Sample viewer

vx.netlux.org/Virus.DOS.Hymn.1962

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:31:53.2864809Z 197 PC: 12adf | UNKNOWN!
2018-12-17T22:31:53.288255832Z 73 PC: 12aed | Release memory
2018-12-17T22:31:53.290032159Z 72 PC: 12af4 | Allocate memory
2018-12-17T22:31:53.292095141Z 74 PC: 12b06 | Reallocate memory
2018-12-17T22:31:53.294059193Z 74 PC: 12b16 | Reallocate memory
2018-12-17T22:31:53.310578662Z 98 PC: 12b5d | Get current PSP
2018-12-17T22:31:53.311372724Z 42 PC: 12b97 | Get date 0x12b97: cmp dl, dh
0x12b99: je 0x12baf
0x12b9b: jmp 0x12c2b
0x12b9e: imul sp, word ptr [bp + si + 0x6d], 0x4040
0x12ba3: push bx
0x12ba4: dec si
0x12ba5: push bx
0x12ba6: and byte ptr [bx + si], ah
0x12ba8: and byte ptr [bx + si], ah
0x12baa: and byte ptr [bx + si], ah
0x12bac: and byte ptr [bx + si], ah
0x12bae: and byte ptr [0x5e1f], cl
0x12bb2: push si
0x12bb3: mov byte ptr cs:[si + 0x188], 0xcd
0x12bb9: mov al, 2
0x12bbb: mov cx, 1
0x12bbe: xor dx, dx
0x12bc0: mov byte ptr cs:[si + 0x189], 0x25
0x12bc6: mov bx, si
0x12bc8: add bx, 0x346
2018-12-17T22:31:53.31489378Z 76 PC: 12a45 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5694,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:55:13.583552482Z 197 PC: 12adf | UNKNOWN!
2018-12-25T11:55:13.58508726Z 73 PC: 12aed | Release memory
2018-12-25T11:55:13.586632104Z 72 PC: 12af4 | Allocate memory
2018-12-25T11:55:13.588596011Z 74 PC: 12b06 | Reallocate memory
2018-12-25T11:55:13.590940766Z 74 PC: 12b16 | Reallocate memory
2018-12-25T11:55:13.593073723Z 98 PC: 12b5d | Get current PSP
2018-12-25T11:55:13.594172385Z 42 PC: 12b97 | Get date 0x12b97: cmp dl, dh
0x12b99: je 0x12baf
0x12b9b: jmp 0x12c2b
0x12b9e: imul sp, word ptr [bp + si + 0x6d], 0x4040
0x12ba3: push bx
0x12ba4: dec si
0x12ba5: push bx
0x12ba6: and byte ptr [bx + si], ah
0x12ba8: and byte ptr [bx + si], ah
0x12baa: and byte ptr [bx + si], ah
0x12bac: and byte ptr [bx + si], ah
0x12bae: and byte ptr [0x5e1f], cl
0x12bb2: push si
0x12bb3: mov byte ptr cs:[si + 0x188], 0xcd
0x12bb9: mov al, 2
0x12bbb: mov cx, 1
0x12bbe: xor dx, dx
0x12bc0: mov byte ptr cs:[si + 0x189], 0x25
0x12bc6: mov bx, si
0x12bc8: add bx, 0x346
2018-12-25T11:55:13.597367711Z 76 PC: 12a45 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5694,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:55:14.001767329Z 197 PC: 12adf | UNKNOWN!
2018-12-25T11:55:14.00355686Z 73 PC: 12aed | Release memory
2018-12-25T11:55:14.005320447Z 72 PC: 12af4 | Allocate memory
2018-12-25T11:55:14.007420779Z 74 PC: 12b06 | Reallocate memory
2018-12-25T11:55:14.009750253Z 74 PC: 12b16 | Reallocate memory
2018-12-25T11:55:14.011580908Z 98 PC: 12b5d | Get current PSP
2018-12-25T11:55:14.012786331Z 42 PC: 12b97 | Get date 0x12b97: cmp dl, dh
0x12b99: je 0x12baf
0x12b9b: jmp 0x12c2b
0x12b9e: imul sp, word ptr [bp + si + 0x6d], 0x4040
0x12ba3: push bx
0x12ba4: dec si
0x12ba5: push bx
0x12ba6: and byte ptr [bx + si], ah
0x12ba8: and byte ptr [bx + si], ah
0x12baa: and byte ptr [bx + si], ah
0x12bac: and byte ptr [bx + si], ah
0x12bae: and byte ptr [0x5e1f], cl
0x12bb2: push si
0x12bb3: mov byte ptr cs:[si + 0x188], 0xcd
0x12bb9: mov al, 2
0x12bbb: mov cx, 1
0x12bbe: xor dx, dx
0x12bc0: mov byte ptr cs:[si + 0x189], 0x25
0x12bc6: mov bx, si
0x12bc8: add bx, 0x346
2018-12-25T11:55:14.016002919Z 76 PC: 12a45 | Terminate with return code (Return code = '0')