Sample viewer

vx.netlux.org/Virus.DOS.VRN.2284

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:42:01.050784008Z	42	PC: 12f9f \| Get date 0x12f9f: cmp dh, 7 0x12fa2: jne 0x12fac 0x12fa4: cmp dl, 4 0x12fa7: jne 0x12fac 0x12fa9: jmp 0x13137 0x12fac: sti 0x12fad: ret 0x12fae: inc cx 0x12faf: push si 0x12fb0: push ax 0x12fb1: dec sp 0x12fb2: dec cx 0x12fb3: push sp 0x12fb4: inc bp 0x12fb5: pop es 0x12fb6: inc cx 0x12fb7: dec si 0x12fb8: push sp 0x12fb9: dec cx 0x12fba: sub ax, 0x4956
2018-12-17T22:42:01.054691096Z	48	PC: 12a6b \| Get DOS version

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7418,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:01:36.149674321Z	42	PC: 12f9f \| Get date 0x12f9f: cmp dh, 7 0x12fa2: jne 0x12fac 0x12fa4: cmp dl, 4 0x12fa7: jne 0x12fac 0x12fa9: jmp 0x13137 0x12fac: sti 0x12fad: ret 0x12fae: inc cx 0x12faf: push si 0x12fb0: push ax 0x12fb1: dec sp 0x12fb2: dec cx 0x12fb3: push sp 0x12fb4: inc bp 0x12fb5: pop es 0x12fb6: inc cx 0x12fb7: dec si 0x12fb8: push sp 0x12fb9: dec cx 0x12fba: sub ax, 0x4956
2018-12-25T12:01:36.15197925Z	48	PC: 12a6b \| Get DOS version

{"DateBased":true,"Day":1,"Month":7,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7418,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:01:36.742812801Z	42	PC: 12f9f \| Get date 0x12f9f: cmp dh, 7 0x12fa2: jne 0x12fac 0x12fa4: cmp dl, 4 0x12fa7: jne 0x12fac 0x12fa9: jmp 0x13137 0x12fac: sti 0x12fad: ret 0x12fae: inc cx 0x12faf: push si 0x12fb0: push ax 0x12fb1: dec sp 0x12fb2: dec cx 0x12fb3: push sp 0x12fb4: inc bp 0x12fb5: pop es 0x12fb6: inc cx 0x12fb7: dec si 0x12fb8: push sp 0x12fb9: dec cx 0x12fba: sub ax, 0x4956
2018-12-25T12:01:36.745078557Z	48	PC: 12a6b \| Get DOS version

{"DateBased":true,"Day":4,"Month":7,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7418,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:01:37.194439013Z	42	PC: 12f9f \| Get date 0x12f9f: cmp dh, 7 0x12fa2: jne 0x12fac 0x12fa4: cmp dl, 4 0x12fa7: jne 0x12fac 0x12fa9: jmp 0x13137 0x12fac: sti 0x12fad: ret 0x12fae: inc cx 0x12faf: push si 0x12fb0: push ax 0x12fb1: dec sp 0x12fb2: dec cx 0x12fb3: push sp 0x12fb4: inc bp 0x12fb5: pop es 0x12fb6: inc cx 0x12fb7: dec si 0x12fb8: push sp 0x12fb9: dec cx 0x12fba: sub ax, 0x4956

{"DateBased":true,"Day":1,"Month":7,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7418,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:01:37.609452991Z	42	PC: 12f9f \| Get date 0x12f9f: cmp dh, 7 0x12fa2: jne 0x12fac 0x12fa4: cmp dl, 4 0x12fa7: jne 0x12fac 0x12fa9: jmp 0x13137 0x12fac: sti 0x12fad: ret 0x12fae: inc cx 0x12faf: push si 0x12fb0: push ax 0x12fb1: dec sp 0x12fb2: dec cx 0x12fb3: push sp 0x12fb4: inc bp 0x12fb5: pop es 0x12fb6: inc cx 0x12fb7: dec si 0x12fb8: push sp 0x12fb9: dec cx 0x12fba: sub ax, 0x4956
2018-12-25T12:01:37.612770887Z	48	PC: 12a6b \| Get DOS version

{"DateBased":true,"Day":4,"Month":7,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7418,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:01:37.62410702Z	42	PC: 12f9f \| Get date 0x12f9f: cmp dh, 7 0x12fa2: jne 0x12fac 0x12fa4: cmp dl, 4 0x12fa7: jne 0x12fac 0x12fa9: jmp 0x13137 0x12fac: sti 0x12fad: ret 0x12fae: inc cx 0x12faf: push si 0x12fb0: push ax 0x12fb1: dec sp 0x12fb2: dec cx 0x12fb3: push sp 0x12fb4: inc bp 0x12fb5: pop es 0x12fb6: inc cx 0x12fb7: dec si 0x12fb8: push sp 0x12fb9: dec cx 0x12fba: sub ax, 0x4956

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7418,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:01:37.792296494Z	42	PC: 12f9f \| Get date 0x12f9f: cmp dh, 7 0x12fa2: jne 0x12fac 0x12fa4: cmp dl, 4 0x12fa7: jne 0x12fac 0x12fa9: jmp 0x13137 0x12fac: sti 0x12fad: ret 0x12fae: inc cx 0x12faf: push si 0x12fb0: push ax 0x12fb1: dec sp 0x12fb2: dec cx 0x12fb3: push sp 0x12fb4: inc bp 0x12fb5: pop es 0x12fb6: inc cx 0x12fb7: dec si 0x12fb8: push sp 0x12fb9: dec cx 0x12fba: sub ax, 0x4956
2018-12-25T12:01:37.795787796Z	48	PC: 12a6b \| Get DOS version