Sample viewer

vx.netlux.org/Virus.DOS.Perfume.765.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:06:36.272602967Z 11 PC: 9f8d9 | Get input status
2018-12-17T23:06:36.275822393Z 53 PC: 9f94e | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:06:36.276917051Z 37 PC: 9f962 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:06:36.278063683Z 25 PC: 9f9d9 | Get default drive
2018-12-17T23:06:36.281442203Z 67 PC: 9fa10 | Get or set file attributes
2018-12-17T23:06:36.287239519Z 67 PC: 9fa1a | Get or set file attributes
2018-12-17T23:06:36.292882641Z 61 PC: 9fa1f | Open file (Filename = '�')
2018-12-17T23:06:36.313354582Z 87 PC: 9fae0 | Get or set file date and time
2018-12-17T23:06:36.314863038Z 62 PC: 9fae5 | Close file
2018-12-17T23:06:36.316201186Z 67 PC: 9faed | Get or set file attributes
2018-12-17T23:06:36.322216645Z 11 PC: 9f97a | Get input status
2018-12-17T23:06:36.32459974Z 42 PC: 12de1 | Get date 0x12de1: mov ax, cx
0x12de3: sub ax, 0x76c
0x12de6: lea bx, word ptr [0x207]
0x12dea: lea di, word ptr [bx + 0xe]
0x12ded: call 0x13382
0x12df0: cmp byte ptr [di], 0x2f
0x12df3: je 0x12df9
0x12df5: mov byte ptr [di], 0x30
0x12df8: dec di
0x12df9: dec di
0x12dfa: xor ax, ax
0x12dfc: mov al, dl
0x12dfe: call 0x13382
0x12e01: cmp byte ptr [di], 0x2f
0x12e04: je 0x12e0a
0x12e06: mov byte ptr [di], 0x30
0x12e09: dec di
0x12e0a: dec di
0x12e0b: xor ax, ax
0x12e0d: mov al, dh
2018-12-17T23:06:36.32689267Z 44 PC: 12e21 | Get time 0x12e21: xor ax, ax
0x12e23: mov al, dh
0x12e25: lea bx, word ptr [0x23d]
0x12e29: lea di, word ptr [bx + 0xe]
0x12e2c: call 0x13382
0x12e2f: cmp byte ptr [di], 0x3a
0x12e32: je 0x12e38
0x12e34: mov byte ptr [di], 0x30
0x12e37: dec di
0x12e38: dec di
0x12e39: xor ax, ax
0x12e3b: mov al, cl
0x12e3d: call 0x13382
0x12e40: cmp byte ptr [di], 0x3a
0x12e43: je 0x12e49
0x12e45: mov byte ptr [di], 0x30
0x12e48: dec di
0x12e49: dec di
0x12e4a: xor ax, ax
0x12e4c: mov al, ch