Sample viewer

vx.netlux.org/Virus.DOS.Silicon.980

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:05:39.839830958Z	42	PC: 12a6b \| Get date 0x12a6b: cmp dh, 0xc 0x12a6e: jne 0x12a9b 0x12a70: cmp dl, 5 0x12a73: jne 0x12a9b 0x12a75: mov ah, 9 0x12a77: lea dx, word ptr [bp + 0x42] 0x12a7b: int 0x21 0x12a7d: mov ax, 0x4c00 0x12a80: int 0x21 0x12a82: push bx 0x12a83: imul bp, word ptr [si + 0x69], 0x6f63 0x12a88: outsb dx, byte ptr [si] 0x12a89: and byte ptr [bx + di + 0x76], al 0x12a8c: outsb dx, byte ptr gs:[si] 0x12a8e: jb 0x12ab2 0x12a92: and word ptr [bx], ax 0x12a94: and word ptr [bx], ax 0x12a96: and word ptr [bx], ax 0x12a98: and word ptr [bx], ax 0x12a9a: and al, 0xb8
2018-12-17T23:05:39.842393206Z	75	PC: 12aa0 \| Execute program
2018-12-17T23:05:39.844967556Z	53	PC: 12aad \| Get interrupt vector (Interrupt = '103' AKA 'Set handle count')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15287,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:43:09.86361369Z	42	PC: 12a6b \| Get date 0x12a6b: cmp dh, 0xc 0x12a6e: jne 0x12a9b 0x12a70: cmp dl, 5 0x12a73: jne 0x12a9b 0x12a75: mov ah, 9 0x12a77: lea dx, word ptr [bp + 0x42] 0x12a7b: int 0x21 0x12a7d: mov ax, 0x4c00 0x12a80: int 0x21 0x12a82: push bx 0x12a83: imul bp, word ptr [si + 0x69], 0x6f63 0x12a88: outsb dx, byte ptr [si] 0x12a89: and byte ptr [bx + di + 0x76], al 0x12a8c: outsb dx, byte ptr gs:[si] 0x12a8e: jb 0x12ab2 0x12a92: and word ptr [bx], ax 0x12a94: and word ptr [bx], ax 0x12a96: and word ptr [bx], ax 0x12a98: and word ptr [bx], ax 0x12a9a: and al, 0xb8
2018-12-25T12:43:09.875131805Z	75	PC: 12aa0 \| Execute program
2018-12-25T12:43:09.876698772Z	53	PC: 12aad \| Get interrupt vector (Interrupt = '103' AKA 'Set handle count')

{"DateBased":true,"Day":1,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15287,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:43:10.335681231Z	42	PC: 12a6b \| Get date 0x12a6b: cmp dh, 0xc 0x12a6e: jne 0x12a9b 0x12a70: cmp dl, 5 0x12a73: jne 0x12a9b 0x12a75: mov ah, 9 0x12a77: lea dx, word ptr [bp + 0x42] 0x12a7b: int 0x21 0x12a7d: mov ax, 0x4c00 0x12a80: int 0x21 0x12a82: push bx 0x12a83: imul bp, word ptr [si + 0x69], 0x6f63 0x12a88: outsb dx, byte ptr [si] 0x12a89: and byte ptr [bx + di + 0x76], al 0x12a8c: outsb dx, byte ptr gs:[si] 0x12a8e: jb 0x12ab2 0x12a92: and word ptr [bx], ax 0x12a94: and word ptr [bx], ax 0x12a96: and word ptr [bx], ax 0x12a98: and word ptr [bx], ax 0x12a9a: and al, 0xb8
2018-12-25T12:43:10.338169612Z	75	PC: 12aa0 \| Execute program
2018-12-25T12:43:10.340216692Z	53	PC: 12aad \| Get interrupt vector (Interrupt = '103' AKA 'Set handle count')

{"DateBased":true,"Day":5,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15287,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:43:10.440316534Z	42	PC: 12a6b \| Get date 0x12a6b: cmp dh, 0xc 0x12a6e: jne 0x12a9b 0x12a70: cmp dl, 5 0x12a73: jne 0x12a9b 0x12a75: mov ah, 9 0x12a77: lea dx, word ptr [bp + 0x42] 0x12a7b: int 0x21 0x12a7d: mov ax, 0x4c00 0x12a80: int 0x21 0x12a82: push bx 0x12a83: imul bp, word ptr [si + 0x69], 0x6f63 0x12a88: outsb dx, byte ptr [si] 0x12a89: and byte ptr [bx + di + 0x76], al 0x12a8c: outsb dx, byte ptr gs:[si] 0x12a8e: jb 0x12ab2 0x12a92: and word ptr [bx], ax 0x12a94: and word ptr [bx], ax 0x12a96: and word ptr [bx], ax 0x12a98: and word ptr [bx], ax 0x12a9a: and al, 0xb8
2018-12-25T12:43:10.44530218Z	9	PC: 12a7d \| Display string (Could not find end pointer)
2018-12-25T12:43:10.447714828Z	76	PC: 12a82 \| Terminate with return code (Return code = '0')