Sample viewer

vx.netlux.org/Virus.DOS.Tazman.706

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:02:06.774740808Z 116 PC: 12a51 | UNKNOWN!
2018-12-17T22:02:06.775966537Z 42 PC: 12a5e | Get date 0x12a5e: cmp dh, 9
0x12a61: jne 0x12a66
0x12a63: jmp 0x12b0d
0x12a66: mov ah, 0x4a
0x12a68: mov bx, 0xffff
0x12a6b: int 0x21
0x12a6d: sub bx, 0x2e
0x12a70: nop
0x12a71: mov ah, 0x4a
0x12a73: int 0x21
0x12a75: mov ah, 0x48
0x12a77: mov bx, 0x2d
0x12a7a: int 0x21
0x12a7c: jb 0x12abc
0x12a7e: nop
0x12a7f: nop
0x12a80: nop
0x12a81: dec ax
0x12a82: mov es, ax
0x12a84: mov byte ptr es:[0], 0x5a
2018-12-17T22:02:06.778007328Z 74 PC: 12a6d | Reallocate memory
2018-12-17T22:02:06.779478514Z 74 PC: 12a75 | Reallocate memory
2018-12-17T22:02:06.781237272Z 72 PC: 12a7c | Allocate memory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1352,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:43:26.588997817Z 116 PC: 12a51 | UNKNOWN!
2018-12-25T11:43:26.590855392Z 42 PC: 12a5e | Get date 0x12a5e: cmp dh, 9
0x12a61: jne 0x12a66
0x12a63: jmp 0x12b0d
0x12a66: mov ah, 0x4a
0x12a68: mov bx, 0xffff
0x12a6b: int 0x21
0x12a6d: sub bx, 0x2e
0x12a70: nop
0x12a71: mov ah, 0x4a
0x12a73: int 0x21
0x12a75: mov ah, 0x48
0x12a77: mov bx, 0x2d
0x12a7a: int 0x21
0x12a7c: jb 0x12abc
0x12a7e: nop
0x12a7f: nop
0x12a80: nop
0x12a81: dec ax
0x12a82: mov es, ax
0x12a84: mov byte ptr es:[0], 0x5a
2018-12-25T11:43:26.59347616Z 74 PC: 12a6d | Reallocate memory
2018-12-25T11:43:26.595314712Z 74 PC: 12a75 | Reallocate memory
2018-12-25T11:43:26.59726734Z 72 PC: 12a7c | Allocate memory

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1352,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:43:26.60297892Z 116 PC: 12a51 | UNKNOWN!
2018-12-25T11:43:26.604720564Z 42 PC: 12a5e | Get date 0x12a5e: cmp dh, 9
0x12a61: jne 0x12a66
0x12a63: jmp 0x12b0d
0x12a66: mov ah, 0x4a
0x12a68: mov bx, 0xffff
0x12a6b: int 0x21
0x12a6d: sub bx, 0x2e
0x12a70: nop
0x12a71: mov ah, 0x4a
0x12a73: int 0x21
0x12a75: mov ah, 0x48
0x12a77: mov bx, 0x2d
0x12a7a: int 0x21
0x12a7c: jb 0x12abc
0x12a7e: nop
0x12a7f: nop
0x12a80: nop
0x12a81: dec ax
0x12a82: mov es, ax
0x12a84: mov byte ptr es:[0], 0x5a
2018-12-25T11:43:26.607504883Z 9 PC: 12b17 | Display string (String= 'PSQVWRR�')
2018-12-25T11:43:26.609842695Z 9 PC: 12b21 | Display string (String= '�!RQ��2�u�����?����!�>�@tx����>�Mt����i��B�P�����󥾤��X���+����������@����!�B�K���@�����B�8����@�!�WYZ������!�>�!.��.���')
2018-12-25T11:43:26.618325914Z 14 PC: 13d54 | Set default drive (Drive = '1')
2018-12-25T11:43:26.620251287Z 46 PC: 13d69 | Set verify flag