Sample viewer

vx.netlux.org/Virus.DOS.FaxFree.Mecojoni.e

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:43:10.925224898Z 74 PC: 12d1e | Reallocate memory
2018-12-17T22:43:10.928356504Z 72 PC: 12d25 | Allocate memory
2018-12-17T22:43:10.930592973Z 44 PC: 1348b | Get time 0x1348b: mov byte ptr cs:[0x51], cl
0x13490: ret
0x13491: pop es
0x13492: push sp
0x13493: jne 0x13507
0x13495: bound bp, dword ptr [bx + 0x20]
0x13498: inc cx
0x13499: jae 0x1350e
0x1349b: insw word ptr es:[di], dx
0x1349d: bound bp, dword ptr [si + 0x65]
0x134a0: jb 0x134c2
0x134a2: bound di, dword ptr [bx + di + 0x20]
0x134a5: inc bp
0x134a6: and byte ptr cs:[bp + si + 0x69], bl
0x134aa: insw word ptr es:[di], dx
0x134ab: jne 0x13512
0x134ad: insb byte ptr es:[di], dx
0x134ae: and byte ptr [bx + di], dh
0x134b0: cmp word ptr [bx + di], di
0x134b2: xor dh, byte ptr [si - 0x32d6]
2018-12-17T22:43:10.933158Z 72 PC: 13265 | Allocate memory
2018-12-17T22:43:10.935603867Z 75 PC: 132a5 | Execute program
2018-12-17T22:43:10.950931003Z 76 PC: 13934 | Terminate with return code (Return code = '0')
2018-12-17T22:43:10.95419709Z 53 PC: 132b9 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:43:10.956746468Z 37 PC: 132d0 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:43:10.958281113Z 77 PC: 132d4 | Get program return code
2018-12-17T22:43:10.95977271Z 49 PC: 132db | Terminate and stay resident (Return code = '0' | Memory size = '96')