Sample viewer

vx.netlux.org/Virus.DOS.Chin.1418

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:03:43.864885677Z 104 PC: 13ebc | Commit file
2018-12-17T23:03:43.86857163Z 82 PC: 14353 | Get DOS internal pointers (SYSVARS)
2018-12-17T23:03:43.870535505Z 42 PC: 13efd | Get date 0x13efd: cmp dx, 0xa01
0x13f01: jne 0x13f08
0x13f03: mov byte ptr [0x55], 1
0x13f08: pop es
0x13f09: cmp byte ptr [0x52], 0
0x13f0e: je 0x13f24
0x13f10: mov di, 0x100
0x13f13: mov si, 0x10
0x13f16: mov cx, 3
0x13f19: cld
0x13f1a: repne movsb byte ptr es:[di], byte ptr [si]
0x13f1c: push es
0x13f1d: pop ds
0x13f1e: push ds
0x13f1f: mov ax, 0x100
0x13f22: push ax
0x13f23: retf
0x13f24: push cs
0x13f25: pop ax
0x13f26: sub ax, word ptr [0x53]
2018-12-17T23:03:43.873460047Z 9 PC: 12a85 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T23:03:43.879975374Z 0 PC: 12a89 | Program terminate

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14632,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:41:14.29760915Z 104 PC: 13ebc | Commit file
2018-12-25T12:41:14.2999921Z 82 PC: 14353 | Get DOS internal pointers (SYSVARS)
2018-12-25T12:41:14.301368807Z 42 PC: 13efd | Get date 0x13efd: cmp dx, 0xa01
0x13f01: jne 0x13f08
0x13f03: mov byte ptr [0x55], 1
0x13f08: pop es
0x13f09: cmp byte ptr [0x52], 0
0x13f0e: je 0x13f24
0x13f10: mov di, 0x100
0x13f13: mov si, 0x10
0x13f16: mov cx, 3
0x13f19: cld
0x13f1a: repne movsb byte ptr es:[di], byte ptr [si]
0x13f1c: push es
0x13f1d: pop ds
0x13f1e: push ds
0x13f1f: mov ax, 0x100
0x13f22: push ax
0x13f23: retf
0x13f24: push cs
0x13f25: pop ax
0x13f26: sub ax, word ptr [0x53]
2018-12-25T12:41:14.30371793Z 9 PC: 12a85 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-25T12:41:14.31866529Z 0 PC: 12a89 | Program terminate

{"DateBased":true,"Day":1,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14632,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:41:14.387043376Z 104 PC: 13ebc | Commit file
2018-12-25T12:41:14.389322325Z 82 PC: 14353 | Get DOS internal pointers (SYSVARS)
2018-12-25T12:41:14.391392469Z 42 PC: 13efd | Get date 0x13efd: cmp dx, 0xa01
0x13f01: jne 0x13f08
0x13f03: mov byte ptr [0x55], 1
0x13f08: pop es
0x13f09: cmp byte ptr [0x52], 0
0x13f0e: je 0x13f24
0x13f10: mov di, 0x100
0x13f13: mov si, 0x10
0x13f16: mov cx, 3
0x13f19: cld
0x13f1a: repne movsb byte ptr es:[di], byte ptr [si]
0x13f1c: push es
0x13f1d: pop ds
0x13f1e: push ds
0x13f1f: mov ax, 0x100
0x13f22: push ax
0x13f23: retf
0x13f24: push cs
0x13f25: pop ax
0x13f26: sub ax, word ptr [0x53]
2018-12-25T12:41:14.394070969Z 9 PC: 12a85 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-25T12:41:14.400568551Z 0 PC: 12a89 | Program terminate