Sample viewer

vx.netlux.org/Virus.DOS.Vienna.700.b

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:01:25.063762107Z	47	PC: 12a6d \| Get disk transfer address
2018-12-17T23:01:25.06534415Z	26	PC: 12a81 \| Set disk transfer address
2018-12-17T23:01:25.068257434Z	42	PC: 12a8e \| Get date 0x12a8e: cmp dh, 9 0x12a91: nop 0x12a92: je 0x12a97 0x12a94: jmp 0x12aad 0x12a96: nop 0x12a97: cmp dl, 0x10 0x12a9a: je 0x12a9f 0x12a9c: jmp 0x12aad 0x12a9e: nop 0x12a9f: sub cx, 0x7c7 0x12aa3: mov word ptr [si + 0x8c], cx 0x12aa7: mov al, 1 0x12aa9: mov byte ptr [si + 0x8b], al 0x12aad: pop si 0x12aae: push si 0x12aaf: add si, 0x1b 0x12ab2: nop 0x12ab3: nop 0x12ab4: lodsb al, byte ptr [si] 0x12ab5: mov cx, 0x8000
2018-12-17T23:01:25.071404116Z	78	PC: 12b32 \| Find first file
2018-12-17T23:01:25.078177884Z	78	PC: 12b32 \| Find first file
2018-12-17T23:01:25.089460936Z	26	PC: 12c6e \| Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13863,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:13.516105575Z	47	PC: 12a6d \| Get disk transfer address
2018-12-25T12:39:13.518154328Z	26	PC: 12a81 \| Set disk transfer address
2018-12-25T12:39:13.519077971Z	42	PC: 12a8e \| Get date 0x12a8e: cmp dh, 9 0x12a91: nop 0x12a92: je 0x12a97 0x12a94: jmp 0x12aad 0x12a96: nop 0x12a97: cmp dl, 0x10 0x12a9a: je 0x12a9f 0x12a9c: jmp 0x12aad 0x12a9e: nop 0x12a9f: sub cx, 0x7c7 0x12aa3: mov word ptr [si + 0x8c], cx 0x12aa7: mov al, 1 0x12aa9: mov byte ptr [si + 0x8b], al 0x12aad: pop si 0x12aae: push si 0x12aaf: add si, 0x1b 0x12ab2: nop 0x12ab3: nop 0x12ab4: lodsb al, byte ptr [si] 0x12ab5: mov cx, 0x8000
2018-12-25T12:39:13.520996317Z	78	PC: 12b32 \| Find first file
2018-12-25T12:39:13.526903447Z	78	PC: 12b32 \| Find first file (See above)
2018-12-25T12:39:13.536038663Z	26	PC: 12c6e \| Set disk transfer address

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13863,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:14.035875136Z	47	PC: 12a6d \| Get disk transfer address
2018-12-25T12:39:14.03759652Z	26	PC: 12a81 \| Set disk transfer address
2018-12-25T12:39:14.038580161Z	42	PC: 12a8e \| Get date 0x12a8e: cmp dh, 9 0x12a91: nop 0x12a92: je 0x12a97 0x12a94: jmp 0x12aad 0x12a96: nop 0x12a97: cmp dl, 0x10 0x12a9a: je 0x12a9f 0x12a9c: jmp 0x12aad 0x12a9e: nop 0x12a9f: sub cx, 0x7c7 0x12aa3: mov word ptr [si + 0x8c], cx 0x12aa7: mov al, 1 0x12aa9: mov byte ptr [si + 0x8b], al 0x12aad: pop si 0x12aae: push si 0x12aaf: add si, 0x1b 0x12ab2: nop 0x12ab3: nop 0x12ab4: lodsb al, byte ptr [si] 0x12ab5: mov cx, 0x8000
2018-12-25T12:39:14.040151212Z	78	PC: 12b32 \| Find first file
2018-12-25T12:39:14.044324586Z	78	PC: 12b32 \| Find first file (See above)
2018-12-25T12:39:14.050338446Z	26	PC: 12c6e \| Set disk transfer address

{"DateBased":true,"Day":16,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13863,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:14.423590484Z	47	PC: 12a6d \| Get disk transfer address
2018-12-25T12:39:14.431519996Z	26	PC: 12a81 \| Set disk transfer address
2018-12-25T12:39:14.432716117Z	42	PC: 12a8e \| Get date 0x12a8e: cmp dh, 9 0x12a91: nop 0x12a92: je 0x12a97 0x12a94: jmp 0x12aad 0x12a96: nop 0x12a97: cmp dl, 0x10 0x12a9a: je 0x12a9f 0x12a9c: jmp 0x12aad 0x12a9e: nop 0x12a9f: sub cx, 0x7c7 0x12aa3: mov word ptr [si + 0x8c], cx 0x12aa7: mov al, 1 0x12aa9: mov byte ptr [si + 0x8b], al 0x12aad: pop si 0x12aae: push si 0x12aaf: add si, 0x1b 0x12ab2: nop 0x12ab3: nop 0x12ab4: lodsb al, byte ptr [si] 0x12ab5: mov cx, 0x8000
2018-12-25T12:39:14.435336248Z	78	PC: 12b32 \| Find first file
2018-12-25T12:39:14.44201639Z	78	PC: 12b32 \| Find first file (See above)
2018-12-25T12:39:14.452562297Z	26	PC: 12c6e \| Set disk transfer address