Sample viewer

vx.netlux.org/Virus.DOS.PSFL.1005

Time	Syscall Op	Syscall Name
2018-12-17T23:02:07.533553789Z	42	PC: 12a4b \| Get date 0x12a4b: cmp dl, 0xd 0x12a4e: jne 0x12a89 0x12a50: mov ax, 3 0x12a53: int 0x10 0x12a55: mov ah, 1 0x12a57: mov cx, 0x2020 0x12a5a: int 0x10 0x12a5c: mov ax, 0xb800 0x12a5f: mov es, ax 0x12a61: xor di, di 0x12a63: mov al, 0x48 0x12a65: stosb byte ptr es:[di], al 0x12a66: mov di, 0x9e 0x12a69: mov al, 0x41 0x12a6b: stosb byte ptr es:[di], al 0x12a6c: mov di, 0xf9e 0x12a6f: mov al, 0x45 0x12a71: stosb byte ptr es:[di], al 0x12a72: mov di, 0xf00 0x12a75: mov al, 0x54
2018-12-17T23:02:07.536880771Z	48	PC: 12a90 \| Get DOS version
2018-12-17T23:02:07.538413598Z	74	PC: 12ab1 \| Reallocate memory
2018-12-17T23:02:07.540351107Z	72	PC: 12ab8 \| Allocate memory
2018-12-17T23:02:07.54340148Z	53	PC: 9f8b3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:02:07.545386347Z	37	PC: 9f8cc \| Set interrupt vector (Interrupt = '33' AKA 'Random read')

Time	Syscall Op	Syscall Name
2018-12-25T12:39:46.495821305Z	42	PC: 12a4b \| Get date 0x12a4b: cmp dl, 0xd 0x12a4e: jne 0x12a89 0x12a50: mov ax, 3 0x12a53: int 0x10 0x12a55: mov ah, 1 0x12a57: mov cx, 0x2020 0x12a5a: int 0x10 0x12a5c: mov ax, 0xb800 0x12a5f: mov es, ax 0x12a61: xor di, di 0x12a63: mov al, 0x48 0x12a65: stosb byte ptr es:[di], al 0x12a66: mov di, 0x9e 0x12a69: mov al, 0x41 0x12a6b: stosb byte ptr es:[di], al 0x12a6c: mov di, 0xf9e 0x12a6f: mov al, 0x45 0x12a71: stosb byte ptr es:[di], al 0x12a72: mov di, 0xf00 0x12a75: mov al, 0x54
2018-12-25T12:39:46.498664077Z	48	PC: 12a90 \| Get DOS version
2018-12-25T12:39:46.499910626Z	74	PC: 12ab1 \| Reallocate memory
2018-12-25T12:39:46.501283745Z	72	PC: 12ab8 \| Allocate memory
2018-12-25T12:39:46.504024005Z	53	PC: 9f8b3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:39:46.505190747Z	37	PC: 9f8cc \| Set interrupt vector (Interrupt = '33' AKA 'Random read')