Sample viewer

vx.netlux.org/Virus.DOS.Lyceum.1832.b

Time	Syscall Op	Syscall Name
2018-12-17T23:01:44.148843681Z	221	PC: 12a91 \| UNKNOWN!
2018-12-17T23:01:44.150727565Z	42	PC: 12ad1 \| Get date 0x12ad1: xor al, al 0x12ad3: cmp dl, 0xd 0x12ad6: jne 0x12ada 0x12ad8: dec al 0x12ada: mov byte ptr [0x736], al 0x12add: mov ax, 0x3508 0x12ae0: int 0x21 0x12ae2: mov word ptr [0x728], bx 0x12ae6: mov word ptr [0x72a], es 0x12aea: mov al, 9 0x12aec: int 0x21 0x12aee: mov word ptr [0x72c], bx 0x12af2: mov word ptr [0x72e], es 0x12af6: mov al, 0x21 0x12af8: int 0x21 0x12afa: mov word ptr [0x730], bx 0x12afe: mov word ptr [0x732], es 0x12b02: mov dx, 0xd6 0x12b05: mov ax, 0x2508 0x12b08: int 0x21
2018-12-17T23:01:44.154332514Z	53	PC: 12ae2 \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T23:01:44.156109378Z	53	PC: 12aee \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T23:01:44.157819509Z	53	PC: 12afa \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:01:44.16045205Z	37	PC: 12b0a \| Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T23:01:44.162018402Z	37	PC: 12b11 \| Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T23:01:44.163542429Z	37	PC: 12b18 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')

Time	Syscall Op	Syscall Name
2018-12-25T12:39:40.097951558Z	221	PC: 12a91 \| UNKNOWN!
2018-12-25T12:39:40.099399388Z	42	PC: 12ad1 \| Get date 0x12ad1: xor al, al 0x12ad3: cmp dl, 0xd 0x12ad6: jne 0x12ada 0x12ad8: dec al 0x12ada: mov byte ptr [0x736], al 0x12add: mov ax, 0x3508 0x12ae0: int 0x21 0x12ae2: mov word ptr [0x728], bx 0x12ae6: mov word ptr [0x72a], es 0x12aea: mov al, 9 0x12aec: int 0x21 0x12aee: mov word ptr [0x72c], bx 0x12af2: mov word ptr [0x72e], es 0x12af6: mov al, 0x21 0x12af8: int 0x21 0x12afa: mov word ptr [0x730], bx 0x12afe: mov word ptr [0x732], es 0x12b02: mov dx, 0xd6 0x12b05: mov ax, 0x2508 0x12b08: int 0x21
2018-12-25T12:39:40.101747194Z	53	PC: 12ae2 \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T12:39:40.103116704Z	53	PC: 12aee \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-25T12:39:40.10542333Z	53	PC: 12afa \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:39:40.106842414Z	37	PC: 12b0a \| Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T12:39:40.108184789Z	37	PC: 12b11 \| Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-25T12:39:40.110368651Z	37	PC: 12b18 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')

Time	Syscall Op	Syscall Name
2018-12-25T12:39:40.062585804Z	221	PC: 12a91 \| UNKNOWN!
2018-12-25T12:39:40.064459532Z	42	PC: 12ad1 \| Get date 0x12ad1: xor al, al 0x12ad3: cmp dl, 0xd 0x12ad6: jne 0x12ada 0x12ad8: dec al 0x12ada: mov byte ptr [0x736], al 0x12add: mov ax, 0x3508 0x12ae0: int 0x21 0x12ae2: mov word ptr [0x728], bx 0x12ae6: mov word ptr [0x72a], es 0x12aea: mov al, 9 0x12aec: int 0x21 0x12aee: mov word ptr [0x72c], bx 0x12af2: mov word ptr [0x72e], es 0x12af6: mov al, 0x21 0x12af8: int 0x21 0x12afa: mov word ptr [0x730], bx 0x12afe: mov word ptr [0x732], es 0x12b02: mov dx, 0xd6 0x12b05: mov ax, 0x2508 0x12b08: int 0x21
2018-12-25T12:39:40.066936916Z	53	PC: 12ae2 \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T12:39:40.068301177Z	53	PC: 12aee \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-25T12:39:40.069625849Z	53	PC: 12afa \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:39:40.071476673Z	37	PC: 12b0a \| Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T12:39:40.072914014Z	37	PC: 12b11 \| Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-25T12:39:40.074247374Z	37	PC: 12b18 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')