Sample viewer

vx.netlux.org/Virus.DOS.Xuxa.1096

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:26:59.851048457Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:26:59.852039336Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:26:59.853827197Z 53 PC: 12bf3 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:26:59.854942604Z 74 PC: 12c16 | Reallocate memory
2018-12-17T22:26:59.856199206Z 72 PC: 12c1c | Allocate memory
2018-12-17T22:26:59.869980344Z 37 PC: 12c44 | Set interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:26:59.871212035Z 37 PC: 12c4e | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:26:59.87245417Z 42 PC: 9f4b4 | Get date 0x9f4b4: cmp dh, 8
0x9f4b7: jne 0x9f4bc
0x9f4b9: jmp 0x9f6ad
0x9f4bc: pop dx
0x9f4bd: mov si, dx
0x9f4bf: push cs
0x9f4c0: pop es
0x9f4c1: mov cx, 0x41
0x9f4c4: mov al, byte ptr [si]
0x9f4c6: cmp al, 0
0x9f4c8: je 0x9f4d1
0x9f4ca: inc si
0x9f4cb: dec cx
0x9f4cc: jne 0x9f4c4
0x9f4ce: jmp 0x9f4e3
0x9f4d0: nop
0x9f4d1: mov cx, 0xb
0x9f4d4: mov di, 0x22d
0x9f4d7: sub si, 0xb
0x9f4da: repe cmpsb byte ptr [si], byte ptr es:[di]
2018-12-17T22:26:59.875183056Z 250 PC: 9f6ac | UNKNOWN!
2018-12-17T22:26:59.875947156Z 53 PC: 9f4f2 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:26:59.876991608Z 37 PC: 9f506 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:26:59.878142661Z 67 PC: 9f695 | Get or set file attributes
2018-12-17T22:26:59.883450999Z 67 PC: 9f6a2 | Get or set file attributes
2018-12-17T22:27:00.229935896Z 61 PC: 9f51b | Open file (Filename = 'A�X�!2��B�X�!�P�k')
2018-12-17T22:27:00.23807001Z 87 PC: 9f522 | Get or set file date and time
2018-12-17T22:27:00.239865231Z 63 PC: 9f53b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:27:00.245533646Z 66 PC: 9f68d | Move file pointer
2018-12-17T22:27:00.247352141Z 44 PC: 9f565 | Get time 0x9f565: xor dh, dh
0x9f567: mov byte ptr cs:[0x114], dl
0x9f56c: push bx
0x9f56d: push cs
0x9f56e: push cs
0x9f56f: pop ds
0x9f570: pop es
0x9f571: mov si, 0x100
0x9f574: mov di, 0x549
0x9f577: mov cx, 0x47
0x9f57a: rep movsb byte ptr es:[di], byte ptr [si]
0x9f57c: mov dl, byte ptr [0x114]
0x9f580: mov cx, 0x401
0x9f583: mov al, byte ptr [si]
0x9f585: ror al, 5
0x9f588: xor al, dl
0x9f58a: mov byte ptr es:[di], al
0x9f58d: inc si
0x9f58e: inc di
0x9f58f: dec cx
2018-12-17T22:27:00.250056823Z 64 PC: 9f59d | Write file or device (Write 1096 bytes on handle 5)
2018-12-17T22:27:00.257797722Z 66 PC: 9f68d | Move file pointer
2018-12-17T22:27:00.260483148Z 64 PC: 9f5ac | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:27:00.263272706Z 87 PC: 9f5c3 | Get or set file date and time
2018-12-17T22:27:00.264870916Z 67 PC: 9f6a2 | Get or set file attributes
2018-12-17T22:27:00.273885865Z 65 PC: 9f60a | Delete file (Filename = 'C:\DOS\CHKLIST.MS')
2018-12-17T22:27:00.28187437Z 67 PC: 9f6a2 | Get or set file attributes
2018-12-17T22:27:00.28797148Z 65 PC: 9f60a | Delete file (Filename = 'C:\DOS\ANTI-VIR.DAT')
2018-12-17T22:27:00.294341749Z 62 PC: 9f61e | Close file
2018-12-17T22:27:00.301524977Z 67 PC: 9f6a2 | Get or set file attributes
2018-12-17T22:27:00.310962207Z 37 PC: 9f636 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:27:00.312209841Z 53 PC: 9f63b | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.314343422Z 250 PC: 9f6ac | UNKNOWN!
