Sample viewer

vx.netlux.org/Virus.DOS.SillyORC.Devil.600

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:05:52.61721684Z 42 PC: 12b75 | Get date 0x12b75: cmp dl, 0x1f
0x12b78: jne 0x12b93
0x12b7a: mov cx, 0x29
0x12b7d: mov di, 0x2a6
0x12b80: call 0x22b5d
0x12b83: mov dx, 0x2a6
0x12b86: mov ah, 9
0x12b88: int 0x21
0x12b8a: mov cx, 0x29
0x12b8d: mov di, 0x2a6
0x12b90: call 0x22b67
0x12b93: mov cx, 0xf
0x12b96: mov di, 0x2cf
0x12b99: call 0x22b5d
0x12b9c: mov ax, 0x4301
0x12b9f: mov cx, 1
0x12ba2: mov dx, 0x2cf
0x12ba5: int 0x21
0x12ba7: mov cx, 0xf
0x12baa: mov di, 0x2cf
2018-12-17T23:05:52.620363616Z 67 PC: 12ba7 | Get or set file attributes
2018-12-17T23:05:53.038667092Z 53 PC: 12bb5 | Get interrupt vector (Interrupt = '33' AKA 'Random read')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15343,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:43:13.885279022Z 42 PC: 12b75 | Get date 0x12b75: cmp dl, 0x1f
0x12b78: jne 0x12b93
0x12b7a: mov cx, 0x29
0x12b7d: mov di, 0x2a6
0x12b80: call 0x22b5d
0x12b83: mov dx, 0x2a6
0x12b86: mov ah, 9
0x12b88: int 0x21
0x12b8a: mov cx, 0x29
0x12b8d: mov di, 0x2a6
0x12b90: call 0x22b67
0x12b93: mov cx, 0xf
0x12b96: mov di, 0x2cf
0x12b99: call 0x22b5d
0x12b9c: mov ax, 0x4301
0x12b9f: mov cx, 1
0x12ba2: mov dx, 0x2cf
0x12ba5: int 0x21
0x12ba7: mov cx, 0xf
0x12baa: mov di, 0x2cf
2018-12-25T12:43:13.888061258Z 67 PC: 12ba7 | Get or set file attributes
2018-12-25T12:43:14.605141896Z 53 PC: 12bb5 | Get interrupt vector (Interrupt = '33' AKA 'Random read')

{"DateBased":true,"Day":31,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15343,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:43:13.983103239Z 42 PC: 12b75 | Get date 0x12b75: cmp dl, 0x1f
0x12b78: jne 0x12b93
0x12b7a: mov cx, 0x29
0x12b7d: mov di, 0x2a6
0x12b80: call 0x22b5d
0x12b83: mov dx, 0x2a6
0x12b86: mov ah, 9
0x12b88: int 0x21
0x12b8a: mov cx, 0x29
0x12b8d: mov di, 0x2a6
0x12b90: call 0x22b67
0x12b93: mov cx, 0xf
0x12b96: mov di, 0x2cf
0x12b99: call 0x22b5d
0x12b9c: mov ax, 0x4301
0x12b9f: mov cx, 1
0x12ba2: mov dx, 0x2cf
0x12ba5: int 0x21
0x12ba7: mov cx, 0xf
0x12baa: mov di, 0x2cf
2018-12-25T12:43:13.986137406Z 9 PC: 12b8a | Display string (String= 'VIRUS 1.0 - coded by DEVIL in A�ORES. ')
2018-12-25T12:43:13.992185979Z 67 PC: 12ba7 | Get or set file attributes
2018-12-25T12:43:14.591515671Z 53 PC: 12bb5 | Get interrupt vector (Interrupt = '33' AKA 'Random read')