Sample viewer

vx.netlux.org/Virus.DOS.ByXute.1056

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:25:02.680361217Z	246	PC: 12af4 \| UNKNOWN!
2018-12-17T22:25:02.682523604Z	42	PC: 9f463 \| Get date 0x9f463: cmp dl, 0x1f 0x9f466: jne 0x9f46e 0x9f468: mov byte ptr cs:[0xd], 1 0x9f46e: mov ax, 0x3521 0x9f471: int 0x21 0x9f473: mov word ptr cs:[0x32e], bx 0x9f478: mov word ptr cs:[0x330], es 0x9f47d: mov ax, 0x2521 0x9f480: mov dx, 0xca 0x9f483: int 0x21 0x9f485: pop bx 0x9f486: pop es 0x9f487: jmp 0x9f670 0x9f48a: pushf 0x9f48b: mov word ptr cs:[0x2ea], dx 0x9f490: mov word ptr cs:[0x2ee], ds 0x9f495: mov word ptr cs:[0x2f0], es 0x9f49a: mov word ptr cs:[0x2ec], ax 0x9f49e: cmp ax, 0xf666 0x9f4a1: jne 0x9f4a8
2018-12-17T22:25:02.684692372Z	53	PC: 9f473 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:25:02.685763234Z	37	PC: 9f485 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:25:02.691190124Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:25:02.692372794Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:25:02.694099363Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:25:02.696326023Z	2	PC: 1268d \| Character output (Char = '0d')
2018-12-17T22:25:02.698235664Z	2	PC: 1268d \| Character output (Char = '0a')
2018-12-17T22:25:02.702686752Z	2	PC: 1268d \| Character output (Char = '4d')
2018-12-17T22:25:02.706054999Z	2	PC: 1268d \| Character output (Char = '65')
2018-12-17T22:25:02.708506898Z	2	PC: 1268d \| Character output (Char = '6d')
2018-12-17T22:25:02.717382735Z	2	PC: 1268d \| Character output (Char = '6f')
2018-12-17T22:25:02.72112687Z	2	PC: 1268d \| Character output (Char = '72')
2018-12-17T22:25:02.723160474Z	2	PC: 1268d \| Character output (Char = '79')
2018-12-17T22:25:02.725125059Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T22:25:02.727472161Z	2	PC: 1268d \| Character output (Char = '61')
2018-12-17T22:25:02.729488127Z	2	PC: 1268d \| Character output (Char = '6c')
2018-12-17T22:25:02.731462455Z	2	PC: 1268d \| Character output (Char = '6c')
2018-12-17T22:25:02.733395784Z	2	PC: 1268d \| Character output (Char = '6f')
2018-12-17T22:25:02.735650015Z	2	PC: 1268d \| Character output (Char = '63')
2018-12-17T22:25:02.737604922Z	2	PC: 1268d \| Character output (Char = '61')
2018-12-17T22:25:02.739552167Z	2	PC: 1268d \| Character output (Char = '74')
2018-12-17T22:25:02.741985039Z	2	PC: 1268d \| Character output (Char = '69')
2018-12-17T22:25:02.743956285Z	2	PC: 1268d \| Character output (Char = '6f')
2018-12-17T22:25:02.745937978Z	2	PC: 1268d \| Character output (Char = '6e')
2018-12-17T22:25:02.748461966Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T22:25:02.750473053Z	2	PC: 1268d \| Character output (Char = '65')
2018-12-17T22:25:02.752440656Z	2	PC: 1268d \| Character output (Char = '72')
2018-12-17T22:25:02.760331664Z	2	PC: 1268d \| Character output (Char = '72')
2018-12-17T22:25:02.779186054Z	2	PC: 1268d \| Character output (Char = '6f')
2018-12-17T22:25:02.781152574Z	2	PC: 1268d \| Character output (Char = '72')
