eeb3: pop es
0x9eeb4: retf
0x9eeb5: add byte ptr [bx + si], al
0x9eeb7: add byte ptr [bx + si], al
0x9eeb9: add byte ptr [bx + si], al
0x9eebb: add byte ptr [bx + si], al
0x9eebd: add byte ptr [bx + si], al
0x9eebf: add byte ptr [bx + si], al
0x9eec1: add byte ptr [bx + si], al
0x9eec3: add byte ptr [bx + si], al
2018-12-25T11:43:05.222956984Z 53 PC: 9eea2 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-25T11:43:05.225058968Z 37 PC: 9eeb2 | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')