Sample viewer

vx.netlux.org/Virus.DOS.Signs.720

Time	Syscall Op	Syscall Name
2018-12-17T22:17:57.904999733Z	82	PC: 12d2f \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:17:57.906446286Z	80	PC: 13086 \| Set current PSP
2018-12-17T22:17:57.916352057Z	26	PC: 1308f \| Set disk transfer address
2018-12-17T22:17:57.917682566Z	53	PC: 13096 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:17:57.919019017Z	37	PC: 130a6 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:17:57.921764571Z	42	PC: 130aa \| Get date 0x130aa: cmp al, 5 0x130ac: jne 0x130c3 0x130ae: mov ax, 0x3508 0x130b1: int 0x21 0x130b3: mov word ptr [0xd], bx 0x130b7: mov word ptr [0xf], es 0x130bb: mov ax, 0x2508 0x130be: mov dx, 0x34 0x130c1: int 0x21 0x130c3: push cs 0x130c4: pop ds 0x130c5: push cs 0x130c6: pop es 0x130c7: pop cx 0x130c8: pop ax 0x130c9: push cs 0x130ca: pop ss 0x130cb: add sp, 2 0x130ce: xor dx, dx 0x130d0: push bx
2018-12-17T22:17:57.924697957Z	76	PC: 12d1b \| Terminate with return code (Return code = '0')

Time	Syscall Op	Syscall Name
2018-12-25T11:48:13.261769987Z	82	PC: 12d2f \| Get DOS internal pointers (SYSVARS)
2018-12-25T11:48:13.263858677Z	80	PC: 13086 \| Set current PSP
2018-12-25T11:48:13.264994222Z	26	PC: 1308f \| Set disk transfer address
2018-12-25T11:48:13.26621232Z	53	PC: 13096 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:48:13.267760029Z	37	PC: 130a6 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:48:13.269872053Z	42	PC: 130aa \| Get date 0x130aa: cmp al, 5 0x130ac: jne 0x130c3 0x130ae: mov ax, 0x3508 0x130b1: int 0x21 0x130b3: mov word ptr [0xd], bx 0x130b7: mov word ptr [0xf], es 0x130bb: mov ax, 0x2508 0x130be: mov dx, 0x34 0x130c1: int 0x21 0x130c3: push cs 0x130c4: pop ds 0x130c5: push cs 0x130c6: pop es 0x130c7: pop cx 0x130c8: pop ax 0x130c9: push cs 0x130ca: pop ss 0x130cb: add sp, 2 0x130ce: xor dx, dx 0x130d0: push bx
2018-12-25T11:48:13.272894879Z	76	PC: 12d1b \| Terminate with return code (Return code = '0')

Time	Syscall Op	Syscall Name
2018-12-25T11:48:13.264824259Z	82	PC: 12d2f \| Get DOS internal pointers (SYSVARS)
2018-12-25T11:48:13.277602608Z	80	PC: 13086 \| Set current PSP
2018-12-25T11:48:13.2783917Z	26	PC: 1308f \| Set disk transfer address
2018-12-25T11:48:13.279387979Z	53	PC: 13096 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:48:13.281475357Z	37	PC: 130a6 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:48:13.282613011Z	42	PC: 130aa \| Get date 0x130aa: cmp al, 5 0x130ac: jne 0x130c3 0x130ae: mov ax, 0x3508 0x130b1: int 0x21 0x130b3: mov word ptr [0xd], bx 0x130b7: mov word ptr [0xf], es 0x130bb: mov ax, 0x2508 0x130be: mov dx, 0x34 0x130c1: int 0x21 0x130c3: push cs 0x130c4: pop ds 0x130c5: push cs 0x130c6: pop es 0x130c7: pop cx 0x130c8: pop ax 0x130c9: push cs 0x130ca: pop ss 0x130cb: add sp, 2 0x130ce: xor dx, dx 0x130d0: push bx
2018-12-25T11:48:13.284621026Z	53	PC: 130b3 \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T11:48:13.286325993Z	37	PC: 130c3 \| Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T11:48:13.287530486Z	76	PC: 12d1b \| Terminate with return code (Return code = '0')