Sample viewer

vx.netlux.org/Virus.DOS.IVP.363.a

Time	Syscall Op	Syscall Name
2018-12-17T23:04:44.179936153Z	53	PC: 12aec \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:44.182249254Z	37	PC: 12afd \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:04:44.184094374Z	71	PC: 12b08 \| Get current directory
2018-12-17T23:04:44.187190617Z	78	PC: 12b3c \| Find first file
2018-12-17T23:04:44.191521361Z	59	PC: 12b15 \| Change current directory
2018-12-17T23:04:44.194307712Z	42	PC: 12b8e \| Get date 0x12b8e: cmp cx, 0x7ca 0x12b92: jb 0x12bd6 0x12b94: mov ah, 9 0x12b96: mov dx, 0x222 0x12b99: int 0x21 0x12b9b: mov cx, 6 0x12b9e: push cx 0x12b9f: cli 0x12ba0: mov dx, 0x2ee0 0x12ba3: sub dx, word ptr cs:[0x1388] 0x12ba8: mov bx, 0x64 0x12bab: add byte ptr [bx + si], al 0x12bad: add byte ptr [bx + si], al 0x12baf: add byte ptr [bx + si], al 0x12bb1: add byte ptr [bx + si], al 0x12bb3: add byte ptr [bx + si], al 0x12bb5: add byte ptr [bx + si], al 0x12bb7: add byte ptr [bx + si], al 0x12bb9: add byte ptr [bx + si], al 0x12bbb: add byte ptr [bx + si], al
2018-12-17T23:04:44.196637102Z	9	PC: 12b9b \| Display string (Could not find end pointer)
2018-12-17T23:04:44.287550875Z	31	PC: 137e7 \| Get disk parameter block for default drive
2018-12-17T23:04:44.292550958Z	76	PC: 137ec \| Terminate with return code (Return code = '0')

Time	Syscall Op	Syscall Name
2018-12-25T12:42:15.074082271Z	53	PC: 12aec \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:15.075879213Z	37	PC: 12afd \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:15.077639734Z	71	PC: 12b08 \| Get current directory
2018-12-25T12:42:15.080812749Z	78	PC: 12b3c \| Find first file
2018-12-25T12:42:15.085229744Z	59	PC: 12b15 \| Change current directory
2018-12-25T12:42:15.087249278Z	42	PC: 12b8e \| Get date 0x12b8e: cmp cx, 0x7ca 0x12b92: jb 0x12bd6 0x12b94: mov ah, 9 0x12b96: mov dx, 0x222 0x12b99: int 0x21 0x12b9b: mov cx, 6 0x12b9e: push cx 0x12b9f: cli 0x12ba0: mov dx, 0x2ee0 0x12ba3: sub dx, word ptr cs:[0x1388] 0x12ba8: mov bx, 0x64 0x12bab: add byte ptr [bx + si], al 0x12bad: add byte ptr [bx + si], al 0x12baf: add byte ptr [bx + si], al 0x12bb1: add byte ptr [bx + si], al 0x12bb3: add byte ptr [bx + si], al 0x12bb5: add byte ptr [bx + si], al 0x12bb7: add byte ptr [bx + si], al 0x12bb9: add byte ptr [bx + si], al 0x12bbb: add byte ptr [bx + si], al
2018-12-25T12:42:15.098485697Z	9	PC: 137e7 \| Display string (String= 'LES ????????COM � �i%� CO-3500.COMy. ��ͼ ͫͫͫͫͫͫ��BA.�p�')
2018-12-25T12:42:15.103319283Z	76	PC: 137ec \| Terminate with return code (Return code = '0')

Time	Syscall Op	Syscall Name
2018-12-25T12:42:15.517513449Z	53	PC: 12aec \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:15.519848853Z	37	PC: 12afd \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:42:15.521245232Z	71	PC: 12b08 \| Get current directory
2018-12-25T12:42:15.524246432Z	78	PC: 12b3c \| Find first file
2018-12-25T12:42:15.52814972Z	59	PC: 12b15 \| Change current directory
2018-12-25T12:42:15.529857175Z	42	PC: 12b8e \| Get date 0x12b8e: cmp cx, 0x7ca 0x12b92: jb 0x12bd6 0x12b94: mov ah, 9 0x12b96: mov dx, 0x222 0x12b99: int 0x21 0x12b9b: mov cx, 6 0x12b9e: push cx 0x12b9f: cli 0x12ba0: mov dx, 0x2ee0 0x12ba3: sub dx, word ptr cs:[0x1388] 0x12ba8: mov bx, 0x64 0x12bab: add byte ptr [bx + si], al 0x12bad: add byte ptr [bx + si], al 0x12baf: add byte ptr [bx + si], al 0x12bb1: add byte ptr [bx + si], al 0x12bb3: add byte ptr [bx + si], al 0x12bb5: add byte ptr [bx + si], al 0x12bb7: add byte ptr [bx + si], al 0x12bb9: add byte ptr [bx + si], al 0x12bbb: add byte ptr [bx + si], al
2018-12-25T12:42:15.531781227Z	9	PC: 12b9b \| Display string (Could not find end pointer)
2018-12-25T12:42:15.635934997Z	31	PC: 137e7 \| Get disk parameter block for default drive
2018-12-25T12:42:15.64061964Z	76	PC: 137ec \| Terminate with return code (Return code = '0')