Sample viewer

vx.netlux.org/Virus.DOS.DayOne.864

Time	Syscall Op	Syscall Name
2018-12-17T22:20:48.566713243Z	254	PC: 12f70 \| UNKNOWN!
2018-12-17T22:20:48.568127494Z	74	PC: 12ad0 \| Reallocate memory
2018-12-17T22:20:48.570516154Z	75	PC: 12ae8 \| Execute program
2018-12-17T22:20:48.587634468Z	42	PC: 13278 \| Get date 0x13278: cmp dl, 1 0x1327b: jne 0x13291 0x1327d: mov ax, 0x3f0 0x13280: mov cx, 2 0x13283: mov dx, cx 0x13285: int 0x13 0x13287: mov ax, 0x508 0x1328a: mov cx, 2 0x1328d: mov dx, cx 0x1328f: int 0x13 0x13291: mov ax, es 0x13293: add ax, 0x10 0x13296: add word ptr cs:[0x2ff], ax 0x1329b: add word ptr cs:[0x2f9], ax 0x132a0: xor ax, ax 0x132a2: mov ss, word ptr cs:[0x2f9] 0x132a7: mov sp, word ptr cs:[0x2fb] 0x132ac: push ax 0x132ad: ljmp ptr cs:[0x2fd] 0x132b2: mov ax, 0x4300
2018-12-17T22:20:48.589398119Z	9	PC: 12fcc \| Display string (Could not find end pointer)
2018-12-17T22:20:48.592471769Z	76	PC: 12fd1 \| Terminate with return code (Return code = '0')
2018-12-17T22:20:48.594887223Z	49	PC: 12b04 \| Terminate and stay resident (Return code = '0' \| Memory size = '70')

Time	Syscall Op	Syscall Name
2018-12-25T11:49:43.157880154Z	254	PC: 12f70 \| UNKNOWN!
2018-12-25T11:49:43.159122203Z	74	PC: 12ad0 \| Reallocate memory
2018-12-25T11:49:43.160964759Z	75	PC: 12ae8 \| Execute program
2018-12-25T11:49:43.1777522Z	42	PC: 13278 \| Get date 0x13278: cmp dl, 1 0x1327b: jne 0x13291 0x1327d: mov ax, 0x3f0 0x13280: mov cx, 2 0x13283: mov dx, cx 0x13285: int 0x13 0x13287: mov ax, 0x508 0x1328a: mov cx, 2 0x1328d: mov dx, cx 0x1328f: int 0x13 0x13291: mov ax, es 0x13293: add ax, 0x10 0x13296: add word ptr cs:[0x2ff], ax 0x1329b: add word ptr cs:[0x2f9], ax 0x132a0: xor ax, ax 0x132a2: mov ss, word ptr cs:[0x2f9] 0x132a7: mov sp, word ptr cs:[0x2fb] 0x132ac: push ax 0x132ad: ljmp ptr cs:[0x2fd] 0x132b2: mov ax, 0x4300
2018-12-25T11:49:43.180472867Z	9	PC: 12fcc \| Display string (Could not find end pointer)
2018-12-25T11:49:43.187538289Z	76	PC: 12fd1 \| Terminate with return code (Return code = '0')
2018-12-25T11:49:43.190819675Z	49	PC: 12b04 \| Terminate and stay resident (Return code = '0' \| Memory size = '70')

Time	Syscall Op	Syscall Name
2018-12-25T11:49:43.504737308Z	254	PC: 12f70 \| UNKNOWN!
2018-12-25T11:49:43.506717955Z	74	PC: 12ad0 \| Reallocate memory
2018-12-25T11:49:43.508205977Z	75	PC: 12ae8 \| Execute program
2018-12-25T11:49:43.522771708Z	42	PC: 13278 \| Get date 0x13278: cmp dl, 1 0x1327b: jne 0x13291 0x1327d: mov ax, 0x3f0 0x13280: mov cx, 2 0x13283: mov dx, cx 0x13285: int 0x13 0x13287: mov ax, 0x508 0x1328a: mov cx, 2 0x1328d: mov dx, cx 0x1328f: int 0x13 0x13291: mov ax, es 0x13293: add ax, 0x10 0x13296: add word ptr cs:[0x2ff], ax 0x1329b: add word ptr cs:[0x2f9], ax 0x132a0: xor ax, ax 0x132a2: mov ss, word ptr cs:[0x2f9] 0x132a7: mov sp, word ptr cs:[0x2fb] 0x132ac: push ax 0x132ad: ljmp ptr cs:[0x2fd] 0x132b2: mov ax, 0x4300
2018-12-25T11:49:43.525821411Z	9	PC: 12fcc \| Display string (Could not find end pointer)
2018-12-25T11:49:43.529692202Z	76	PC: 12fd1 \| Terminate with return code (Return code = '0')
2018-12-25T11:49:43.532709273Z	49	PC: 12b04 \| Terminate and stay resident (Return code = '0' \| Memory size = '70')