2018-12-17T22:27:00.315269361Z 37 PC: 12c61 | Set interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.316500405Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.318448895Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.31928234Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.319995841Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.329854703Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.331074688Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.332073687Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.33426046Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.33537347Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.336713902Z 53 PC: 28e | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.339139836Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.340222743Z 250 PC: 53c | UNKNOWN!
2018-12-17T22:27:00.341292767Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.343860267Z 250 PC: 53c | UNKNOWN!
2018-12-17T22:27:00.344898607Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.345660404Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.347454785Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.348929118Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.350440887Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.352680729Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.354749916Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.356586637Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.358081407Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.360001021Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.360807699Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.362154094Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.363989102Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.364756525Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.36594155Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.367520919Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.368365386Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.369543864Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.371233055Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.372009403Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.373873362Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.376227331Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.377491503Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.378743188Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.380544181Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.38138661Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.382461408Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.383775201Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.38463847Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.386317318Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.393157101Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.393864025Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.395061174Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.396627221Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.397752553Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.399218453Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.400753005Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.401515284Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.402422465Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.405144807Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.406154525Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.407208337Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.408696619Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.410026143Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.411013681Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.412987175Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.414092608Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.415562217Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.418087914Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.419236634Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.420734697Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.422324946Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.423361306Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.424545715Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.42653173Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.427625758Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.428911118Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.430916526Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.431915821Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.43355597Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.435308285Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.435955344Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:27:00.437514019Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.439094716Z 250 PC: 12e7c | UNKNOWN!
2018-12-17T22:27:00.439788981Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4786,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:54.570075188Z 250 PC: 12e7c | UNKNOWN!
2018-12-25T11:52:54.571109392Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T11:52:54.573464467Z 53 PC: 12bf3 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:52:54.574752231Z 74 PC: 12c16 | Reallocate memory
2018-12-25T11:52:54.580572575Z 72 PC: 12c1c | Allocate memory
2018-12-25T11:52:54.583183056Z 37 PC: 12c44 | Set interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T11:52:54.584588899Z 37 PC: 12c4e | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:52:54.586200688Z 42 PC: 9f4b4 | Get date 0x9f4b4: cmp dh, 8
0x9f4b7: jne 0x9f4bc
0x9f4b9: jmp 0x9f6ad
0x9f4bc: pop dx
0x9f4bd: mov si, dx
0x9f4bf: push cs
0x9f4c0: pop es
0x9f4c1: mov cx, 0x41
0x9f4c4: mov al, byte ptr [si]
0x9f4c6: cmp al, 0
0x9f4c8: je 0x9f4d1
0x9f4ca: inc si
0x9f4cb: dec cx
0x9f4cc: jne 0x9f4c4
0x9f4ce: jmp 0x9f4e3
0x9f4d0: nop
0x9f4d1: mov cx, 0xb
0x9f4d4: mov di, 0x22d
0x9f4d7: sub si, 0xb
0x9f4da: repe cmpsb byte ptr [si], byte ptr es:[di]
2018-12-25T11:52:54.589464283Z 250 PC: 9f6ac | UNKNOWN!
2018-12-25T11:52:54.590437331Z 53 PC: 9f4f2 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:54.591797924Z 37 PC: 9f506 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:54.593655005Z 67 PC: 9f695 | Get or set file attributes
2018-12-25T11:52:54.601061232Z 67 PC: 9f6a2 | Get or set file attributes
2018-12-25T11:52:55.221930633Z 61 PC: 9f51b | Open file (Filename = 'A�X�!2��B�X�!�P�k')
2018-12-25T11:52:55.22944264Z 87 PC: 9f522 | Get or set file date and time
2018-12-25T11:52:55.23100372Z 63 PC: 9f53b | Read file or device (Read 3 bytes on handle 5)
2018-12-25T11:52:55.235207891Z 66 PC: 9f68d | Move file pointer
2018-12-25T11:52:55.236418506Z 44 PC: 9f565 | Get time 0x9f565: xor dh, dh
0x9f567: mov byte ptr cs:[0x114], dl
0x9f56c: push bx
0x9f56d: push cs
0x9f56e: push cs
0x9f56f: pop ds
0x9f570: pop es
0x9f571: mov si, 0x100
0x9f574: mov di, 0x549
0x9f577: mov cx, 0x47
0x9f57a: rep movsb byte ptr es:[di], byte ptr [si]
0x9f57c: mov dl, byte ptr [0x114]
0x9f580: mov cx, 0x401
0x9f583: mov al, byte ptr [si]
0x9f585: ror al, 5
0x9f588: xor al, dl
0x9f58a: mov byte ptr es:[di], al
0x9f58d: inc si
0x9f58e: inc di
0x9f58f: dec cx
2018-12-25T11:52:55.238989805Z 64 PC: 9f59d | Write file or device (Write 1096 bytes on handle 5)
