Sample viewer

vx.netlux.org/Virus.DOS.Altx.2748

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:39:05.521611448Z 42 PC: 13fb1 | Get date 0x13fb1: mov byte ptr [0x2e7], al
0x13fb4: ret
0x13fb5: xor al, 0
0x13fb7: pop cx
0x13fb8: add byte ptr [bp + si], ah
0x13fbb: push 0
0x13fbd: jne 0x13fbf
0x13fbf: test ax, 0xe83f
0x13fc2: sub ax, 0x2607
0x13fc5: mov word ptr [0x37f], ax
0x13fc8: mov cx, 5
0x13fcb: xor bx, bx
0x13fcd: mov di, word ptr cs:[bx + 0x375]
0x13fd2: xor word ptr es:[di], ax
0x13fd5: add bx, 2
0x13fd8: loop 0x13fcd
0x13fda: ret
0x13fdb: push bp
0x13fdc: mov bp, sp
0x13fde: push ax
2018-12-17T22:39:05.534501105Z 61 PC: 13f49 | Open file (Filename = '�S�')
2018-12-17T22:39:05.540741066Z 60 PC: 13f99 | Create or truncate file
2018-12-17T22:39:05.885155626Z 64 PC: 13fa7 | Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:39:05.895180032Z 62 PC: 13fab | Close file
2018-12-17T22:39:05.904081209Z 11 PC: 140a7 | Get input status
2018-12-17T22:39:05.907546953Z 74 PC: 140a7 | Reallocate memory
2018-12-17T22:39:05.91047976Z 74 PC: 140a7 | Reallocate memory
2018-12-17T22:39:05.913684761Z 72 PC: 140a7 | Allocate memory
2018-12-17T22:39:05.916124557Z 72 PC: 140a7 | Allocate memory
2018-12-17T22:39:05.918656869Z 53 PC: 140a7 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:39:05.92179854Z 53 PC: 140a7 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:39:05.923893776Z 37 PC: 140a7 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:39:05.926169944Z 37 PC: 140a7 | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:39:05.92902799Z 11 PC: 140a7 | Get input status
2018-12-17T22:39:05.933791194Z 11 PC: 140a7 | Get input status
2018-12-17T22:39:05.941171258Z 11 PC: 140a7 | Get input status
2018-12-17T22:39:05.951302866Z 11 PC: 140a7 | Get input status
2018-12-17T22:39:05.970376319Z 11 PC: 140a7 | Get input status
2018-12-17T22:39:05.973445544Z 9 PC: 12a5c | Display string (Could not find end pointer)
2018-12-17T22:39:05.979232219Z 76 PC: 12a61 | Terminate with return code (Return code = '0')