Sample viewer

vx.netlux.org/Virus.DOS.Arriba.1590.a

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:01:35.026872926Z	42	PC: 90702 \| Get date 0x90702: cmp dh, 0xb 0x90705: jne 0x9072b 0x90707: cmp dl, 0x14 0x9070a: jne 0x9072b 0x9070c: mov byte ptr cs:[0x1bd], 1 0x90712: mov ax, 0x3508 0x90715: int 0x21 0x90717: mov word ptr [0x1ad], bx 0x9071b: mov bx, es 0x9071d: mov word ptr [0x1af], bx 0x90721: push cs 0x90722: pop ds 0x90723: mov dx, 0x39d 0x90726: mov ax, 0x2508 0x90729: int 0x21 0x9072b: pop es 0x9072c: pop ds 0x9072d: pop di 0x9072e: pop si 0x9072f: pop dx
2018-12-17T23:01:35.030443429Z	9	PC: 12aa2 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":11,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13929,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:26.660347421Z	42	PC: 90702 \| Get date 0x90702: cmp dh, 0xb 0x90705: jne 0x9072b 0x90707: cmp dl, 0x14 0x9070a: jne 0x9072b 0x9070c: mov byte ptr cs:[0x1bd], 1 0x90712: mov ax, 0x3508 0x90715: int 0x21 0x90717: mov word ptr [0x1ad], bx 0x9071b: mov bx, es 0x9071d: mov word ptr [0x1af], bx 0x90721: push cs 0x90722: pop ds 0x90723: mov dx, 0x39d 0x90726: mov ax, 0x2508 0x90729: int 0x21 0x9072b: pop es 0x9072c: pop ds 0x9072d: pop di 0x9072e: pop si 0x9072f: pop dx
2018-12-25T12:39:26.66433867Z	9	PC: 12aa2 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":20,"Month":11,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13929,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:26.732994972Z	42	PC: 90702 \| Get date 0x90702: cmp dh, 0xb 0x90705: jne 0x9072b 0x90707: cmp dl, 0x14 0x9070a: jne 0x9072b 0x9070c: mov byte ptr cs:[0x1bd], 1 0x90712: mov ax, 0x3508 0x90715: int 0x21 0x90717: mov word ptr [0x1ad], bx 0x9071b: mov bx, es 0x9071d: mov word ptr [0x1af], bx 0x90721: push cs 0x90722: pop ds 0x90723: mov dx, 0x39d 0x90726: mov ax, 0x2508 0x90729: int 0x21 0x9072b: pop es 0x9072c: pop ds 0x9072d: pop di 0x9072e: pop si 0x9072f: pop dx
2018-12-25T12:39:26.736581015Z	53	PC: 90717 \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T12:39:26.739460189Z	37	PC: 9072b \| Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T12:39:26.744475409Z	9	PC: 12aa2 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":13929,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:39:26.781608803Z	42	PC: 90702 \| Get date 0x90702: cmp dh, 0xb 0x90705: jne 0x9072b 0x90707: cmp dl, 0x14 0x9070a: jne 0x9072b 0x9070c: mov byte ptr cs:[0x1bd], 1 0x90712: mov ax, 0x3508 0x90715: int 0x21 0x90717: mov word ptr [0x1ad], bx 0x9071b: mov bx, es 0x9071d: mov word ptr [0x1af], bx 0x90721: push cs 0x90722: pop ds 0x90723: mov dx, 0x39d 0x90726: mov ax, 0x2508 0x90729: int 0x21 0x9072b: pop es 0x9072c: pop ds 0x9072d: pop di 0x9072e: pop si 0x9072f: pop dx
2018-12-25T12:39:26.786467489Z	9	PC: 12aa2 \| Display string (String= 'Hello - Copyright S & S International, 1990 ')