Sample viewer

vx.netlux.org/Virus.DOS.Hymn.1865.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:06:25.729669241Z 197 PC: 12abe | UNKNOWN!
2018-12-17T23:06:25.730791535Z 73 PC: 12acc | Release memory
2018-12-17T23:06:25.731945255Z 72 PC: 12ad3 | Allocate memory
2018-12-17T23:06:25.733584172Z 74 PC: 12ae5 | Reallocate memory
2018-12-17T23:06:25.735369452Z 74 PC: 12af5 | Reallocate memory
2018-12-17T23:06:25.738208085Z 98 PC: 12b3d | Get current PSP
2018-12-17T23:06:25.739489088Z 42 PC: 12b77 | Get date 0x12b77: cmp dl, dh
0x12b79: je 0x12b8f
0x12b7b: jmp 0x12c0b
0x12b7e: imul sp, word ptr [bp + si + 0x6d], 0x4040
0x12b83: push bx
0x12b84: dec si
0x12b85: push bx
0x12b86: and byte ptr [bx + si], ah
0x12b88: and byte ptr [bx + si], ah
0x12b8a: and byte ptr [bx + si], ah
0x12b8c: and byte ptr [bx + si], ah
0x12b8e: and byte ptr [0x5e1f], cl
0x12b92: push si
0x12b93: mov byte ptr cs:[si + 0x168], 0xcd
0x12b99: mov al, 2
0x12b9b: mov cx, 1
0x12b9e: xor dx, dx
0x12ba0: mov byte ptr cs:[si + 0x169], 0x25
0x12ba6: mov bx, si
0x12ba8: add bx, 0x326
2018-12-17T23:06:25.742471925Z 76 PC: 12a45 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15521,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:43:41.841991173Z 197 PC: 12abe | UNKNOWN!
2018-12-25T12:43:41.843400644Z 73 PC: 12acc | Release memory
2018-12-25T12:43:41.846362203Z 72 PC: 12ad3 | Allocate memory
2018-12-25T12:43:41.848458694Z 74 PC: 12ae5 | Reallocate memory
2018-12-25T12:43:41.849996593Z 74 PC: 12af5 | Reallocate memory
2018-12-25T12:43:41.851568689Z 98 PC: 12b3d | Get current PSP
2018-12-25T12:43:41.852498766Z 42 PC: 12b77 | Get date 0x12b77: cmp dl, dh
0x12b79: je 0x12b8f
0x12b7b: jmp 0x12c0b
0x12b7e: imul sp, word ptr [bp + si + 0x6d], 0x4040
0x12b83: push bx
0x12b84: dec si
0x12b85: push bx
0x12b86: and byte ptr [bx + si], ah
0x12b88: and byte ptr [bx + si], ah
0x12b8a: and byte ptr [bx + si], ah
0x12b8c: and byte ptr [bx + si], ah
0x12b8e: and byte ptr [0x5e1f], cl
0x12b92: push si
0x12b93: mov byte ptr cs:[si + 0x168], 0xcd
0x12b99: mov al, 2
0x12b9b: mov cx, 1
0x12b9e: xor dx, dx
0x12ba0: mov byte ptr cs:[si + 0x169], 0x25
0x12ba6: mov bx, si
0x12ba8: add bx, 0x326
2018-12-25T12:43:41.855547627Z 76 PC: 12a45 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15521,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:43:42.206816621Z 197 PC: 12abe | UNKNOWN!
2018-12-25T12:43:42.209252427Z 73 PC: 12acc | Release memory
2018-12-25T12:43:42.210815111Z 72 PC: 12ad3 | Allocate memory
2018-12-25T12:43:42.212702759Z 74 PC: 12ae5 | Reallocate memory
2018-12-25T12:43:42.214792033Z 74 PC: 12af5 | Reallocate memory
2018-12-25T12:43:42.216418899Z 98 PC: 12b3d | Get current PSP
2018-12-25T12:43:42.218040114Z 42 PC: 12b77 | Get date 0x12b77: cmp dl, dh
0x12b79: je 0x12b8f
0x12b7b: jmp 0x12c0b
0x12b7e: imul sp, word ptr [bp + si + 0x6d], 0x4040
0x12b83: push bx
0x12b84: dec si
0x12b85: push bx
0x12b86: and byte ptr [bx + si], ah
0x12b88: and byte ptr [bx + si], ah
0x12b8a: and byte ptr [bx + si], ah
0x12b8c: and byte ptr [bx + si], ah
0x12b8e: and byte ptr [0x5e1f], cl
0x12b92: push si
0x12b93: mov byte ptr cs:[si + 0x168], 0xcd
0x12b99: mov al, 2
0x12b9b: mov cx, 1
0x12b9e: xor dx, dx
0x12ba0: mov byte ptr cs:[si + 0x169], 0x25
0x12ba6: mov bx, si
0x12ba8: add bx, 0x326
2018-12-25T12:43:42.221386678Z 76 PC: 12a45 | Terminate with return code (Return code = '0')