Sample viewer

vx.netlux.org/Virus.DOS.LoadHigh.1375

Time	Syscall Op	Syscall Name
2018-12-17T23:09:28.276020416Z	255	PC: 12d61 \| UNKNOWN!
2018-12-17T23:09:28.277375127Z	42	PC: 12d94 \| Get date 0x12d94: cmp dx, 0x206 0x12d98: jne 0x12dcc 0x12d9a: call 0x22d1f 0x12d9d: mov ax, cs 0x12d9f: mov ds, ax 0x12da1: mov es, ax 0x12da3: mov ax, 0x201 0x12da6: mov cx, 1 0x12da9: mov dx, 0x80 0x12dac: mov bx, 0x65f 0x12daf: int 0x13 0x12db1: jb 0x12dcc 0x12db3: mov si, 0x85d 0x12db6: mov word ptr [si], 0x206 0x12dba: mov ax, 0x203 0x12dbd: mov cx, 1 0x12dc0: mov dx, 0x80 0x12dc3: mov bx, 0x65f 0x12dc6: int 0x13 0x12dc8: mov al, 7
2018-12-17T23:09:28.280098744Z	88	PC: 12dd1 \| case 0xGet or set allocation strateg:
2018-12-17T23:09:28.281681072Z	88	PC: 12ddc \| case 0xGet or set allocation strateg:
2018-12-17T23:09:28.283309205Z	88	PC: 12dea \| case 0xGet or set allocation strateg:
2018-12-17T23:09:28.286431367Z	74	PC: 12f2f \| Reallocate memory
2018-12-17T23:09:28.288376185Z	75	PC: 12f44 \| Execute program
2018-12-17T23:09:28.295936682Z	65	PC: 12f62 \| Delete file (Filename = '')
2018-12-17T23:09:28.315988826Z	9	PC: 12f6b \| Display string (String= 'Bad command or file name ')
2018-12-17T23:09:28.320992838Z	76	PC: 12f71 \| Terminate with return code (Return code = '1')

Time	Syscall Op	Syscall Name
2018-12-25T12:53:12.858393547Z	255	PC: 12d61 \| UNKNOWN!
2018-12-25T12:53:12.860010568Z	42	PC: 12d94 \| Get date 0x12d94: cmp dx, 0x206 0x12d98: jne 0x12dcc 0x12d9a: call 0x22d1f 0x12d9d: mov ax, cs 0x12d9f: mov ds, ax 0x12da1: mov es, ax 0x12da3: mov ax, 0x201 0x12da6: mov cx, 1 0x12da9: mov dx, 0x80 0x12dac: mov bx, 0x65f 0x12daf: int 0x13 0x12db1: jb 0x12dcc 0x12db3: mov si, 0x85d 0x12db6: mov word ptr [si], 0x206 0x12dba: mov ax, 0x203 0x12dbd: mov cx, 1 0x12dc0: mov dx, 0x80 0x12dc3: mov bx, 0x65f 0x12dc6: int 0x13 0x12dc8: mov al, 7
2018-12-25T12:53:12.861920248Z	88	PC: 12dd1 \| case 0xGet or set allocation strateg:
2018-12-25T12:53:12.862873167Z	88	PC: 12ddc \| case 0xGet or set allocation strateg:
2018-12-25T12:53:12.8641292Z	88	PC: 12dea \| case 0xGet or set allocation strateg:
2018-12-25T12:53:12.865464871Z	74	PC: 12f2f \| Reallocate memory
2018-12-25T12:53:12.866513241Z	75	PC: 12f44 \| Execute program
2018-12-25T12:53:12.872723657Z	65	PC: 12f62 \| Delete file (Filename = '')
2018-12-25T12:53:13.114624084Z	9	PC: 12f6b \| Display string (String= 'Bad command or file name ')
2018-12-25T12:53:13.118737137Z	76	PC: 12f71 \| Terminate with return code (Return code = '1')

Time	Syscall Op	Syscall Name
2018-12-25T12:53:15.970293104Z	255	PC: 12d61 \| UNKNOWN!
2018-12-25T12:53:15.971758772Z	42	PC: 12d94 \| Get date 0x12d94: cmp dx, 0x206 0x12d98: jne 0x12dcc 0x12d9a: call 0x22d1f 0x12d9d: mov ax, cs 0x12d9f: mov ds, ax 0x12da1: mov es, ax 0x12da3: mov ax, 0x201 0x12da6: mov cx, 1 0x12da9: mov dx, 0x80 0x12dac: mov bx, 0x65f 0x12daf: int 0x13 0x12db1: jb 0x12dcc 0x12db3: mov si, 0x85d 0x12db6: mov word ptr [si], 0x206 0x12dba: mov ax, 0x203 0x12dbd: mov cx, 1 0x12dc0: mov dx, 0x80 0x12dc3: mov bx, 0x65f 0x12dc6: int 0x13 0x12dc8: mov al, 7
2018-12-25T12:53:15.973961491Z	53	PC: 12d24 \| Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-25T12:53:15.975199433Z	37	PC: 12d3d \| Set interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-25T12:53:15.979321771Z	88	PC: 12dd1 \| case 0xGet or set allocation strateg:
2018-12-25T12:53:15.980381027Z	88	PC: 12ddc \| case 0xGet or set allocation strateg:
2018-12-25T12:53:15.981367853Z	88	PC: 12dea \| case 0xGet or set allocation strateg:
2018-12-25T12:53:15.982881089Z	74	PC: 12f2f \| Reallocate memory
2018-12-25T12:53:15.984750174Z	75	PC: 12f44 \| Execute program
2018-12-25T12:53:15.991449396Z	65	PC: 12f62 \| Delete file (Filename = '')
2018-12-25T12:53:16.007833795Z	9	PC: 12f6b \| Display string (String= 'Bad command or file name ')
2018-12-25T12:53:16.012398969Z	76	PC: 12f71 \| Terminate with return code (Return code = '1')