Sample viewer

vx.netlux.org/Virus.DOS.MultiLevel.3072

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:09:47.80877386Z 42 PC: 1301a | Get date 0x1301a: inc al
0x1301c: shl al, 1
0x1301e: cmp dl, al
0x13020: jne 0x13055
0x13022: mov ah, 0x13
0x13024: int 0x2f
0x13026: push ds
0x13027: push dx
0x13028: mov ah, 0x13
0x1302a: int 0x2f
0x1302c: pop dx
0x1302d: pop ds
0x1302e: mov ax, 0x2513
0x13031: int 0x21
0x13033: mov cx, 1
0x13036: mov dx, 0x580
0x13039: mov ax, 0x308
0x1303c: int 0x13
0x1303e: jb 0x1304d
0x13040: dec dh

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2212,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:45:08.366006112Z 42 PC: 1301a | Get date 0x1301a: inc al
0x1301c: shl al, 1
0x1301e: cmp dl, al
0x13020: jne 0x13055
0x13022: mov ah, 0x13
0x13024: int 0x2f
0x13026: push ds
0x13027: push dx
0x13028: mov ah, 0x13
0x1302a: int 0x2f
0x1302c: pop dx
0x1302d: pop ds
0x1302e: mov ax, 0x2513
0x13031: int 0x21
0x13033: mov cx, 1
0x13036: mov dx, 0x580
0x13039: mov ax, 0x308
0x1303c: int 0x13
0x1303e: jb 0x1304d
0x13040: dec dh

{"DateBased":true,"Day":10,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2212,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:45:08.443101335Z 42 PC: 1301a | Get date 0x1301a: inc al
0x1301c: shl al, 1
0x1301e: cmp dl, al
0x13020: jne 0x13055
0x13022: mov ah, 0x13
0x13024: int 0x2f
0x13026: push ds
0x13027: push dx
0x13028: mov ah, 0x13
0x1302a: int 0x2f
0x1302c: pop dx
0x1302d: pop ds
0x1302e: mov ax, 0x2513
0x13031: int 0x21
0x13033: mov cx, 1
0x13036: mov dx, 0x580
0x13039: mov ax, 0x308
0x1303c: int 0x13
0x1303e: jb 0x1304d
0x13040: dec dh
2018-12-25T11:45:08.446523657Z 37 PC: 13033 | Set interrupt vector (Interrupt = '19' AKA 'Delete file')