Sample viewer

vx.netlux.org/Virus.DOS.Lacimehc.733

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:38:40.593535201Z	42	PC: 12cae \| Get date 0x12cae: cmp dl, 0x17 0x12cb1: jne 0x12cee 0x12cb3: cmp dh, 0xa 0x12cb6: jne 0x12ce2 0x12cb8: mov ax, 0x5f08 0x12cbb: mov dl, 0 0x12cbd: int 0x21 0x12cbf: mov ax, 0x5f08 0x12cc2: mov dl, 1 0x12cc4: int 0x21 0x12cc6: mov ax, 0x5f08 0x12cc9: mov dl, 3 0x12ccb: int 0x21 0x12ccd: mov ax, 0x5f08 0x12cd0: mov dl, 4 0x12cd2: int 0x21 0x12cd4: mov ax, 0x5f08 0x12cd7: mov dl, 5 0x12cd9: int 0x21 0x12cdb: mov ax, 0x5f08
2018-12-17T22:38:40.596157679Z	26	PC: 12b1f \| Set disk transfer address
2018-12-17T22:38:40.601739911Z	78	PC: 12b2a \| Find first file
2018-12-17T22:38:40.6085278Z	26	PC: 12c81 \| Set disk transfer address

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6647,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:00:02.270830301Z	42	PC: 12cae \| Get date 0x12cae: cmp dl, 0x17 0x12cb1: jne 0x12cee 0x12cb3: cmp dh, 0xa 0x12cb6: jne 0x12ce2 0x12cb8: mov ax, 0x5f08 0x12cbb: mov dl, 0 0x12cbd: int 0x21 0x12cbf: mov ax, 0x5f08 0x12cc2: mov dl, 1 0x12cc4: int 0x21 0x12cc6: mov ax, 0x5f08 0x12cc9: mov dl, 3 0x12ccb: int 0x21 0x12ccd: mov ax, 0x5f08 0x12cd0: mov dl, 4 0x12cd2: int 0x21 0x12cd4: mov ax, 0x5f08 0x12cd7: mov dl, 5 0x12cd9: int 0x21 0x12cdb: mov ax, 0x5f08
2018-12-25T12:00:02.273162229Z	26	PC: 12b1f \| Set disk transfer address
2018-12-25T12:00:02.274535577Z	78	PC: 12b2a \| Find first file
2018-12-25T12:00:02.278208071Z	26	PC: 12c81 \| Set disk transfer address

{"DateBased":true,"Day":23,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6647,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:00:02.503600946Z	42	PC: 12cae \| Get date 0x12cae: cmp dl, 0x17 0x12cb1: jne 0x12cee 0x12cb3: cmp dh, 0xa 0x12cb6: jne 0x12ce2 0x12cb8: mov ax, 0x5f08 0x12cbb: mov dl, 0 0x12cbd: int 0x21 0x12cbf: mov ax, 0x5f08 0x12cc2: mov dl, 1 0x12cc4: int 0x21 0x12cc6: mov ax, 0x5f08 0x12cc9: mov dl, 3 0x12ccb: int 0x21 0x12ccd: mov ax, 0x5f08 0x12cd0: mov dl, 4 0x12cd2: int 0x21 0x12cd4: mov ax, 0x5f08 0x12cd7: mov dl, 5 0x12cd9: int 0x21 0x12cdb: mov ax, 0x5f08
2018-12-25T12:00:02.51168541Z	9	PC: 12cea \| Display string (Could not find end pointer)

{"DateBased":true,"Day":23,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6647,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:00:02.520385534Z	42	PC: 12cae \| Get date 0x12cae: cmp dl, 0x17 0x12cb1: jne 0x12cee 0x12cb3: cmp dh, 0xa 0x12cb6: jne 0x12ce2 0x12cb8: mov ax, 0x5f08 0x12cbb: mov dl, 0 0x12cbd: int 0x21 0x12cbf: mov ax, 0x5f08 0x12cc2: mov dl, 1 0x12cc4: int 0x21 0x12cc6: mov ax, 0x5f08 0x12cc9: mov dl, 3 0x12ccb: int 0x21 0x12ccd: mov ax, 0x5f08 0x12cd0: mov dl, 4 0x12cd2: int 0x21 0x12cd4: mov ax, 0x5f08 0x12cd7: mov dl, 5 0x12cd9: int 0x21 0x12cdb: mov ax, 0x5f08
2018-12-25T12:00:02.52315929Z	95	PC: 12cbf \| Network redirection functions
2018-12-25T12:00:02.524465834Z	95	PC: 12cc6 \| Network redirection functions
2018-12-25T12:00:02.525699567Z	95	PC: 12ccd \| Network redirection functions
2018-12-25T12:00:02.527371386Z	95	PC: 12cd4 \| Network redirection functions
2018-12-25T12:00:02.529469664Z	95	PC: 12cdb \| Network redirection functions
2018-12-25T12:00:02.530754207Z	95	PC: 12ce2 \| Network redirection functions
2018-12-25T12:00:02.531996386Z	9	PC: 12cea \| Display string (Could not find end pointer)