Sample viewer

vx.netlux.org/Virus.DOS.Fellow.1019.e

Time	Syscall Op	Syscall Name
2018-12-17T22:39:58.605248976Z	208	PC: 12a55 \| UNKNOWN!
2018-12-17T22:39:58.618407261Z	74	PC: 12aba \| Reallocate memory
2018-12-17T22:39:58.620463573Z	53	PC: 12ad3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:39:58.622178143Z	37	PC: 12ae3 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:39:58.625007568Z	42	PC: 12ae7 \| Get date 0x12ae7: cmp dh, 9 0x12aea: jne 0x12af2 0x12aec: or byte ptr cs:[0x1a], 1 0x12af2: cli 0x12af3: mov es, word ptr [0x1b] 0x12af7: sub di, di 0x12af9: mov cx, 0xffff 0x12afc: mov al, 0 0x12afe: cld 0x12aff: repne scasb al, byte ptr es:[di] 0x12b01: cmp byte ptr es:[di], al 0x12b04: jne 0x12aff 0x12b06: mov dx, di 0x12b08: add dx, 3 0x12b0b: push es 0x12b0c: pop ds 0x12b0d: mov ss, bx 0x12b0f: mov bx, cs 0x12b11: mov es, bx 0x12b13: mov sp, 0x44b
2018-12-17T22:39:58.637013578Z	75	PC: 12b23 \| Execute program
2018-12-17T22:39:58.652967674Z	76	PC: 132a5 \| Terminate with return code (Return code = '0')
2018-12-17T22:39:58.657692117Z	73	PC: 12b2d \| Release memory
2018-12-17T22:39:58.659342267Z	49	PC: 12b35 \| Terminate and stay resident (Return code = '0' \| Memory size = '128')

Time	Syscall Op	Syscall Name
2018-12-25T12:00:30.412455264Z	208	PC: 12a55 \| UNKNOWN!
2018-12-25T12:00:30.414474585Z	74	PC: 12aba \| Reallocate memory
2018-12-25T12:00:30.416016314Z	53	PC: 12ad3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:00:30.417265634Z	37	PC: 12ae3 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:00:30.418481388Z	42	PC: 12ae7 \| Get date 0x12ae7: cmp dh, 9 0x12aea: jne 0x12af2 0x12aec: or byte ptr cs:[0x1a], 1 0x12af2: cli 0x12af3: mov es, word ptr [0x1b] 0x12af7: sub di, di 0x12af9: mov cx, 0xffff 0x12afc: mov al, 0 0x12afe: cld 0x12aff: repne scasb al, byte ptr es:[di] 0x12b01: cmp byte ptr es:[di], al 0x12b04: jne 0x12aff 0x12b06: mov dx, di 0x12b08: add dx, 3 0x12b0b: push es 0x12b0c: pop ds 0x12b0d: mov ss, bx 0x12b0f: mov bx, cs 0x12b11: mov es, bx 0x12b13: mov sp, 0x44b
2018-12-25T12:00:30.421602739Z	75	PC: 12b23 \| Execute program
2018-12-25T12:00:30.443605441Z	76	PC: 132a5 \| Terminate with return code (Return code = '0')
2018-12-25T12:00:30.446756905Z	73	PC: 12b2d \| Release memory
2018-12-25T12:00:30.452074128Z	49	PC: 12b35 \| Terminate and stay resident (Return code = '0' \| Memory size = '128')

Time	Syscall Op	Syscall Name
2018-12-25T12:00:30.688950043Z	208	PC: 12a55 \| UNKNOWN!
2018-12-25T12:00:30.691319852Z	74	PC: 12aba \| Reallocate memory
2018-12-25T12:00:30.695897324Z	53	PC: 12ad3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:00:30.697609637Z	37	PC: 12ae3 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:00:30.699987986Z	42	PC: 12ae7 \| Get date 0x12ae7: cmp dh, 9 0x12aea: jne 0x12af2 0x12aec: or byte ptr cs:[0x1a], 1 0x12af2: cli 0x12af3: mov es, word ptr [0x1b] 0x12af7: sub di, di 0x12af9: mov cx, 0xffff 0x12afc: mov al, 0 0x12afe: cld 0x12aff: repne scasb al, byte ptr es:[di] 0x12b01: cmp byte ptr es:[di], al 0x12b04: jne 0x12aff 0x12b06: mov dx, di 0x12b08: add dx, 3 0x12b0b: push es 0x12b0c: pop ds 0x12b0d: mov ss, bx 0x12b0f: mov bx, cs 0x12b11: mov es, bx 0x12b13: mov sp, 0x44b
2018-12-25T12:00:30.704670132Z	75	PC: 12b23 \| Execute program
2018-12-25T12:00:30.719018743Z	76	PC: 132a5 \| Terminate with return code (Return code = '0')
2018-12-25T12:00:30.721182501Z	73	PC: 12b2d \| Release memory
2018-12-25T12:00:30.722845491Z	49	PC: 12b35 \| Terminate and stay resident (Return code = '0' \| Memory size = '128')