Sample viewer

vx.netlux.org/Virus.DOS.VCL.GunRail.353

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:42:41.711077668Z 26 PC: 12a5d | Set disk transfer address
2018-12-17T22:42:41.71273659Z 53 PC: 12a63 | Get interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:42:41.713961884Z 53 PC: 12a70 | Get interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:42:41.71511357Z 44 PC: 12a7b | Get time 0x12a7b: cmp dl, 0xd
0x12a7e: jg 0x12a84
0x12a80: mov al, 0x82
0x12a82: out 0x21, al
0x12a84: mov ah, 0x2c
0x12a86: int 0x21
0x12a88: cmp dl, 0x32
0x12a8b: jl 0x12ad3
0x12a8d: mov ah, 9
0x12a8f: lea dx, word ptr [bp + 0x15c]
0x12a93: int 0x21
0x12a95: mov ah, 0
0x12a97: int 0x16
0x12a99: jmp 0x12ad3
0x12a9b: nop
0x12a9c: inc di
0x12a9d: jne 0x12b0d
0x12a9f: push dx
0x12aa0: popaw
0x12aa1: imul bp, word ptr [si + 0x20], 0x2042
2018-12-17T22:42:41.717487016Z 44 PC: 12a88 | Get time 0x12a88: cmp dl, 0x32
0x12a8b: jl 0x12ad3
0x12a8d: mov ah, 9
0x12a8f: lea dx, word ptr [bp + 0x15c]
0x12a93: int 0x21
0x12a95: mov ah, 0
0x12a97: int 0x16
0x12a99: jmp 0x12ad3
0x12a9b: nop
0x12a9c: inc di
0x12a9d: jne 0x12b0d
0x12a9f: push dx
0x12aa0: popaw
0x12aa1: imul bp, word ptr [si + 0x20], 0x2042
0x12aa6: push si
0x12aa7: imul si, word ptr [bp + si + 0x75], 0x2073
0x12aac: dec cx
0x12aad: outsb dx, byte ptr [si]
0x12aae: arpl word ptr gs:[si + 0x65], si
0x12ab3: and word ptr fs:[bx + di], sp
2018-12-17T22:42:41.720663295Z 9 PC: 12a95 | Display string (Could not find end pointer)