Sample viewer

vx.netlux.org/Virus.DOS.Companion.600

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:08:08.161913167Z	42	PC: 12a44 \| Get date 0x12a44: cmp cx, 0x7cc 0x12a48: jne 0x12a85 0x12a4a: mov cx, 0 0x12a4d: mov word ptr [0x280], cx 0x12a51: mov ah, 3 0x12a53: mov al, 8 0x12a55: mov dl, 0 0x12a57: mov dh, 0 0x12a59: mov cl, 1 0x12a5b: mov ch, byte ptr [0x280] 0x12a5f: xor bx, bx 0x12a61: int 0x13 0x12a63: mov ah, 3 0x12a65: mov al, 8 0x12a67: mov dl, 0 0x12a69: mov dh, 1 0x12a6b: mov cl, 1 0x12a6d: mov ch, byte ptr [0x280] 0x12a71: xor bx, bx 0x12a73: int 0x13
2018-12-17T23:08:08.165278513Z	59	PC: 12a94 \| Change current directory
2018-12-17T23:08:08.170303779Z	78	PC: 12aa8 \| Find first file
2018-12-17T23:08:08.176881012Z	78	PC: 12aa8 \| Find first file
2018-12-17T23:08:08.18318973Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.187363004Z	78	PC: 12aa8 \| Find first file
2018-12-17T23:08:08.19377682Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.196898297Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.20114502Z	78	PC: 12aa8 \| Find first file
2018-12-17T23:08:08.20846578Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.211610241Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.215150104Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.219274797Z	78	PC: 12aa8 \| Find first file
2018-12-17T23:08:08.225847372Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.229192218Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.232551433Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.235734115Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.238877904Z	78	PC: 12aa8 \| Find first file
2018-12-17T23:08:08.24609493Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.248828418Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.251591762Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.258218408Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.26095424Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.263751698Z	78	PC: 12aa8 \| Find first file
2018-12-17T23:08:08.276653419Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.279874744Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.283168685Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.286898987Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.302912016Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.30642541Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.310442531Z	78	PC: 12aa8 \| Find first file
2018-12-17T23:08:08.31871481Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.322058234Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.325357555Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.329510802Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.332735534Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.335846641Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.339723599Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.342620263Z	78	PC: 12aa8 \| Find first file
2018-12-17T23:08:08.349111995Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.353200981Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.356588058Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.359711389Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.363689135Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.366863963Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.369919877Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.373751128Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.377184302Z	78	PC: 12aa8 \| Find first file
2018-12-17T23:08:08.383830604Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.387750212Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.391726606Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.394432683Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.397284312Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.400760487Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.403438671Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.4062152Z	79	PC: 12ab7 \| Find next file
2018-12-17T23:08:08.41010981Z	79	PC: 12ab7 \| Find next file

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16103,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T13:07:30.281857405Z	42	PC: 12a44 \| Get date 0x12a44: cmp cx, 0x7cc 0x12a48: jne 0x12a85 0x12a4a: mov cx, 0 0x12a4d: mov word ptr [0x280], cx 0x12a51: mov ah, 3 0x12a53: mov al, 8 0x12a55: mov dl, 0 0x12a57: mov dh, 0 0x12a59: mov cl, 1 0x12a5b: mov ch, byte ptr [0x280] 0x12a5f: xor bx, bx 0x12a61: int 0x13 0x12a63: mov ah, 3 0x12a65: mov al, 8 0x12a67: mov dl, 0 0x12a69: mov dh, 1 0x12a6b: mov cl, 1 0x12a6d: mov ch, byte ptr [0x280] 0x12a71: xor bx, bx 0x12a73: int 0x13
2018-12-25T13:07:30.283918356Z	59	PC: 12a94 \| Change current directory
2018-12-25T13:07:30.286080856Z	78	PC: 12aa8 \| Find first file
2018-12-25T13:07:30.289780687Z	78	PC: 12aa8 \| Find first file (See above)
2018-12-25T13:07:30.293679937Z	79	PC: 12ab7 \| Find next file
2018-12-25T13:07:30.296110359Z	78	PC: 12aa8 \| Find first file (See above)
2018-12-25T13:07:30.301796414Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.304700032Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.306785589Z	78	PC: 12aa8 \| Find first file (See above)
2018-12-25T13:07:30.310445291Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.312479376Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.314450982Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.316901937Z	78	PC: 12aa8 \| Find first file (See above)
2018-12-25T13:07:30.327838517Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.330368982Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.332724192Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.335931714Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.338517761Z	78	PC: 12aa8 \| Find first file (See above)
2018-12-25T13:07:30.344103013Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.34648324Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.34894551Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.351288176Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.353712732Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.356727236Z	78	PC: 12aa8 \| Find first file (See above)
2018-12-25T13:07:30.362386123Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.364783524Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.368353762Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.370822305Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.373139638Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.37633098Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.37876215Z	78	PC: 12aa8 \| Find first file (See above)
2018-12-25T13:07:30.384498256Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.387416541Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.389799204Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.392802226Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.395606695Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.397910061Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.400944879Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.403644788Z	78	PC: 12aa8 \| Find first file (See above)
2018-12-25T13:07:30.40926922Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.411621034Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.415191844Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.417589104Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.419938196Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.422803604Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.425069624Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.427788692Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.430826521Z	78	PC: 12aa8 \| Find first file (See above)
2018-12-25T13:07:30.434836328Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.436857421Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.438987192Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.440622796Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.442374321Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.444776901Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.446607845Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.448226377Z	79	PC: 12ab7 \| Find next file (See above)
2018-12-25T13:07:30.450371172Z	79	PC: 12ab7 \| Find next file (See above)

{"DateBased":true,"Day":1,"Month":1,"Year":1996,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16103,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:45:23.63566745Z	42	PC: 12a44 \| Get date 0x12a44: cmp cx, 0x7cc 0x12a48: jne 0x12a85 0x12a4a: mov cx, 0 0x12a4d: mov word ptr [0x280], cx 0x12a51: mov ah, 3 0x12a53: mov al, 8 0x12a55: mov dl, 0 0x12a57: mov dh, 0 0x12a59: mov cl, 1 0x12a5b: mov ch, byte ptr [0x280] 0x12a5f: xor bx, bx 0x12a61: int 0x13 0x12a63: mov ah, 3 0x12a65: mov al, 8 0x12a67: mov dl, 0 0x12a69: mov dh, 1 0x12a6b: mov cl, 1 0x12a6d: mov ch, byte ptr [0x280] 0x12a71: xor bx, bx 0x12a73: int 0x13