Sample viewer

vx.netlux.org/Virus.DOS.Doom.1240

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:01:24.664429268Z	255	PC: 13003 \| UNKNOWN!
2018-12-17T23:01:24.665833403Z	42	PC: 13011 \| Get date 0x13011: cmp dh, 3 0x13014: jne 0x13024 0x13016: mov ah, 0x2c 0x13018: int 0x21 0x1301a: cmp dh, 0xa 0x1301d: jge 0x13024 0x1301f: mov byte ptr [0x60e], 1 0x13024: pop ds 0x13025: pop es 0x13026: cmp byte ptr cs:[0x109], 0x30 0x1302c: je 0x13061 0x1302e: cmp byte ptr cs:[0x10a], 0x45 0x13034: jne 0x1304b 0x13036: mov ax, cs 0x13038: sub ax, word ptr cs:[0x107] 0x1303d: add ax, word ptr cs:[0x105] 0x13042: mov word ptr cs:[0x105], ax 0x13046: ljmp ptr cs:[0x103] 0x1304b: mov di, 0x100 0x1304e: mov si, word ptr cs:[0x103]
2018-12-17T23:01:24.668612651Z	9	PC: 12a4c \| Display string (Could not find end pointer)
2018-12-17T23:01:24.678147134Z	9	PC: 12a53 \| Display string (Could not find end pointer)
2018-12-17T23:01:24.680856078Z	9	PC: 12a5a \| Display string (Could not find end pointer)
2018-12-17T23:01:24.684653503Z	76	PC: 12a5f \| Terminate with return code (Return code = '255')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13860,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:13.365258335Z	255	PC: 13003 \| UNKNOWN!
2018-12-25T12:39:13.366562142Z	42	PC: 13011 \| Get date 0x13011: cmp dh, 3 0x13014: jne 0x13024 0x13016: mov ah, 0x2c 0x13018: int 0x21 0x1301a: cmp dh, 0xa 0x1301d: jge 0x13024 0x1301f: mov byte ptr [0x60e], 1 0x13024: pop ds 0x13025: pop es 0x13026: cmp byte ptr cs:[0x109], 0x30 0x1302c: je 0x13061 0x1302e: cmp byte ptr cs:[0x10a], 0x45 0x13034: jne 0x1304b 0x13036: mov ax, cs 0x13038: sub ax, word ptr cs:[0x107] 0x1303d: add ax, word ptr cs:[0x105] 0x13042: mov word ptr cs:[0x105], ax 0x13046: ljmp ptr cs:[0x103] 0x1304b: mov di, 0x100 0x1304e: mov si, word ptr cs:[0x103]
2018-12-25T12:39:13.369120164Z	9	PC: 12a4c \| Display string (Could not find end pointer)
2018-12-25T12:39:13.379555864Z	9	PC: 12a53 \| Display string (Could not find end pointer)
2018-12-25T12:39:13.383768719Z	9	PC: 12a5a \| Display string (Could not find end pointer)
2018-12-25T12:39:13.388784596Z	76	PC: 12a5f \| Terminate with return code (Return code = '255')

{"DateBased":true,"Day":1,"Month":3,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13860,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:13.526643352Z	255	PC: 13003 \| UNKNOWN!
2018-12-25T12:39:13.529366599Z	42	PC: 13011 \| Get date 0x13011: cmp dh, 3 0x13014: jne 0x13024 0x13016: mov ah, 0x2c 0x13018: int 0x21 0x1301a: cmp dh, 0xa 0x1301d: jge 0x13024 0x1301f: mov byte ptr [0x60e], 1 0x13024: pop ds 0x13025: pop es 0x13026: cmp byte ptr cs:[0x109], 0x30 0x1302c: je 0x13061 0x1302e: cmp byte ptr cs:[0x10a], 0x45 0x13034: jne 0x1304b 0x13036: mov ax, cs 0x13038: sub ax, word ptr cs:[0x107] 0x1303d: add ax, word ptr cs:[0x105] 0x13042: mov word ptr cs:[0x105], ax 0x13046: ljmp ptr cs:[0x103] 0x1304b: mov di, 0x100 0x1304e: mov si, word ptr cs:[0x103]
2018-12-25T12:39:13.532439066Z	44	PC: 1301a \| Get time 0x1301a: cmp dh, 0xa 0x1301d: jge 0x13024 0x1301f: mov byte ptr [0x60e], 1 0x13024: pop ds 0x13025: pop es 0x13026: cmp byte ptr cs:[0x109], 0x30 0x1302c: je 0x13061 0x1302e: cmp byte ptr cs:[0x10a], 0x45 0x13034: jne 0x1304b 0x13036: mov ax, cs 0x13038: sub ax, word ptr cs:[0x107] 0x1303d: add ax, word ptr cs:[0x105] 0x13042: mov word ptr cs:[0x105], ax 0x13046: ljmp ptr cs:[0x103] 0x1304b: mov di, 0x100 0x1304e: mov si, word ptr cs:[0x103] 0x13053: add si, 0x5d8 0x13057: mov cx, 0xc 0x1305a: rep movsb byte ptr es:[di], byte ptr [si] 0x1305c: mov ax, 0x100
2018-12-25T12:39:13.535228716Z	9	PC: 12a4c \| Display string (Could not find end pointer)
2018-12-25T12:39:13.547659537Z	9	PC: 12a53 \| Display string (Could not find end pointer)
2018-12-25T12:39:13.55027877Z	9	PC: 12a5a \| Display string (Could not find end pointer)
2018-12-25T12:39:13.559652773Z	76	PC: 12a5f \| Terminate with return code (Return code = '255')