Sample viewer

vx.netlux.org/Virus.DOS.Nucleii.1203.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:10:58.311148005Z	26	PC: 12a59 \| Set disk transfer address
2018-12-17T23:10:58.312975101Z	25	PC: 12a5d \| Get default drive
2018-12-17T23:10:58.314926883Z	71	PC: 12a68 \| Get current directory
2018-12-17T23:10:58.318472563Z	59	PC: 12a6f \| Change current directory
2018-12-17T23:10:58.323310723Z	78	PC: 12a79 \| Find first file
2018-12-17T23:10:58.331083553Z	87	PC: 12b5d \| Get or set file date and time
2018-12-17T23:10:58.33318722Z	67	PC: 12b69 \| Get or set file attributes
2018-12-17T23:10:58.335549734Z	59	PC: 12b70 \| Change current directory
2018-12-17T23:10:58.341962175Z	59	PC: 12b77 \| Change current directory
2018-12-17T23:10:58.343992745Z	42	PC: 12b7b \| Get date 0x12b7b: cmp cx, 0x7ce 0x12b7f: jb 0x12ba2 0x12b81: cmp dl, 0xf 0x12b84: jne 0x12ba5 0x12b86: cmp dl, 0x13 0x12b89: je 0x12be2 0x12b8b: cmp dl, 0x1d 0x12b8e: je 0x12bc0 0x12b90: mov dx, 0x35c 0x12b93: mov ah, 0x1a 0x12b95: int 0x21 0x12b97: mov ah, 0x4e 0x12b99: mov cx, 7 0x12b9c: mov dx, 0x316 0x12b9f: jmp 0x12ba8 0x12ba1: nop 0x12ba2: call 0x12c31 0x12ba5: call 0x12c31 0x12ba8: int 0x21 0x12baa: jb 0x12ba5
2018-12-17T23:10:58.346426242Z	76	PC: 12c36 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17028,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:54:39.733677971Z	26	PC: 12a59 \| Set disk transfer address
2018-12-25T12:54:39.735190812Z	25	PC: 12a5d \| Get default drive
2018-12-25T12:54:39.736875845Z	71	PC: 12a68 \| Get current directory
2018-12-25T12:54:39.739504341Z	59	PC: 12a6f \| Change current directory
2018-12-25T12:54:39.743580501Z	78	PC: 12a79 \| Find first file
2018-12-25T12:54:39.749024644Z	87	PC: 12b5d \| Get or set file date and time
2018-12-25T12:54:39.750426015Z	67	PC: 12b69 \| Get or set file attributes
2018-12-25T12:54:39.752540116Z	59	PC: 12b70 \| Change current directory
2018-12-25T12:54:39.756287482Z	59	PC: 12b77 \| Change current directory
2018-12-25T12:54:39.757771138Z	42	PC: 12b7b \| Get date 0x12b7b: cmp cx, 0x7ce 0x12b7f: jb 0x12ba2 0x12b81: cmp dl, 0xf 0x12b84: jne 0x12ba5 0x12b86: cmp dl, 0x13 0x12b89: je 0x12be2 0x12b8b: cmp dl, 0x1d 0x12b8e: je 0x12bc0 0x12b90: mov dx, 0x35c 0x12b93: mov ah, 0x1a 0x12b95: int 0x21 0x12b97: mov ah, 0x4e 0x12b99: mov cx, 7 0x12b9c: mov dx, 0x316 0x12b9f: jmp 0x12ba8 0x12ba1: nop 0x12ba2: call 0x12c31 0x12ba5: call 0x12c31 0x12ba8: int 0x21 0x12baa: jb 0x12ba5
2018-12-25T12:54:39.760032825Z	76	PC: 12c36 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1998,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17028,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:54:39.986124348Z	26	PC: 12a59 \| Set disk transfer address
2018-12-25T12:54:39.987484368Z	25	PC: 12a5d \| Get default drive
2018-12-25T12:54:39.98841902Z	71	PC: 12a68 \| Get current directory
2018-12-25T12:54:39.990986832Z	59	PC: 12a6f \| Change current directory
2018-12-25T12:54:39.994951512Z	78	PC: 12a79 \| Find first file
2018-12-25T12:54:40.000204014Z	87	PC: 12b5d \| Get or set file date and time
2018-12-25T12:54:40.00142158Z	67	PC: 12b69 \| Get or set file attributes
2018-12-25T12:54:40.003312286Z	59	PC: 12b70 \| Change current directory
2018-12-25T12:54:40.006832876Z	59	PC: 12b77 \| Change current directory
2018-12-25T12:54:40.008254156Z	42	PC: 12b7b \| Get date 0x12b7b: cmp cx, 0x7ce 0x12b7f: jb 0x12ba2 0x12b81: cmp dl, 0xf 0x12b84: jne 0x12ba5 0x12b86: cmp dl, 0x13 0x12b89: je 0x12be2 0x12b8b: cmp dl, 0x1d 0x12b8e: je 0x12bc0 0x12b90: mov dx, 0x35c 0x12b93: mov ah, 0x1a 0x12b95: int 0x21 0x12b97: mov ah, 0x4e 0x12b99: mov cx, 7 0x12b9c: mov dx, 0x316 0x12b9f: jmp 0x12ba8 0x12ba1: nop 0x12ba2: call 0x12c31 0x12ba5: call 0x12c31 0x12ba8: int 0x21 0x12baa: jb 0x12ba5
