Sample viewer

vx.netlux.org/Virus.DOS.Nauru.521

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:42:01.365274131Z 42 PC: 12a7c | Get date 0x12a7c: cmp al, 1
0x12a7e: jne 0x12a8b
0x12a80: mov ax, cs
0x12a82: mov ds, ax
0x12a84: mov ah, 9
0x12a86: mov dx, 0x194
0x12a89: int 0x21
0x12a8b: mov ax, cs
0x12a8d: mov ds, ax
0x12a8f: mov ah, 0x1a
0x12a91: mov dx, 0x500
0x12a94: int 0x21
0x12a96: mov ah, 0x4e
0x12a98: mov dx, 0x303
0x12a9b: xor cx, cx
0x12a9d: int 0x21
0x12a9f: jb 0x12ab9
0x12aa1: mov ax, 0x3d02
0x12aa4: mov dx, 0x51e
0x12aa7: int 0x21
2018-12-17T22:42:01.368588736Z 9 PC: 12a8b | Display string (Could not find end pointer)
2018-12-17T22:42:01.382956011Z 26 PC: 12a96 | Set disk transfer address
2018-12-17T22:42:01.384549594Z 78 PC: 12a9f | Find first file
2018-12-17T22:42:01.391152385Z 43 PC: 12ac3 | Set date
2018-12-17T22:42:01.394069094Z 9 PC: 12ad1 | Display string (String= 'Incorrect DOS version ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7419,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:40.918871836Z 42 PC: 12a7c | Get date 0x12a7c: cmp al, 1
0x12a7e: jne 0x12a8b
0x12a80: mov ax, cs
0x12a82: mov ds, ax
0x12a84: mov ah, 9
0x12a86: mov dx, 0x194
0x12a89: int 0x21
0x12a8b: mov ax, cs
0x12a8d: mov ds, ax
0x12a8f: mov ah, 0x1a
0x12a91: mov dx, 0x500
0x12a94: int 0x21
0x12a96: mov ah, 0x4e
0x12a98: mov dx, 0x303
0x12a9b: xor cx, cx
0x12a9d: int 0x21
0x12a9f: jb 0x12ab9
0x12aa1: mov ax, 0x3d02
0x12aa4: mov dx, 0x51e
0x12aa7: int 0x21
2018-12-25T12:01:40.922249204Z 26 PC: 12a96 | Set disk transfer address
2018-12-25T12:01:40.923573552Z 78 PC: 12a9f | Find first file
2018-12-25T12:01:40.930356498Z 43 PC: 12ac3 | Set date
2018-12-25T12:01:40.931559092Z 9 PC: 12ad1 | Display string (String= 'Incorrect DOS version ')

{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7419,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:01:40.918968108Z 42 PC: 12a7c | Get date 0x12a7c: cmp al, 1
0x12a7e: jne 0x12a8b
0x12a80: mov ax, cs
0x12a82: mov ds, ax
0x12a84: mov ah, 9
0x12a86: mov dx, 0x194
0x12a89: int 0x21
0x12a8b: mov ax, cs
0x12a8d: mov ds, ax
0x12a8f: mov ah, 0x1a
0x12a91: mov dx, 0x500
0x12a94: int 0x21
0x12a96: mov ah, 0x4e
0x12a98: mov dx, 0x303
0x12a9b: xor cx, cx
0x12a9d: int 0x21
0x12a9f: jb 0x12ab9
0x12aa1: mov ax, 0x3d02
0x12aa4: mov dx, 0x51e
0x12aa7: int 0x21
2018-12-25T12:01:40.921453261Z 9 PC: 12a8b | Display string (Could not find end pointer)
2018-12-25T12:01:40.93450753Z 26 PC: 12a96 | Set disk transfer address
2018-12-25T12:01:40.93947793Z 78 PC: 12a9f | Find first file
2018-12-25T12:01:40.948458526Z 43 PC: 12ac3 | Set date
2018-12-25T12:01:40.949510715Z 9 PC: 12ad1 | Display string (String= 'Incorrect DOS version ')