Sample viewer

vx.netlux.org/Virus.DOS.Europe.421.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:04:35.601969462Z 75 PC: 12a49 | Execute program
2018-12-17T23:04:35.605324913Z 80 PC: 12b55 | Set current PSP
2018-12-17T23:04:35.606681043Z 53 PC: 12b6d | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:04:35.608328933Z 37 PC: 12b7f | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:04:35.612034993Z 42 PC: 12b83 | Get date 0x12b83: cmp cx, 0x7c8
0x12b87: je 0x12b97
0x12b89: mov si, 0x130
0x12b8c: mov di, 0x100
0x12b8f: pop es
0x12b90: push es
0x12b91: push di
0x12b92: movsw word ptr es:[di], word ptr [si]
0x12b93: movsw word ptr es:[di], word ptr [si]
0x12b94: push es
0x12b95: pop ds
0x12b96: retf
0x12b97: mov ax, 1
0x12b9a: int 0x10
0x12b9c: mov si, 0x279
0x12b9f: mov cx, 0x12
0x12ba2: lodsb al, byte ptr [si]
0x12ba3: mov bx, 0x18f
0x12ba6: mov ah, 0xe
0x12ba8: xor al, 0xaa

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14932,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:42:11.840947698Z 75 PC: 12a49 | Execute program
2018-12-25T12:42:11.844265347Z 80 PC: 12b55 | Set current PSP
2018-12-25T12:42:11.846095775Z 53 PC: 12b6d | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:42:11.847863319Z 37 PC: 12b7f | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:42:11.849644214Z 42 PC: 12b83 | Get date 0x12b83: cmp cx, 0x7c8
0x12b87: je 0x12b97
0x12b89: mov si, 0x130
0x12b8c: mov di, 0x100
0x12b8f: pop es
0x12b90: push es
0x12b91: push di
0x12b92: movsw word ptr es:[di], word ptr [si]
0x12b93: movsw word ptr es:[di], word ptr [si]
0x12b94: push es
0x12b95: pop ds
0x12b96: retf
0x12b97: mov ax, 1
0x12b9a: int 0x10
0x12b9c: mov si, 0x279
0x12b9f: mov cx, 0x12
0x12ba2: lodsb al, byte ptr [si]
0x12ba3: mov bx, 0x18f
0x12ba6: mov ah, 0xe
0x12ba8: xor al, 0xaa

{"DateBased":true,"Day":1,"Month":1,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14932,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:42:12.425348933Z 75 PC: 12a49 | Execute program
2018-12-25T12:42:12.428017266Z 80 PC: 12b55 | Set current PSP
2018-12-25T12:42:12.430058987Z 53 PC: 12b6d | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:42:12.431421053Z 37 PC: 12b7f | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:42:12.432765626Z 42 PC: 12b83 | Get date 0x12b83: cmp cx, 0x7c8
0x12b87: je 0x12b97
0x12b89: mov si, 0x130
0x12b8c: mov di, 0x100
0x12b8f: pop es
0x12b90: push es
0x12b91: push di
0x12b92: movsw word ptr es:[di], word ptr [si]
0x12b93: movsw word ptr es:[di], word ptr [si]
0x12b94: push es
0x12b95: pop ds
0x12b96: retf
0x12b97: mov ax, 1
0x12b9a: int 0x10
0x12b9c: mov si, 0x279
0x12b9f: mov cx, 0x12
0x12ba2: lodsb al, byte ptr [si]
0x12ba3: mov bx, 0x18f
0x12ba6: mov ah, 0xe
0x12ba8: xor al, 0xaa