Sample viewer

vx.netlux.org/Virus.DOS.ARCV.More.649

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:55:26.153411009Z	42	PC: 12a72 \| Get date 0x12a72: cmp cx, 0x7cf 0x12a76: je 0x12ae7 0x12a78: mov ax, 0xfe78 0x12a7b: int 0x21 0x12a7d: cmp ax, 0x188 0x12a80: je 0x12ad9 0x12a82: push ds 0x12a83: mov ax, ds 0x12a85: dec ax 0x12a86: mov ds, ax 0x12a88: cmp byte ptr [0], 0x5a 0x12a8d: jne 0x12ad9 0x12a8f: cmp word ptr [3], 0x80 0x12a95: jbe 0x12ad9 0x12a97: sub word ptr [3], 0x80 0x12a9d: sub word ptr [0x12], 0x80 0x12aa3: mov es, word ptr [0x12] 0x12aa7: pop ds 0x12aa8: push ds 0x12aa9: lea ax, word ptr [si + 0x107]
2018-12-17T21:55:26.156465169Z	254	PC: 12a7d \| UNKNOWN!

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":591,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:41:24.805770669Z	42	PC: 12a72 \| Get date 0x12a72: cmp cx, 0x7cf 0x12a76: je 0x12ae7 0x12a78: mov ax, 0xfe78 0x12a7b: int 0x21 0x12a7d: cmp ax, 0x188 0x12a80: je 0x12ad9 0x12a82: push ds 0x12a83: mov ax, ds 0x12a85: dec ax 0x12a86: mov ds, ax 0x12a88: cmp byte ptr [0], 0x5a 0x12a8d: jne 0x12ad9 0x12a8f: cmp word ptr [3], 0x80 0x12a95: jbe 0x12ad9 0x12a97: sub word ptr [3], 0x80 0x12a9d: sub word ptr [0x12], 0x80 0x12aa3: mov es, word ptr [0x12] 0x12aa7: pop ds 0x12aa8: push ds 0x12aa9: lea ax, word ptr [si + 0x107]
2018-12-25T11:41:24.807864414Z	254	PC: 12a7d \| UNKNOWN!

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":591,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:41:24.753911762Z	42	PC: 12a72 \| Get date 0x12a72: cmp cx, 0x7cf 0x12a76: je 0x12ae7 0x12a78: mov ax, 0xfe78 0x12a7b: int 0x21 0x12a7d: cmp ax, 0x188 0x12a80: je 0x12ad9 0x12a82: push ds 0x12a83: mov ax, ds 0x12a85: dec ax 0x12a86: mov ds, ax 0x12a88: cmp byte ptr [0], 0x5a 0x12a8d: jne 0x12ad9 0x12a8f: cmp word ptr [3], 0x80 0x12a95: jbe 0x12ad9 0x12a97: sub word ptr [3], 0x80 0x12a9d: sub word ptr [0x12], 0x80 0x12aa3: mov es, word ptr [0x12] 0x12aa7: pop ds 0x12aa8: push ds 0x12aa9: lea ax, word ptr [si + 0x107]
2018-12-25T11:41:24.755899336Z	254	PC: 12a7d \| UNKNOWN!

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":591,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:41:24.947911126Z	42	PC: 12a72 \| Get date 0x12a72: cmp cx, 0x7cf 0x12a76: je 0x12ae7 0x12a78: mov ax, 0xfe78 0x12a7b: int 0x21 0x12a7d: cmp ax, 0x188 0x12a80: je 0x12ad9 0x12a82: push ds 0x12a83: mov ax, ds 0x12a85: dec ax 0x12a86: mov ds, ax 0x12a88: cmp byte ptr [0], 0x5a 0x12a8d: jne 0x12ad9 0x12a8f: cmp word ptr [3], 0x80 0x12a95: jbe 0x12ad9 0x12a97: sub word ptr [3], 0x80 0x12a9d: sub word ptr [0x12], 0x80 0x12aa3: mov es, word ptr [0x12] 0x12aa7: pop ds 0x12aa8: push ds 0x12aa9: lea ax, word ptr [si + 0x107]
2018-12-25T11:41:24.952030654Z	254	PC: 12a7d \| UNKNOWN!

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":1,"TimeBased":true,"OriginalID":591,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:41:25.058685836Z	42	PC: 12a72 \| Get date 0x12a72: cmp cx, 0x7cf 0x12a76: je 0x12ae7 0x12a78: mov ax, 0xfe78 0x12a7b: int 0x21 0x12a7d: cmp ax, 0x188 0x12a80: je 0x12ad9 0x12a82: push ds 0x12a83: mov ax, ds 0x12a85: dec ax 0x12a86: mov ds, ax 0x12a88: cmp byte ptr [0], 0x5a 0x12a8d: jne 0x12ad9 0x12a8f: cmp word ptr [3], 0x80 0x12a95: jbe 0x12ad9 0x12a97: sub word ptr [3], 0x80 0x12a9d: sub word ptr [0x12], 0x80 0x12aa3: mov es, word ptr [0x12] 0x12aa7: pop ds 0x12aa8: push ds 0x12aa9: lea ax, word ptr [si + 0x107]
2018-12-25T11:41:25.062349801Z	254	PC: 12a7d \| UNKNOWN!