Sample viewer

vx.netlux.org/Virus.DOS.I13.Albi.1442

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:26:06.064973549Z 219 PC: 13c6e | UNKNOWN!
2018-12-17T22:26:06.065938345Z 88 PC: 13c79 | case 0xGet or set allocation strateg:
2018-12-17T22:26:06.067783338Z 53 PC: 13c87 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:26:06.069504997Z 74 PC: 13ce6 | Reallocate memory
2018-12-17T22:26:06.071361Z 72 PC: 13ced | Allocate memory
2018-12-17T22:26:06.07383253Z 37 PC: 13d19 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:26:06.075586904Z 42 PC: 13d20 | Get date 0x13d20: cmp dh, 6
0x13d23: jne 0x13d2e
0x13d25: in ax, 0x40
0x13d27: cmp al, 0xc8
0x13d29: jbe 0x13d2e
0x13d2b: jmp 0x1417d
0x13d2e: push es
0x13d2f: pop ds
0x13d30: push es
0x13d31: pop ax
0x13d32: add ax, 0x10
0x13d35: sub cx, cx
0x13d37: add word ptr cs:[si + 0x11c], ax
0x13d3c: cli
0x13d3d: xor dx, dx
0x13d3f: add ax, word ptr cs:[si + 0x120]
0x13d44: sub bp, bp
0x13d46: mov ss, ax
0x13d48: xor di, di
0x13d4a: mov sp, word ptr cs:[si + 0x11e]
2018-12-17T22:26:06.078469509Z 9 PC: 12a5c | Display string (Could not find end pointer)
2018-12-17T22:26:06.085771352Z 76 PC: 12a61 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4622,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:27.362328669Z 219 PC: 13c6e | UNKNOWN!
2018-12-25T11:52:27.363454026Z 88 PC: 13c79 | case 0xGet or set allocation strateg:
2018-12-25T11:52:27.364521925Z 53 PC: 13c87 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:52:27.365704625Z 74 PC: 13ce6 | Reallocate memory
2018-12-25T11:52:27.367152091Z 72 PC: 13ced | Allocate memory
2018-12-25T11:52:27.36816121Z 37 PC: 13d19 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:52:27.36893315Z 42 PC: 13d20 | Get date 0x13d20: cmp dh, 6
0x13d23: jne 0x13d2e
0x13d25: in ax, 0x40
0x13d27: cmp al, 0xc8
0x13d29: jbe 0x13d2e
0x13d2b: jmp 0x1417d
0x13d2e: push es
0x13d2f: pop ds
0x13d30: push es
0x13d31: pop ax
0x13d32: add ax, 0x10
0x13d35: sub cx, cx
0x13d37: add word ptr cs:[si + 0x11c], ax
0x13d3c: cli
0x13d3d: xor dx, dx
0x13d3f: add ax, word ptr cs:[si + 0x120]
0x13d44: sub bp, bp
0x13d46: mov ss, ax
0x13d48: xor di, di
0x13d4a: mov sp, word ptr cs:[si + 0x11e]

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4622,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:27.591159401Z 219 PC: 13c6e | UNKNOWN!
2018-12-25T11:52:27.592217504Z 88 PC: 13c79 | case 0xGet or set allocation strateg:
2018-12-25T11:52:27.59309332Z 53 PC: 13c87 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:52:27.593888191Z 74 PC: 13ce6 | Reallocate memory
2018-12-25T11:52:27.595303122Z 72 PC: 13ced | Allocate memory
2018-12-25T11:52:27.596827161Z 37 PC: 13d19 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:52:27.597897508Z 42 PC: 13d20 | Get date 0x13d20: cmp dh, 6
0x13d23: jne 0x13d2e
0x13d25: in ax, 0x40
0x13d27: cmp al, 0xc8
0x13d29: jbe 0x13d2e
0x13d2b: jmp 0x1417d
0x13d2e: push es
0x13d2f: pop ds
0x13d30: push es
0x13d31: pop ax
0x13d32: add ax, 0x10
0x13d35: sub cx, cx
0x13d37: add word ptr cs:[si + 0x11c], ax
0x13d3c: cli
0x13d3d: xor dx, dx
0x13d3f: add ax, word ptr cs:[si + 0x120]
0x13d44: sub bp, bp
0x13d46: mov ss, ax
0x13d48: xor di, di
0x13d4a: mov sp, word ptr cs:[si + 0x11e]
2018-12-25T11:52:27.600594548Z 9 PC: 12a5c | Display string (Could not find end pointer)
2018-12-25T11:52:27.605945193Z 76 PC: 12a61 | Terminate with return code (Return code = '0')