Sample viewer

vx.netlux.org/Virus.DOS.Tuspa

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:57:51.358991865Z	250	PC: 12c4d \| UNKNOWN!
2018-12-17T22:57:51.36059663Z	18	PC: 12cbb \| Find next file
2018-12-17T22:57:51.362500976Z	42	PC: 13022 \| Get date 0x13022: cmp dh, 0xa 0x13025: jne 0x13068 0x13027: cmp dl, 1 0x1302a: jne 0x13068 0x1302c: mov al, 2 0x1302e: mov dx, 2 0x13031: mov cx, 0xffff 0x13034: int 0x26 0x13036: xor dx, dx 0x13038: mov dx, dx 0x1303a: mov cx, 1 0x1303d: mov cx, cx 0x1303f: mov ax, 0x311 0x13042: mov ax, ax 0x13044: mov dl, 0x80 0x13046: nop 0x13047: nop 0x13048: mov bx, 0x5000 0x1304b: mov bx, bx 0x1304d: mov es, bx

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12692,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:35:58.861249762Z	250	PC: 12c4d \| UNKNOWN!
2018-12-25T12:35:58.862844636Z	18	PC: 12cbb \| Find next file
2018-12-25T12:35:58.864438816Z	42	PC: 13022 \| Get date 0x13022: cmp dh, 0xa 0x13025: jne 0x13068 0x13027: cmp dl, 1 0x1302a: jne 0x13068 0x1302c: mov al, 2 0x1302e: mov dx, 2 0x13031: mov cx, 0xffff 0x13034: int 0x26 0x13036: xor dx, dx 0x13038: mov dx, dx 0x1303a: mov cx, 1 0x1303d: mov cx, cx 0x1303f: mov ax, 0x311 0x13042: mov ax, ax 0x13044: mov dl, 0x80 0x13046: nop 0x13047: nop 0x13048: mov bx, 0x5000 0x1304b: mov bx, bx 0x1304d: mov es, bx

{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12692,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:35:58.856047834Z	250	PC: 12c4d \| UNKNOWN!
2018-12-25T12:35:58.858035874Z	18	PC: 12cbb \| Find next file
2018-12-25T12:35:58.860949117Z	42	PC: 13022 \| Get date 0x13022: cmp dh, 0xa 0x13025: jne 0x13068 0x13027: cmp dl, 1 0x1302a: jne 0x13068 0x1302c: mov al, 2 0x1302e: mov dx, 2 0x13031: mov cx, 0xffff 0x13034: int 0x26 0x13036: xor dx, dx 0x13038: mov dx, dx 0x1303a: mov cx, 1 0x1303d: mov cx, cx 0x1303f: mov ax, 0x311 0x13042: mov ax, ax 0x13044: mov dl, 0x80 0x13046: nop 0x13047: nop 0x13048: mov bx, 0x5000 0x1304b: mov bx, bx 0x1304d: mov es, bx

{"DateBased":true,"Day":2,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12692,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:35:58.886729002Z	250	PC: 12c4d \| UNKNOWN!
2018-12-25T12:35:58.888123634Z	18	PC: 12cbb \| Find next file
2018-12-25T12:35:58.88985427Z	42	PC: 13022 \| Get date 0x13022: cmp dh, 0xa 0x13025: jne 0x13068 0x13027: cmp dl, 1 0x1302a: jne 0x13068 0x1302c: mov al, 2 0x1302e: mov dx, 2 0x13031: mov cx, 0xffff 0x13034: int 0x26 0x13036: xor dx, dx 0x13038: mov dx, dx 0x1303a: mov cx, 1 0x1303d: mov cx, cx 0x1303f: mov ax, 0x311 0x13042: mov ax, ax 0x13044: mov dl, 0x80 0x13046: nop 0x13047: nop 0x13048: mov bx, 0x5000 0x1304b: mov bx, bx 0x1304d: mov es, bx

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12692,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:35:58.883137974Z	250	PC: 12c4d \| UNKNOWN!
2018-12-25T12:35:58.884860806Z	18	PC: 12cbb \| Find next file
2018-12-25T12:35:58.896981807Z	42	PC: 13022 \| Get date 0x13022: cmp dh, 0xa 0x13025: jne 0x13068 0x13027: cmp dl, 1 0x1302a: jne 0x13068 0x1302c: mov al, 2 0x1302e: mov dx, 2 0x13031: mov cx, 0xffff 0x13034: int 0x26 0x13036: xor dx, dx 0x13038: mov dx, dx 0x1303a: mov cx, 1 0x1303d: mov cx, cx 0x1303f: mov ax, 0x311 0x13042: mov ax, ax 0x13044: mov dl, 0x80 0x13046: nop 0x13047: nop 0x13048: mov bx, 0x5000 0x1304b: mov bx, bx 0x1304d: mov es, bx

{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12692,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:35:59.056540346Z	250	PC: 12c4d \| UNKNOWN!
2018-12-25T12:35:59.057757397Z	18	PC: 12cbb \| Find next file
2018-12-25T12:35:59.059742144Z	42	PC: 13022 \| Get date 0x13022: cmp dh, 0xa 0x13025: jne 0x13068 0x13027: cmp dl, 1 0x1302a: jne 0x13068 0x1302c: mov al, 2 0x1302e: mov dx, 2 0x13031: mov cx, 0xffff 0x13034: int 0x26 0x13036: xor dx, dx 0x13038: mov dx, dx 0x1303a: mov cx, 1 0x1303d: mov cx, cx 0x1303f: mov ax, 0x311 0x13042: mov ax, ax 0x13044: mov dl, 0x80 0x13046: nop 0x13047: nop 0x13048: mov bx, 0x5000 0x1304b: mov bx, bx 0x1304d: mov es, bx

{"DateBased":true,"Day":2,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":12692,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:35:59.115409281Z	250	PC: 12c4d \| UNKNOWN!
2018-12-25T12:35:59.12222919Z	18	PC: 12cbb \| Find next file
2018-12-25T12:35:59.125328604Z	42	PC: 13022 \| Get date 0x13022: cmp dh, 0xa 0x13025: jne 0x13068 0x13027: cmp dl, 1 0x1302a: jne 0x13068 0x1302c: mov al, 2 0x1302e: mov dx, 2 0x13031: mov cx, 0xffff 0x13034: int 0x26 0x13036: xor dx, dx 0x13038: mov dx, dx 0x1303a: mov cx, 1 0x1303d: mov cx, cx 0x1303f: mov ax, 0x311 0x13042: mov ax, ax 0x13044: mov dl, 0x80 0x13046: nop 0x13047: nop 0x13048: mov bx, 0x5000 0x1304b: mov bx, bx 0x1304d: mov es, bx