Sample viewer

vx.netlux.org/Virus.DOS.DMR.1200

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:22:40.656306968Z 173 PC: 12ac6 | UNKNOWN!
2018-12-17T22:22:40.657898815Z 42 PC: 12ad8 | Get date 0x12ad8: cmp dl, 0xd
0x12adb: jne 0x12ae0
0x12add: call 0x12ead
0x12ae0: pop cx
0x12ae1: pop dx
0x12ae2: pop ax
0x12ae3: push es
0x12ae4: pop ds
0x12ae5: mov ah, 0x34
0x12ae7: int 0x21
0x12ae9: mov word ptr [0x104], bx
0x12aed: mov word ptr [0x106], es
0x12af1: mov ax, 0x3521
0x12af4: int 0x21
0x12af6: mov word ptr [0x1d9], bx
0x12afa: mov word ptr [0x1db], es
0x12afe: mov ah, 0x25
0x12b00: mov al, 0x21
0x12b02: mov dx, 0x1bc
0x12b05: int 0x21
2018-12-17T22:22:40.660989772Z 52 PC: 12ae9 | Get InDOS flag pointer
2018-12-17T22:22:40.662255659Z 53 PC: 12af6 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:40.663558571Z 37 PC: 12b07 | Set interrupt vector (Interrupt = '33' AKA 'Random read')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3971,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:50:33.913755929Z 173 PC: 12ac6 | UNKNOWN!
2018-12-25T11:50:33.915817714Z 42 PC: 12ad8 | Get date 0x12ad8: cmp dl, 0xd
0x12adb: jne 0x12ae0
0x12add: call 0x12ead
0x12ae0: pop cx
0x12ae1: pop dx
0x12ae2: pop ax
0x12ae3: push es
0x12ae4: pop ds
0x12ae5: mov ah, 0x34
0x12ae7: int 0x21
0x12ae9: mov word ptr [0x104], bx
0x12aed: mov word ptr [0x106], es
0x12af1: mov ax, 0x3521
0x12af4: int 0x21
0x12af6: mov word ptr [0x1d9], bx
0x12afa: mov word ptr [0x1db], es
0x12afe: mov ah, 0x25
0x12b00: mov al, 0x21
0x12b02: mov dx, 0x1bc
0x12b05: int 0x21
2018-12-25T11:50:33.917895378Z 52 PC: 12ae9 | Get InDOS flag pointer
2018-12-25T11:50:33.918983619Z 53 PC: 12af6 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:50:33.920870781Z 37 PC: 12b07 | Set interrupt vector (Interrupt = '33' AKA 'Random read')

{"DateBased":true,"Day":13,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3971,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:50:34.027166447Z 173 PC: 12ac6 | UNKNOWN!
2018-12-25T11:50:34.02842334Z 42 PC: 12ad8 | Get date 0x12ad8: cmp dl, 0xd
0x12adb: jne 0x12ae0
0x12add: call 0x12ead
0x12ae0: pop cx
0x12ae1: pop dx
0x12ae2: pop ax
0x12ae3: push es
0x12ae4: pop ds
0x12ae5: mov ah, 0x34
0x12ae7: int 0x21
0x12ae9: mov word ptr [0x104], bx
0x12aed: mov word ptr [0x106], es
0x12af1: mov ax, 0x3521
0x12af4: int 0x21
0x12af6: mov word ptr [0x1d9], bx
0x12afa: mov word ptr [0x1db], es
0x12afe: mov ah, 0x25
0x12b00: mov al, 0x21
0x12b02: mov dx, 0x1bc
0x12b05: int 0x21
2018-12-25T11:50:34.030395458Z 9 PC: 12eb4 | Display string (String= 'DMR, Pantera & Ale Forever ! ')
2018-12-25T11:50:34.034073354Z 9 PC: 12eb9 | Display string (String= 'D M R F o r e v e r ! ')
2018-12-25T11:50:34.039498003Z 9 PC: 12ebe | Display string (String= 'Dis iz ChaosTraveller ver. 2.0 ')
2018-12-25T11:50:34.043219312Z 9 PC: 12ec3 | Display string (String= 'Nightmare, yeah ? Try to be clean ! ')
2018-12-25T11:50:34.048227776Z 9 PC: 12ec8 | Display string (String= 'Suck off, fucksider ! Today`s 13th ! ')