2018-12-17T22:25:02.783484815Z	2	PC: 1268d \| Character output (Char = '0d')
2018-12-17T22:25:02.785310468Z	2	PC: 1268d \| Character output (Char = '0a')
2018-12-17T22:25:02.788703617Z	2	PC: 1268d \| Character output (Char = '43')
2018-12-17T22:25:02.790937348Z	2	PC: 1268d \| Character output (Char = '61')
2018-12-17T22:25:02.792906601Z	2	PC: 1268d \| Character output (Char = '6e')
2018-12-17T22:25:02.794821028Z	2	PC: 1268d \| Character output (Char = '6e')
2018-12-17T22:25:02.797352073Z	2	PC: 1268d \| Character output (Char = '6f')
2018-12-17T22:25:02.799266775Z	2	PC: 1268d \| Character output (Char = '74')
2018-12-17T22:25:02.801879433Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T22:25:02.804147054Z	2	PC: 1268d \| Character output (Char = '6c')
2018-12-17T22:25:02.80607415Z	2	PC: 1268d \| Character output (Char = '6f')
2018-12-17T22:25:02.807957578Z	2	PC: 1268d \| Character output (Char = '61')
2018-12-17T22:25:02.810319759Z	2	PC: 1268d \| Character output (Char = '64')
2018-12-17T22:25:02.812235134Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T22:25:02.814121973Z	2	PC: 1268d \| Character output (Char = '43')
2018-12-17T22:25:02.825350873Z	2	PC: 1268d \| Character output (Char = '4f')
2018-12-17T22:25:02.827397908Z	2	PC: 1268d \| Character output (Char = '4d')
2018-12-17T22:25:02.829381544Z	2	PC: 1268d \| Character output (Char = '4d')
2018-12-17T22:25:02.832332814Z	2	PC: 1268d \| Character output (Char = '41')
2018-12-17T22:25:02.834254632Z	2	PC: 1268d \| Character output (Char = '4e')
2018-12-17T22:25:02.836244415Z	2	PC: 1268d \| Character output (Char = '44')
2018-12-17T22:25:02.838537671Z	2	PC: 1268d \| Character output (Char = '2c')
2018-12-17T22:25:02.840467202Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T22:25:02.842550806Z	2	PC: 1268d \| Character output (Char = '73')
2018-12-17T22:25:02.84462866Z	2	PC: 1268d \| Character output (Char = '79')
2018-12-17T22:25:02.846750374Z	2	PC: 1268d \| Character output (Char = '73')
2018-12-17T22:25:02.848644734Z	2	PC: 1268d \| Character output (Char = '74')
2018-12-17T22:25:02.850722955Z	2	PC: 1268d \| Character output (Char = '65')
2018-12-17T22:25:02.852770341Z	2	PC: 1268d \| Character output (Char = '6d')
2018-12-17T22:25:02.854676943Z	2	PC: 1268d \| Character output (Char = '20')
2018-12-17T22:25:02.856735977Z	2	PC: 1268d \| Character output (Char = '68')
2018-12-17T22:25:02.863390079Z	2	PC: 1268d \| Character output (Char = '61')
2018-12-17T22:25:02.866984642Z	2	PC: 1268d \| Character output (Char = '6c')
2018-12-17T22:25:02.869185811Z	2	PC: 1268d \| Character output (Char = '74')
2018-12-17T22:25:02.871458636Z	2	PC: 1268d \| Character output (Char = '65')
2018-12-17T22:25:02.873420221Z	2	PC: 1268d \| Character output (Char = '64')
2018-12-17T22:25:02.87555266Z	2	PC: 1268d \| Character output (Char = '0d')
2018-12-17T22:25:02.877655913Z	2	PC: 1268d \| Character output (Char = '0a')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4422,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:51:49.12417184Z	246	PC: 12af4 \| UNKNOWN!
