Sample viewer

vx.netlux.org/Virus.DOS.Raadioga.1000.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:59:52.023515978Z 53 PC: 12a60 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:59:52.024737231Z 37 PC: 12a68 | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:59:52.083420812Z 37 PC: 12a7a | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:59:52.084993081Z 42 PC: 12a8a | Get date 0x12a8a: cmp ax, bx
0x12a8c: je 0x12ae1
0x12a8e: cmp dx, 0x30a
0x12a92: je 0x12aff
0x12a94: pop es
0x12a95: push es
0x12a96: sub di, di
0x12a98: mov bx, es
0x12a9a: dec bx
0x12a9b: mov ds, bx
0x12a9d: sub word ptr [di + 3], 0x83
0x12aa2: add bx, word ptr [di + 3]
0x12aa5: inc bx
0x12aa6: mov es, bx
0x12aa8: mov al, 0x4d
0x12aaa: xchg byte ptr [di], al
0x12aac: stosb byte ptr es:[di], al
0x12aad: mov ax, 8
0x12ab0: stosw word ptr es:[di], ax
0x12ab1: mov ax, 0x82

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13358,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:38:07.655166888Z 53 PC: 12a60 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T12:38:07.656762534Z 37 PC: 12a68 | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T12:38:07.751045478Z 37 PC: 12a7a | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T12:38:07.75232735Z 42 PC: 12a8a | Get date 0x12a8a: cmp ax, bx
0x12a8c: je 0x12ae1
0x12a8e: cmp dx, 0x30a
0x12a92: je 0x12aff
0x12a94: pop es
0x12a95: push es
0x12a96: sub di, di
0x12a98: mov bx, es
0x12a9a: dec bx
0x12a9b: mov ds, bx
0x12a9d: sub word ptr [di + 3], 0x83
0x12aa2: add bx, word ptr [di + 3]
0x12aa5: inc bx
0x12aa6: mov es, bx
0x12aa8: mov al, 0x4d
0x12aaa: xchg byte ptr [di], al
0x12aac: stosb byte ptr es:[di], al
0x12aad: mov ax, 8
0x12ab0: stosw word ptr es:[di], ax
0x12ab1: mov ax, 0x82

{"DateBased":true,"Day":10,"Month":3,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13358,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:38:08.33058051Z 53 PC: 12a60 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T12:38:08.332024306Z 37 PC: 12a68 | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T12:38:08.423589711Z 37 PC: 12a7a | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T12:38:08.425927367Z 42 PC: 12a8a | Get date 0x12a8a: cmp ax, bx
0x12a8c: je 0x12ae1
0x12a8e: cmp dx, 0x30a
0x12a92: je 0x12aff
0x12a94: pop es
0x12a95: push es
0x12a96: sub di, di
0x12a98: mov bx, es
0x12a9a: dec bx
0x12a9b: mov ds, bx
0x12a9d: sub word ptr [di + 3], 0x83
0x12aa2: add bx, word ptr [di + 3]
0x12aa5: inc bx
0x12aa6: mov es, bx
0x12aa8: mov al, 0x4d
0x12aaa: xchg byte ptr [di], al
0x12aac: stosb byte ptr es:[di], al
0x12aad: mov ax, 8
0x12ab0: stosw word ptr es:[di], ax
0x12ab1: mov ax, 0x82
2018-12-25T12:38:08.428383518Z 9 PC: 12b69 | Display string (String= '&�F.;. t��������؀>���u��r����!桌Ύ޾;P�p����Xt��p�<')