Sample viewer

vx.netlux.org/Virus.DOS.Level3.4868

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:53:09.285636333Z 42 PC: 13988 | Get date 0x13988: cmp dl, 7
0x1398b: jne 0x139a1
0x1398d: mov ah, 9
0x1398f: mov dx, 0xff5
0x13992: int 0x21
0x13994: mov dx, 0x3cc
0x13997: in al, dx
0x13998: and al, 0xfd
0x1399a: mov dl, 0xc2
0x1399c: out dx, al
0x1399d: mov ah, 0x4c
0x1399f: int 0x21
0x139a1: call 0x23903
0x139a4: mov ah, 0x62
0x139a6: int 0x21
0x139a8: push bx
0x139a9: xor ax, ax
0x139ab: mov ds, ax
0x139ad: mov ds, word ptr [0x4fe]
0x139b1: cmp word ptr [0xe7f], 0x4f43
2018-12-17T21:53:09.289223918Z 82 PC: 13920 | Get DOS internal pointers (SYSVARS)
2018-12-17T21:53:09.290748314Z 98 PC: 139a8 | Get current PSP
2018-12-17T21:53:09.292870895Z 82 PC: 9f610 | Get DOS internal pointers (SYSVARS)
2018-12-17T21:53:09.295199037Z 76 PC: 12ac5 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":330,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:45.801294889Z 42 PC: 13988 | Get date 0x13988: cmp dl, 7
0x1398b: jne 0x139a1
0x1398d: mov ah, 9
0x1398f: mov dx, 0xff5
0x13992: int 0x21
0x13994: mov dx, 0x3cc
0x13997: in al, dx
0x13998: and al, 0xfd
0x1399a: mov dl, 0xc2
0x1399c: out dx, al
0x1399d: mov ah, 0x4c
0x1399f: int 0x21
0x139a1: call 0x23903
0x139a4: mov ah, 0x62
0x139a6: int 0x21
0x139a8: push bx
0x139a9: xor ax, ax
0x139ab: mov ds, ax
0x139ad: mov ds, word ptr [0x4fe]
0x139b1: cmp word ptr [0xe7f], 0x4f43
2018-12-25T11:40:45.804185632Z 82 PC: 13920 | Get DOS internal pointers (SYSVARS)
2018-12-25T11:40:45.806092756Z 98 PC: 139a8 | Get current PSP
2018-12-25T11:40:45.808409276Z 82 PC: 9f610 | Get DOS internal pointers (SYSVARS)
2018-12-25T11:40:45.810087173Z 76 PC: 12ac5 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":330,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:40:46.011632839Z 42 PC: 13988 | Get date 0x13988: cmp dl, 7
0x1398b: jne 0x139a1
0x1398d: mov ah, 9
0x1398f: mov dx, 0xff5
0x13992: int 0x21
0x13994: mov dx, 0x3cc
0x13997: in al, dx
0x13998: and al, 0xfd
0x1399a: mov dl, 0xc2
0x1399c: out dx, al
0x1399d: mov ah, 0x4c
0x1399f: int 0x21
0x139a1: call 0x23903
0x139a4: mov ah, 0x62
0x139a6: int 0x21
0x139a8: push bx
0x139a9: xor ax, ax
0x139ab: mov ds, ax
0x139ad: mov ds, word ptr [0x4fe]
0x139b1: cmp word ptr [0xe7f], 0x4f43
2018-12-25T11:40:46.019571122Z 9 PC: 13994 | Display string (String= '�^Y��u&�&����u�ZX�COMMAND������P��P���+I��������� �u�*�!��u� ���!���')
2018-12-25T11:40:46.029646175Z 76 PC: 139a1 | Terminate with return code (Return code = '101')