2018-12-25T11:51:49.126374068Z	42	PC: 9f463 \| Get date 0x9f463: cmp dl, 0x1f 0x9f466: jne 0x9f46e 0x9f468: mov byte ptr cs:[0xd], 1 0x9f46e: mov ax, 0x3521 0x9f471: int 0x21 0x9f473: mov word ptr cs:[0x32e], bx 0x9f478: mov word ptr cs:[0x330], es 0x9f47d: mov ax, 0x2521 0x9f480: mov dx, 0xca 0x9f483: int 0x21 0x9f485: pop bx 0x9f486: pop es 0x9f487: jmp 0x9f670 0x9f48a: pushf 0x9f48b: mov word ptr cs:[0x2ea], dx 0x9f490: mov word ptr cs:[0x2ee], ds 0x9f495: mov word ptr cs:[0x2f0], es 0x9f49a: mov word ptr cs:[0x2ec], ax 0x9f49e: cmp ax, 0xf666 0x9f4a1: jne 0x9f4a8
2018-12-25T11:51:49.129372654Z	53	PC: 9f473 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:51:49.130777767Z	37	PC: 9f485 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:51:49.134410405Z	77	PC: 11fe0 \| Get program return code
2018-12-25T11:51:49.136775699Z	72	PC: 12174 \| Allocate memory
2018-12-25T11:51:49.13873523Z	72	PC: 1218d \| Allocate memory
2018-12-25T11:51:49.144560733Z	2	PC: 1268d \| Character output (Char = '0d')
2018-12-25T11:51:49.147596383Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.151812167Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.154185825Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.157361538Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.164471472Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.167532222Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.172136155Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.177236961Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.180178884Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.183115386Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.189032285Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.191979998Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.194904251Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.198275612Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.2011583Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.203996934Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.207698901Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.211394411Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.216407116Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.219808046Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.237248191Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.23984362Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.242927164Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.246080046Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.248827358Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.256145943Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.266371652Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.269338441Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.272589232Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.275440769Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.278362133Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.287068296Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.290121338Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.292939674Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.295744636Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.300367987Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.304830292Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.307653681Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.31941805Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.322266467Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.325108646Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.328828773Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.332094527Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.334926064Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.348271664Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.350950294Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.353546943Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.356304944Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.359373015Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.36461696Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.367067936Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.376646697Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.379146842Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.381621041Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.385091855Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.390616651Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.397088939Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.400028535Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.410492875Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.412975536Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.416495422Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.418878292Z	2	PC: 1268d \| Character output (See above)

{"DateBased":true,"Day":31,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4422,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:51:49.289860089Z	246	PC: 12af4 \| UNKNOWN!
2018-12-25T11:51:49.291068357Z	42	PC: 9f463 \| Get date 0x9f463: cmp dl, 0x1f 0x9f466: jne 0x9f46e 0x9f468: mov byte ptr cs:[0xd], 1 0x9f46e: mov ax, 0x3521 0x9f471: int 0x21 0x9f473: mov word ptr cs:[0x32e], bx 0x9f478: mov word ptr cs:[0x330], es 0x9f47d: mov ax, 0x2521 0x9f480: mov dx, 0xca 0x9f483: int 0x21 0x9f485: pop bx 0x9f486: pop es 0x9f487: jmp 0x9f670 0x9f48a: pushf 0x9f48b: mov word ptr cs:[0x2ea], dx 0x9f490: mov word ptr cs:[0x2ee], ds 0x9f495: mov word ptr cs:[0x2f0], es 0x9f49a: mov word ptr cs:[0x2ec], ax 0x9f49e: cmp ax, 0xf666 0x9f4a1: jne 0x9f4a8
2018-12-25T11:51:49.296604941Z	53	PC: 9f473 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:51:49.298343706Z	37	PC: 9f485 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:51:49.302270251Z	77	PC: 11fe0 \| Get program return code
2018-12-25T11:51:49.304846903Z	72	PC: 12174 \| Allocate memory
2018-12-25T11:51:49.307731796Z	72	PC: 1218d \| Allocate memory
2018-12-25T11:51:49.31080516Z	2	PC: 1268d \| Character output (Char = '0d')
2018-12-25T11:51:49.313566623Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.317855744Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.320299595Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.323317386Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.325964967Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.328434991Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.331302126Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.334724938Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.337559574Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.340380714Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.343823238Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.346134879Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.348409446Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.3514917Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.353808631Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.356117096Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.359902635Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.362287117Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.364579146Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.380306245Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.382122063Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.383786511Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.385905427Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.388723842Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.392480826Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.397192493Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.402816155Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.406316272Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.409149407Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.411673517Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.413840206Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.41568535Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.418319885Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.420367599Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.422009427Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.430199642Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.432306591Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.435683842Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.446380113Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.450633163Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.454265152Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.458116241Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.460783881Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.463248109Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.474725355Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.481044285Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.483718352Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.48642475Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.489211747Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.491992438Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.494820109Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.498161631Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.500686051Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.503162649Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.506341899Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.508768025Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.511534278Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.51521103Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.518147451Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.520932999Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.524883178Z	2	PC: 1268d \| Character output (See above)
2018-12-25T11:51:49.528366541Z	2	PC: 1268d \| Character output (See above)