Sample viewer

vx.netlux.org/Virus.DOS.BlackMonday.1055

Time	Syscall Op	Syscall Name
2018-12-17T22:27:33.493365089Z	254	PC: 12a7f \| UNKNOWN!
2018-12-17T22:27:33.496076739Z	53	PC: 12b19 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:27:33.498799889Z	37	PC: 12b29 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:27:33.500409138Z	74	PC: 12b36 \| Reallocate memory
2018-12-17T22:27:33.502412538Z	75	PC: 12b67 \| Execute program
2018-12-17T22:27:33.526277667Z	76	PC: 132a5 \| Terminate with return code (Return code = '0')
2018-12-17T22:27:33.529983601Z	42	PC: 12b6b \| Get date 0x12b6b: cmp al, 1 0x12b6d: jne 0x12b86 0x12b6f: mov ax, 0x401 0x12b72: mov cx, 1 0x12b75: mov dx, 0x180 0x12b78: int 0x13 0x12b7a: cmp ah, 1 0x12b7d: je 0x12b86 0x12b7f: mov word ptr cs:[0x338], 0x9090 0x12b86: mov es, word ptr cs:[6] 0x12b8b: mov ax, 0x4900 0x12b8e: int 0x21 0x12b90: mov dx, 0x80 0x12b93: mov ax, 0x3100 0x12b96: int 0x21 0x12b98: mov cx, 0x2a41 0x12b9b: wait 0x12b9c: push si 0x12b9d: add ax, 0xd62 0x12ba0: add ax, 0
2018-12-17T22:27:33.533685561Z	73	PC: 12b90 \| Release memory
2018-12-17T22:27:33.536276514Z	49	PC: 12b98 \| Terminate and stay resident (Return code = '0' \| Memory size = '128')

Time	Syscall Op	Syscall Name
2018-12-25T11:53:12.412460569Z	254	PC: 12a7f \| UNKNOWN!
2018-12-25T11:53:12.413966088Z	53	PC: 12b19 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:53:12.414849498Z	37	PC: 12b29 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:53:12.415670524Z	74	PC: 12b36 \| Reallocate memory
2018-12-25T11:53:12.417465924Z	75	PC: 12b67 \| Execute program
2018-12-25T11:53:12.426284306Z	76	PC: 132a5 \| Terminate with return code (Return code = '0')
2018-12-25T11:53:12.428278391Z	42	PC: 12b6b \| Get date 0x12b6b: cmp al, 1 0x12b6d: jne 0x12b86 0x12b6f: mov ax, 0x401 0x12b72: mov cx, 1 0x12b75: mov dx, 0x180 0x12b78: int 0x13 0x12b7a: cmp ah, 1 0x12b7d: je 0x12b86 0x12b7f: mov word ptr cs:[0x338], 0x9090 0x12b86: mov es, word ptr cs:[6] 0x12b8b: mov ax, 0x4900 0x12b8e: int 0x21 0x12b90: mov dx, 0x80 0x12b93: mov ax, 0x3100 0x12b96: int 0x21 0x12b98: mov cx, 0x2a41 0x12b9b: wait 0x12b9c: push si 0x12b9d: add ax, 0xd62 0x12ba0: add ax, 0
2018-12-25T11:53:12.429965211Z	73	PC: 12b90 \| Release memory
2018-12-25T11:53:12.431511473Z	49	PC: 12b98 \| Terminate and stay resident (Return code = '0' \| Memory size = '128')

Time	Syscall Op	Syscall Name
2018-12-25T11:53:12.553919313Z	254	PC: 12a7f \| UNKNOWN!
2018-12-25T11:53:12.555740952Z	53	PC: 12b19 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:53:12.558883625Z	37	PC: 12b29 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:53:12.560178642Z	74	PC: 12b36 \| Reallocate memory
2018-12-25T11:53:12.561796957Z	75	PC: 12b67 \| Execute program
2018-12-25T11:53:12.577832241Z	76	PC: 132a5 \| Terminate with return code (Return code = '0')
2018-12-25T11:53:12.581138117Z	42	PC: 12b6b \| Get date 0x12b6b: cmp al, 1 0x12b6d: jne 0x12b86 0x12b6f: mov ax, 0x401 0x12b72: mov cx, 1 0x12b75: mov dx, 0x180 0x12b78: int 0x13 0x12b7a: cmp ah, 1 0x12b7d: je 0x12b86 0x12b7f: mov word ptr cs:[0x338], 0x9090 0x12b86: mov es, word ptr cs:[6] 0x12b8b: mov ax, 0x4900 0x12b8e: int 0x21 0x12b90: mov dx, 0x80 0x12b93: mov ax, 0x3100 0x12b96: int 0x21 0x12b98: mov cx, 0x2a41 0x12b9b: wait 0x12b9c: push si 0x12b9d: add ax, 0xd62 0x12ba0: add ax, 0
2018-12-25T11:53:12.584453862Z	73	PC: 12b90 \| Release memory
2018-12-25T11:53:12.586920686Z	49	PC: 12b98 \| Terminate and stay resident (Return code = '0' \| Memory size = '128')