Sample viewer

vx.netlux.org/Virus.DOS.Lena.1000

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:43:02.219284004Z 238 PC: 13221 | UNKNOWN!
2018-12-17T22:43:02.221312018Z 42 PC: 1325e | Get date 0x1325e: cmp dx, 0x214
0x13262: je 0x13267
0x13264: jmp 0x1331b
0x13267: xor cx, cx
0x13269: mov dx, 0x1750
0x1326c: mov ax, 0x600
0x1326f: mov bh, 0
0x13271: int 0x10
0x13273: push ds
0x13274: pop es
0x13275: mov cx, 0x4a
0x13278: mov di, 0x1c1
0x1327b: mov si, di
0x1327d: mov bp, di
0x1327f: lodsb al, byte ptr [si]
0x13280: xor al, 0x8b
0x13282: stosb byte ptr es:[di], al
0x13283: loop 0x1327f
0x13285: mov ax, 0x1301
0x13288: mov bl, 0xe
2018-12-17T22:43:02.223855503Z 74 PC: 13322 | Reallocate memory
2018-12-17T22:43:02.225810096Z 53 PC: 12b63 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:43:02.227477331Z 37 PC: 12b72 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:43:02.231232417Z 73 PC: 12b7a | Release memory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7753,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:02:32.683196819Z 238 PC: 13221 | UNKNOWN!
2018-12-25T12:02:32.684860296Z 42 PC: 1325e | Get date 0x1325e: cmp dx, 0x214
0x13262: je 0x13267
0x13264: jmp 0x1331b
0x13267: xor cx, cx
0x13269: mov dx, 0x1750
0x1326c: mov ax, 0x600
0x1326f: mov bh, 0
0x13271: int 0x10
0x13273: push ds
0x13274: pop es
0x13275: mov cx, 0x4a
0x13278: mov di, 0x1c1
0x1327b: mov si, di
0x1327d: mov bp, di
0x1327f: lodsb al, byte ptr [si]
0x13280: xor al, 0x8b
0x13282: stosb byte ptr es:[di], al
0x13283: loop 0x1327f
0x13285: mov ax, 0x1301
0x13288: mov bl, 0xe
2018-12-25T12:02:32.687907204Z 74 PC: 13322 | Reallocate memory
2018-12-25T12:02:32.690199572Z 53 PC: 12b63 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:02:32.693026739Z 37 PC: 12b72 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:02:32.695004392Z 73 PC: 12b7a | Release memory

{"DateBased":true,"Day":20,"Month":2,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7753,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:02:34.009875335Z 238 PC: 13221 | UNKNOWN!
2018-12-25T12:02:34.011212146Z 42 PC: 1325e | Get date 0x1325e: cmp dx, 0x214
0x13262: je 0x13267
0x13264: jmp 0x1331b
0x13267: xor cx, cx
0x13269: mov dx, 0x1750
0x1326c: mov ax, 0x600
0x1326f: mov bh, 0
0x13271: int 0x10
0x13273: push ds
0x13274: pop es
0x13275: mov cx, 0x4a
0x13278: mov di, 0x1c1
0x1327b: mov si, di
0x1327d: mov bp, di
0x1327f: lodsb al, byte ptr [si]
0x13280: xor al, 0x8b
0x13282: stosb byte ptr es:[di], al
0x13283: loop 0x1327f
0x13285: mov ax, 0x1301
0x13288: mov bl, 0xe