Sample viewer

vx.netlux.org/Virus.DOS.Godzina.1024

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:39:03.710806438Z 75 PC: 13bdd | Execute program
2018-12-17T22:39:03.713082716Z 53 PC: 13bfe | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:39:03.721818417Z 37 PC: 13c2f | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:39:03.723854431Z 42 PC: 13c33 | Get date 0x13c33: cmp al, 0
0x13c35: je 0x13c3a
0x13c37: jmp 0x13dd6
0x13c3a: mov ah, 0x2c
0x13c3c: int 0x21
0x13c3e: cmp ch, 0x16
0x13c41: je 0x13c46
0x13c43: jmp 0x13dd6
0x13c46: mov ch, 0x17
0x13c48: mov ah, 0x2d
0x13c4a: int 0x21
0x13c4c: mov cx, 0x159
0x13c4f: mov bx, 0xa6
0x13c52: add bx, cx
0x13c54: mov al, byte ptr cs:[bx]
0x13c57: push cx
0x13c58: mov cl, 4
0x13c5a: ror al, cl
0x13c5c: mov byte ptr cs:[bx], al
0x13c5f: pop cx
2018-12-17T22:39:03.727500827Z 9 PC: 13bc2 | Display string (Could not find end pointer)
2018-12-17T22:39:03.73822424Z 76 PC: 13bc8 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6712,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:13.718039798Z 75 PC: 13bdd | Execute program
2018-12-25T12:00:13.720247829Z 53 PC: 13bfe | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:00:13.722261747Z 37 PC: 13c2f | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:00:13.723598436Z 42 PC: 13c33 | Get date 0x13c33: cmp al, 0
0x13c35: je 0x13c3a
0x13c37: jmp 0x13dd6
0x13c3a: mov ah, 0x2c
0x13c3c: int 0x21
0x13c3e: cmp ch, 0x16
0x13c41: je 0x13c46
0x13c43: jmp 0x13dd6
0x13c46: mov ch, 0x17
0x13c48: mov ah, 0x2d
0x13c4a: int 0x21
0x13c4c: mov cx, 0x159
0x13c4f: mov bx, 0xa6
0x13c52: add bx, cx
0x13c54: mov al, byte ptr cs:[bx]
0x13c57: push cx
0x13c58: mov cl, 4
0x13c5a: ror al, cl
0x13c5c: mov byte ptr cs:[bx], al
0x13c5f: pop cx
2018-12-25T12:00:13.726330498Z 9 PC: 13bc2 | Display string (Could not find end pointer)
2018-12-25T12:00:13.735217199Z 76 PC: 13bc8 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":6,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6712,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:13.843719909Z 75 PC: 13bdd | Execute program
2018-12-25T12:00:13.846037491Z 53 PC: 13bfe | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:00:13.847491071Z 37 PC: 13c2f | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:00:13.848840776Z 42 PC: 13c33 | Get date 0x13c33: cmp al, 0
0x13c35: je 0x13c3a
0x13c37: jmp 0x13dd6
0x13c3a: mov ah, 0x2c
0x13c3c: int 0x21
0x13c3e: cmp ch, 0x16
0x13c41: je 0x13c46
0x13c43: jmp 0x13dd6
0x13c46: mov ch, 0x17
0x13c48: mov ah, 0x2d
0x13c4a: int 0x21
0x13c4c: mov cx, 0x159
0x13c4f: mov bx, 0xa6
0x13c52: add bx, cx
0x13c54: mov al, byte ptr cs:[bx]
0x13c57: push cx
0x13c58: mov cl, 4
0x13c5a: ror al, cl
0x13c5c: mov byte ptr cs:[bx], al
0x13c5f: pop cx
2018-12-25T12:00:13.851579781Z 44 PC: 13c3e | Get time 0x13c3e: cmp ch, 0x16
0x13c41: je 0x13c46
0x13c43: jmp 0x13dd6
0x13c46: mov ch, 0x17
0x13c48: mov ah, 0x2d
0x13c4a: int 0x21
0x13c4c: mov cx, 0x159
0x13c4f: mov bx, 0xa6
0x13c52: add bx, cx
0x13c54: mov al, byte ptr cs:[bx]
0x13c57: push cx
0x13c58: mov cl, 4
0x13c5a: ror al, cl
0x13c5c: mov byte ptr cs:[bx], al
0x13c5f: pop cx
0x13c60: loop 0x13c4f
0x13c62: push cs
0x13c63: pop ds
0x13c64: mov ah, 9
0x13c66: mov dx, 0xa2
2018-12-25T12:00:13.853730112Z 9 PC: 13bc2 | Display string (Could not find end pointer)
2018-12-25T12:00:13.858836861Z 76 PC: 13bc8 | Terminate with return code (Return code = '0')