Sample viewer

vx.netlux.org/Virus.DOS.FatherVirus.456

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:02:51.947694309Z 239 PC: 12e46 | UNKNOWN!
2018-12-17T23:02:51.949173563Z 53 PC: 12e50 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:02:51.950322123Z 37 PC: 12e76 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:02:51.951354568Z 42 PC: 12e7e | Get date 0x12e7e: cmp dh, 0xc
0x12e81: jne 0x12e9a
0x12e83: cmp dl, 0x18
0x12e86: jb 0x12e9a
0x12e88: cmp dl, 0x1f
0x12e8b: ja 0x12e9a
0x12e8d: mov ah, 9
0x12e8f: mov dx, 0x17a
0x12e92: add dx, si
0x12e94: int 0x21
0x12e96: mov ah, 8
0x12e98: int 0x21
0x12e9a: mov ax, 0x100
0x12e9d: push ax
0x12e9e: ret
0x12e9f: jmp 0x1327e
0x12ea2: fcmovb st(0), st(4)
2018-12-17T23:02:51.95385395Z 9 PC: 12e26 | Display string (String= 'BCDEF- This is a 1000 byte COM test, 1994 ')

{"DateBased":true,"Day":24,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14346,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:40:18.709911247Z 239 PC: 12e46 | UNKNOWN!
2018-12-25T12:40:18.711694249Z 53 PC: 12e50 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:40:18.713249464Z 37 PC: 12e76 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:40:18.714692493Z 42 PC: 12e7e | Get date 0x12e7e: cmp dh, 0xc
0x12e81: jne 0x12e9a
0x12e83: cmp dl, 0x18
0x12e86: jb 0x12e9a
0x12e88: cmp dl, 0x1f
0x12e8b: ja 0x12e9a
0x12e8d: mov ah, 9
0x12e8f: mov dx, 0x17a
0x12e92: add dx, si
0x12e94: int 0x21
0x12e96: mov ah, 8
0x12e98: int 0x21
0x12e9a: mov ax, 0x100
0x12e9d: push ax
0x12e9e: ret
0x12e9f: jmp 0x1327e
0x12ea2: fcmovb st(0), st(4)
2018-12-25T12:40:18.717660728Z 9 PC: 12e96 | Display string (String= '���������������������������������Ŀ � Merry Xmas & a Happy New Year � � from Father Virus! � ����������������������������������� ')
2018-12-25T12:40:18.729920144Z 8 PC: 12e9a | Console input without echo

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14346,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:40:18.724431594Z 239 PC: 12e46 | UNKNOWN!
2018-12-25T12:40:18.727106281Z 53 PC: 12e50 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:40:18.729160283Z 37 PC: 12e76 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:40:18.731111986Z 42 PC: 12e7e | Get date 0x12e7e: cmp dh, 0xc
0x12e81: jne 0x12e9a
0x12e83: cmp dl, 0x18
0x12e86: jb 0x12e9a
0x12e88: cmp dl, 0x1f
0x12e8b: ja 0x12e9a
0x12e8d: mov ah, 9
0x12e8f: mov dx, 0x17a
0x12e92: add dx, si
0x12e94: int 0x21
0x12e96: mov ah, 8
0x12e98: int 0x21
0x12e9a: mov ax, 0x100
0x12e9d: push ax
0x12e9e: ret
0x12e9f: jmp 0x1327e
0x12ea2: fcmovb st(0), st(4)
2018-12-25T12:40:18.734210684Z 9 PC: 12e26 | Display string (String= 'BCDEF- This is a 1000 byte COM test, 1994 ')

{"DateBased":true,"Day":1,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14346,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:40:18.969436508Z 239 PC: 12e46 | UNKNOWN!
2018-12-25T12:40:18.971087228Z 53 PC: 12e50 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:40:18.972610837Z 37 PC: 12e76 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:40:18.973772502Z 42 PC: 12e7e | Get date 0x12e7e: cmp dh, 0xc
0x12e81: jne 0x12e9a
0x12e83: cmp dl, 0x18
0x12e86: jb 0x12e9a
0x12e88: cmp dl, 0x1f
0x12e8b: ja 0x12e9a
0x12e8d: mov ah, 9
0x12e8f: mov dx, 0x17a
0x12e92: add dx, si
0x12e94: int 0x21
0x12e96: mov ah, 8
0x12e98: int 0x21
0x12e9a: mov ax, 0x100
0x12e9d: push ax
0x12e9e: ret
0x12e9f: jmp 0x1327e
0x12ea2: fcmovb st(0), st(4)
2018-12-25T12:40:18.976005212Z 9 PC: 12e26 | Display string (String= 'BCDEF- This is a 1000 byte COM test, 1994 ')