2018-12-25T11:52:55.247160182Z 66 PC: 9f68d | Move file pointer (See above)
2018-12-25T11:52:55.249860723Z 64 PC: 9f5ac | Write file or device (Write 3 bytes on handle 5)
2018-12-25T11:52:55.255093307Z 87 PC: 9f5c3 | Get or set file date and time
2018-12-25T11:52:55.257292291Z 67 PC: 9f6a2 | Get or set file attributes (See above)
2018-12-25T11:52:55.274744606Z 65 PC: 9f60a | Delete file (Filename = 'C:\DOS\CHKLIST.MS')
2018-12-25T11:52:55.28925237Z 67 PC: 9f6a2 | Get or set file attributes (See above)
2018-12-25T11:52:55.296310687Z 65 PC: 9f60a | Delete file (See above)
2018-12-25T11:52:55.303402505Z 62 PC: 9f61e | Close file
2018-12-25T11:52:55.311748905Z 67 PC: 9f6a2 | Get or set file attributes (See above)
2018-12-25T11:52:55.322610408Z 37 PC: 9f636 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:52:55.324281891Z 53 PC: 9f63b | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T11:52:55.326507477Z 250 PC: 9f6ac | UNKNOWN! (See above)
2018-12-25T11:52:55.327555618Z 37 PC: 12c61 | Set interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T11:52:55.32880461Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.330277875Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.331446553Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.332324516Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.333680332Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.335546665Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.33695669Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.338887688Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.341592071Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.342947468Z 53 PC: 28e | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T11:52:55.344711783Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.347030592Z 250 PC: 53c | UNKNOWN!
2018-12-25T11:52:55.348041651Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.349423792Z 250 PC: 53c | UNKNOWN! (See above)
2018-12-25T11:52:55.351077429Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.351992713Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.353276287Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.355031898Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.356397821Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.358133171Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.360740501Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.36251526Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.363737255Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.364926865Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.36598005Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.3672623Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.368337475Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.369655603Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.371029449Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.37253486Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.374076166Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.375548411Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.3765861Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.378046922Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.379427315Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.380445915Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.381393961Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.382557184Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.383502789Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.385486161Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.386798346Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.387848424Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.389201556Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.390245337Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.391150182Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.39252233Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.394002903Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.395323Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.396431707Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.398211318Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.399887841Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.400712805Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.402917584Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.40382774Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.404617339Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.406726575Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.408069088Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.409078485Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.411231274Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.413025993Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.413949957Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.416476505Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.421282302Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.422347059Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.424034364Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.426080514Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.427438326Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.429204823Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.431879239Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.432830519Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.434200908Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.43655419Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.437649261Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.438979265Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.440389675Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.442012742Z 53 PC: 12bce | Get interrupt vector (See above)
2018-12-25T11:52:55.443451187Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.444862096Z 250 PC: 12e7c | UNKNOWN! (See above)
2018-12-25T11:52:55.446136744Z 53 PC: 12bce | Get interrupt vector (See above)

{"DateBased":true,"Day":1,"Month":8,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4786,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:52:54.586989875Z 250 PC: 12e7c | UNKNOWN!
2018-12-25T11:52:54.588660502Z 53 PC: 12bce | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T11:52:54.590421329Z 53 PC: 12bf3 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:52:54.591709064Z 74 PC: 12c16 | Reallocate memory
2018-12-25T11:52:54.593231444Z 72 PC: 12c1c | Allocate memory
2018-12-25T11:52:54.59543042Z 37 PC: 12c44 | Set interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T11:52:54.596712519Z 37 PC: 12c4e | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:52:54.598386424Z 42 PC: 9f4b4 | Get date 0x9f4b4: cmp dh, 8
0x9f4b7: jne 0x9f4bc
0x9f4b9: jmp 0x9f6ad
0x9f4bc: pop dx
0x9f4bd: mov si, dx
0x9f4bf: push cs
0x9f4c0: pop es
0x9f4c1: mov cx, 0x41
0x9f4c4: mov al, byte ptr [si]
0x9f4c6: cmp al, 0
0x9f4c8: je 0x9f4d1
0x9f4ca: inc si
0x9f4cb: dec cx
0x9f4cc: jne 0x9f4c4
0x9f4ce: jmp 0x9f4e3
0x9f4d0: nop
0x9f4d1: mov cx, 0xb
0x9f4d4: mov di, 0x22d
0x9f4d7: sub si, 0xb
0x9f4da: repe cmpsb byte ptr [si], byte ptr es:[di]
2018-12-25T11:52:54.601710894Z 9 PC: 9f6b4 | Display string (String= 'Si no viste el Show de Xuxa por T.V, ni en vivo... ahora podes verlo en tu PC!. - XOU DA XUXA 1.2 By Leviathan.')