Sample viewer

vx.netlux.org/Virus.DOS.Lyceum.1901

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:40:32.237503136Z 171 PC: 1321f | UNKNOWN!
2018-12-17T22:40:32.23975696Z 44 PC: 13252 | Get time 0x13252: cmp dl, 0x32
0x13255: jb 0x1325b
0x13257: add si, 0x16
0x1325a: nop
0x1325b: mov cx, 0x16
0x1325e: rep movsb byte ptr es:[di], byte ptr [si]
0x13260: pop si
0x13261: push es
0x13262: pop ds
0x13263: mov word ptr [0x793], 0
0x13269: mov ax, 0x3508
0x1326c: int 0x21
0x1326e: mov word ptr [0x783], bx
0x13272: mov word ptr [0x785], es
0x13276: mov al, 9
0x13278: int 0x21
0x1327a: mov word ptr [0x787], bx
0x1327e: mov word ptr [0x789], es
0x13282: mov al, 0x13
0x13284: int 0x21
2018-12-17T22:40:32.243397778Z 53 PC: 1326e | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:40:32.245112459Z 53 PC: 1327a | Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:40:32.246841166Z 53 PC: 13286 | Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:40:32.249741423Z 53 PC: 13292 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:40:32.251428411Z 37 PC: 132a2 | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:40:32.253059395Z 37 PC: 132a9 | Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:40:32.255698382Z 37 PC: 132b0 | Set interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:40:32.257360614Z 37 PC: 132b7 | Set interrupt vector (Interrupt = '33' AKA 'Random read')