Sample viewer

vx.netlux.org/Virus.DOS.Spanish.1417

Time	Syscall Op	Syscall Name
2018-12-17T22:42:12.931141936Z	74	PC: 12b53 \| Reallocate memory
2018-12-17T22:42:12.934167375Z	26	PC: 12b59 \| Set disk transfer address
2018-12-17T22:42:12.936279998Z	42	PC: 12b5d \| Get date 0x12b5d: xor al, al 0x12b5f: cmp dx, 0xc1c 0x12b63: jne 0x12b67 0x12b65: dec al 0x12b67: mov byte ptr [0x3c], al 0x12b6a: mov ah, 0x30 0x12b6c: int 0x21 0x12b6e: mov byte ptr [0x3d], al 0x12b71: mov es, word ptr [0x3a] 0x12b75: mov es, word ptr es:[0x2c] 0x12b7a: xor di, di 0x12b7c: mov cx, 0x7fff 0x12b7f: xor al, al 0x12b81: repne scasb al, byte ptr es:[di] 0x12b83: cmp byte ptr es:[di], al 0x12b86: loopne 0x12b81 0x12b88: mov dx, di 0x12b8a: add dx, 3 0x12b8d: mov ax, word ptr [0x3a] 0x12b90: mov word ptr [0x47], ax
2018-12-17T22:42:12.939566522Z	48	PC: 12b6e \| Get DOS version
2018-12-17T22:42:12.941330123Z	75	PC: 12ba5 \| Execute program
2018-12-17T22:42:12.957690776Z	9	PC: 13412 \| Display string (Could not find end pointer)
2018-12-17T22:42:12.962171181Z	76	PC: 13418 \| Terminate with return code (Return code = '0')
2018-12-17T22:42:12.965461277Z	73	PC: 12bb4 \| Release memory
2018-12-17T22:42:12.967671776Z	77	PC: 12bb8 \| Get program return code
2018-12-17T22:42:12.968899851Z	49	PC: 12bc5 \| Terminate and stay resident (Return code = '0' \| Memory size = '113')

Time	Syscall Op	Syscall Name
2018-12-25T12:01:46.02073613Z	74	PC: 12b53 \| Reallocate memory
2018-12-25T12:01:46.02375665Z	26	PC: 12b59 \| Set disk transfer address
2018-12-25T12:01:46.025374199Z	42	PC: 12b5d \| Get date 0x12b5d: xor al, al 0x12b5f: cmp dx, 0xc1c 0x12b63: jne 0x12b67 0x12b65: dec al 0x12b67: mov byte ptr [0x3c], al 0x12b6a: mov ah, 0x30 0x12b6c: int 0x21 0x12b6e: mov byte ptr [0x3d], al 0x12b71: mov es, word ptr [0x3a] 0x12b75: mov es, word ptr es:[0x2c] 0x12b7a: xor di, di 0x12b7c: mov cx, 0x7fff 0x12b7f: xor al, al 0x12b81: repne scasb al, byte ptr es:[di] 0x12b83: cmp byte ptr es:[di], al 0x12b86: loopne 0x12b81 0x12b88: mov dx, di 0x12b8a: add dx, 3 0x12b8d: mov ax, word ptr [0x3a] 0x12b90: mov word ptr [0x47], ax
2018-12-25T12:01:46.028775239Z	48	PC: 12b6e \| Get DOS version
2018-12-25T12:01:46.030647001Z	75	PC: 12ba5 \| Execute program
2018-12-25T12:01:46.048957727Z	9	PC: 13412 \| Display string (Could not find end pointer)
2018-12-25T12:01:46.055114484Z	76	PC: 13418 \| Terminate with return code (Return code = '0')
2018-12-25T12:01:46.058562699Z	73	PC: 12bb4 \| Release memory
2018-12-25T12:01:46.061503004Z	77	PC: 12bb8 \| Get program return code
2018-12-25T12:01:46.062827508Z	49	PC: 12bc5 \| Terminate and stay resident (Return code = '0' \| Memory size = '113')

Time	Syscall Op	Syscall Name
2018-12-25T12:01:46.289584609Z	74	PC: 12b53 \| Reallocate memory
2018-12-25T12:01:46.291871463Z	26	PC: 12b59 \| Set disk transfer address
2018-12-25T12:01:46.293196583Z	42	PC: 12b5d \| Get date 0x12b5d: xor al, al 0x12b5f: cmp dx, 0xc1c 0x12b63: jne 0x12b67 0x12b65: dec al 0x12b67: mov byte ptr [0x3c], al 0x12b6a: mov ah, 0x30 0x12b6c: int 0x21 0x12b6e: mov byte ptr [0x3d], al 0x12b71: mov es, word ptr [0x3a] 0x12b75: mov es, word ptr es:[0x2c] 0x12b7a: xor di, di 0x12b7c: mov cx, 0x7fff 0x12b7f: xor al, al 0x12b81: repne scasb al, byte ptr es:[di] 0x12b83: cmp byte ptr es:[di], al 0x12b86: loopne 0x12b81 0x12b88: mov dx, di 0x12b8a: add dx, 3 0x12b8d: mov ax, word ptr [0x3a] 0x12b90: mov word ptr [0x47], ax
2018-12-25T12:01:46.295718115Z	48	PC: 12b6e \| Get DOS version
2018-12-25T12:01:46.297523224Z	75	PC: 12ba5 \| Execute program
2018-12-25T12:01:46.311638599Z	9	PC: 13412 \| Display string (Could not find end pointer)
2018-12-25T12:01:46.31742111Z	76	PC: 13418 \| Terminate with return code (Return code = '0')
2018-12-25T12:01:46.320329524Z	73	PC: 12bb4 \| Release memory
2018-12-25T12:01:46.322131087Z	77	PC: 12bb8 \| Get program return code
2018-12-25T12:01:46.323459505Z	49	PC: 12bc5 \| Terminate and stay resident (Return code = '0' \| Memory size = '113')