2018-12-25T12:54:40.010471301Z	76	PC: 12c36 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":15,"Month":1,"Year":1998,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17028,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:54:40.070986558Z	26	PC: 12a59 \| Set disk transfer address
2018-12-25T12:54:40.072361256Z	25	PC: 12a5d \| Get default drive
2018-12-25T12:54:40.073419903Z	71	PC: 12a68 \| Get current directory
2018-12-25T12:54:40.076075214Z	59	PC: 12a6f \| Change current directory
2018-12-25T12:54:40.080360588Z	78	PC: 12a79 \| Find first file
2018-12-25T12:54:40.086097708Z	87	PC: 12b5d \| Get or set file date and time
2018-12-25T12:54:40.087773635Z	67	PC: 12b69 \| Get or set file attributes
2018-12-25T12:54:40.090140705Z	59	PC: 12b70 \| Change current directory
2018-12-25T12:54:40.094577935Z	59	PC: 12b77 \| Change current directory
2018-12-25T12:54:40.096465112Z	42	PC: 12b7b \| Get date 0x12b7b: cmp cx, 0x7ce 0x12b7f: jb 0x12ba2 0x12b81: cmp dl, 0xf 0x12b84: jne 0x12ba5 0x12b86: cmp dl, 0x13 0x12b89: je 0x12be2 0x12b8b: cmp dl, 0x1d 0x12b8e: je 0x12bc0 0x12b90: mov dx, 0x35c 0x12b93: mov ah, 0x1a 0x12b95: int 0x21 0x12b97: mov ah, 0x4e 0x12b99: mov cx, 7 0x12b9c: mov dx, 0x316 0x12b9f: jmp 0x12ba8 0x12ba1: nop 0x12ba2: call 0x12c31 0x12ba5: call 0x12c31 0x12ba8: int 0x21 0x12baa: jb 0x12ba5
2018-12-25T12:54:40.098949786Z	26	PC: 12b97 \| Set disk transfer address
2018-12-25T12:54:40.100337469Z	78	PC: 12baa \| Find first file
2018-12-25T12:54:40.110956746Z	67	PC: 12bb3 \| Get or set file attributes
2018-12-25T12:54:40.119905169Z	60	PC: 12bba \| Create or truncate file
2018-12-25T12:54:40.140144509Z	79	PC: 12baa \| Find next file (See above)
2018-12-25T12:54:40.142590894Z	67	PC: 12bb3 \| Get or set file attributes (See above)
2018-12-25T12:54:40.151908917Z	60	PC: 12bba \| Create or truncate file (See above)
2018-12-25T12:54:40.163756731Z	79	PC: 12baa \| Find next file (See above)
2018-12-25T12:54:40.166401089Z	67	PC: 12bb3 \| Get or set file attributes (See above)
2018-12-25T12:54:40.175737577Z	60	PC: 12bba \| Create or truncate file (See above)
2018-12-25T12:54:40.187354161Z	79	PC: 12baa \| Find next file (See above)
2018-12-25T12:54:40.190532954Z	67	PC: 12bb3 \| Get or set file attributes (See above)
2018-12-25T12:54:40.19984773Z	60	PC: 12bba \| Create or truncate file (See above)
2018-12-25T12:54:40.211535621Z	79	PC: 12baa \| Find next file (See above)
2018-12-25T12:54:40.214009413Z	67	PC: 12bb3 \| Get or set file attributes (See above)
2018-12-25T12:54:40.223389024Z	60	PC: 12bba \| Create or truncate file (See above)
2018-12-25T12:54:40.234222235Z	79	PC: 12baa \| Find next file (See above)
2018-12-25T12:54:40.237210527Z	67	PC: 12bb3 \| Get or set file attributes (See above)
2018-12-25T12:54:40.246999764Z	60	PC: 12bba \| Create or truncate file (See above)
2018-12-25T12:54:40.260177085Z	79	PC: 12baa \| Find next file (See above)
2018-12-25T12:54:40.26274212Z	67	PC: 12bb3 \| Get or set file attributes (See above)
2018-12-25T12:54:40.272220043Z	60	PC: 12bba \| Create or truncate file (See above)
2018-12-25T12:54:40.285100496Z	79	PC: 12baa \| Find next file (See above)
2018-12-25T12:54:40.287695187Z	67	PC: 12bb3 \| Get or set file attributes (See above)
2018-12-25T12:54:40.297228753Z	60	PC: 12bba \| Create or truncate file (See above)
2018-12-25T12:54:40.309638265Z	79	PC: 12baa \| Find next file (See above)
2018-12-25T12:54:40.312594268Z	67	PC: 12bb3 \| Get or set file attributes (See above)
2018-12-25T12:54:40.322711567Z	60	PC: 12bba \| Create or truncate file (See above)
2018-12-25T12:54:40.335226134Z	79	PC: 12baa \| Find next file (See above)
2018-12-25T12:54:40.33745686Z	76	PC: 12c36 \| Terminate with return code (Return code = '0')