Sample viewer

vx.netlux.org/Virus.DOS.HongKang.1904

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:05:04.313812105Z 255 PC: 15207 | UNKNOWN!
2018-12-17T23:05:04.314974499Z 42 PC: 15228 | Get date 0x15228: cmp cx, 0x7cc
0x1522c: jle 0x1524e
0x1522e: cmp dx, 0x407
0x15232: jne 0x1524e
0x15234: mov dx, 0x296
0x15237: mov ah, 9
0x15239: push cs
0x1523a: pop ds
0x1523b: mov di, dx
0x1523d: mov cx, 0x29
0x15240: not byte ptr [di]
0x15242: inc di
0x15243: dec cx
0x15244: jne 0x15240
0x15246: int 0x21
0x15248: mov byte ptr cs:[0x2cc], 1
0x1524e: mov ah, 0x62
0x15250: int 0x21
0x15252: mov ds, bx
0x15254: mov di, 0x16
2018-12-17T23:05:04.316885044Z 98 PC: 15252 | Get current PSP
2018-12-17T23:05:04.317860057Z 53 PC: 15293 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:05:04.319071547Z 37 PC: 152c2 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:05:04.321507367Z 9 PC: 12a4c | Display string (String= 'This program exists to become infected - COM version. ')
2018-12-17T23:05:04.326017023Z 76 PC: 12a51 | Terminate with return code (Return code = '1')