Sample viewer

vx.netlux.org/Virus.DOS.Xuxa.1088

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:47:46.563456656Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:46.572973015Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:46.574622726Z 53 PC: 12bef | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:47:46.575912224Z 74 PC: 12c12 | Reallocate memory
2018-12-17T22:47:46.578144865Z 72 PC: 12c18 | Allocate memory
2018-12-17T22:47:46.589674431Z 37 PC: 12c40 | Set interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:46.590693919Z 37 PC: 12c4a | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:47:46.591602492Z 42 PC: 9f4b0 | Get date 0x9f4b0: cmp dh, 8
0x9f4b3: jne 0x9f4b8
0x9f4b5: jmp 0x9f6a5
0x9f4b8: pop dx
0x9f4b9: mov si, dx
0x9f4bb: push cs
0x9f4bc: pop es
0x9f4bd: mov cx, 0x41
0x9f4c0: mov al, byte ptr [si]
0x9f4c2: cmp al, 0
0x9f4c4: je 0x9f4cc
0x9f4c6: inc si
0x9f4c7: dec cx
0x9f4c8: jne 0x9f4c0
0x9f4ca: jmp 0x9f4de
0x9f4cc: mov cx, 0xb
0x9f4cf: mov di, 0x22a
0x9f4d2: sub si, 0xb
0x9f4d5: repe cmpsb byte ptr [si], byte ptr es:[di]
0x9f4d7: jne 0x9f4de
2018-12-17T22:47:46.594038376Z 250 PC: 9f6a4 | UNKNOWN!
2018-12-17T22:47:46.595541514Z 53 PC: 9f4ed | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:46.597149169Z 37 PC: 9f501 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:46.598811884Z 67 PC: 9f68e | Get or set file attributes
2018-12-17T22:47:46.604921532Z 67 PC: 9f69a | Get or set file attributes
2018-12-17T22:47:46.951344818Z 61 PC: 9f516 | Open file (Filename = '�A�X�!2��B�X�!�P�k')
2018-12-17T22:47:46.959446641Z 87 PC: 9f51d | Get or set file date and time
2018-12-17T22:47:46.961735769Z 63 PC: 9f536 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:47:46.969642121Z 66 PC: 9f686 | Move file pointer
2018-12-17T22:47:46.971474055Z 44 PC: 9f560 | Get time 0x9f560: xor dh, dh
0x9f562: mov byte ptr cs:[0x113], dl
0x9f567: push bx
0x9f568: push cs
0x9f569: push cs
0x9f56a: pop ds
0x9f56b: pop es
0x9f56c: mov si, 0x100
0x9f56f: mov di, 0x541
0x9f572: mov cx, 0x44
0x9f575: rep movsb byte ptr es:[di], byte ptr [si]
0x9f577: mov dl, byte ptr [0x113]
0x9f57b: mov cx, 0x3fc
0x9f57e: mov al, byte ptr [si]
0x9f580: ror al, 5
0x9f583: xor al, dl
0x9f585: mov byte ptr es:[di], al
0x9f588: inc si
0x9f589: inc di
0x9f58a: dec cx
2018-12-17T22:47:46.974514761Z 64 PC: 9f598 | Write file or device (Write 1088 bytes on handle 5)
2018-12-17T22:47:46.990318894Z 66 PC: 9f686 | Move file pointer
2018-12-17T22:47:46.992124532Z 64 PC: 9f5a7 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:46.995561184Z 87 PC: 9f5be | Get or set file date and time
2018-12-17T22:47:46.998540153Z 67 PC: 9f69a | Get or set file attributes
2018-12-17T22:47:47.009774106Z 65 PC: 9f604 | Delete file (Filename = 'C:\DOS\CHKLIST.MS')
2018-12-17T22:47:47.017185841Z 67 PC: 9f69a | Get or set file attributes
2018-12-17T22:47:47.024444725Z 65 PC: 9f604 | Delete file (Filename = 'C:\DOS\ANTI-VIR.DAT')
2018-12-17T22:47:47.031983191Z 62 PC: 9f617 | Close file
2018-12-17T22:47:47.039623137Z 67 PC: 9f69a | Get or set file attributes
2018-12-17T22:47:47.051403808Z 37 PC: 9f62f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:47.05351911Z 53 PC: 9f634 | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.055454601Z 250 PC: 9f6a4 | UNKNOWN!
2018-12-17T22:47:47.05647144Z 37 PC: 12c5d | Set interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.058439542Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.059375929Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.060456671Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.063014669Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.068636337Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.075355729Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.077750276Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.079066452Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.080234338Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.081665705Z 53 PC: 28b | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.082981586Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.084159484Z 250 PC: 534 | UNKNOWN!
2018-12-17T22:47:47.086021938Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.087533321Z 250 PC: 534 | UNKNOWN!
2018-12-17T22:47:47.089130668Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.090684077Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.092394172Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.093956663Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.09525406Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.097197882Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.098775698Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.100050049Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.102351073Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.103873627Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.105163838Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.112264258Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.113895719Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.114719734Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.116745872Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.117803587Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.118604276Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.120153247Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.121692216Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.122968753Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.125562515Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.126883748Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.12785197Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.129242269Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.132737552Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.134871832Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.137497893Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.140304375Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.141302099Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.14272146Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.145043573Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.146023633Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.147414463Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.150077931Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.151430935Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.15308286Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.154878065Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.157200673Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.158883799Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.160309676Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.162691804Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.164530641Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.166149646Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.168128312Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.169822551Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.171452342Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.173887371Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.175671186Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.177285847Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.179249215Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.18067514Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.182221148Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.183889616Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.202609406Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.205312584Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.207422578Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.208866363Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.210682929Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.212509468Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.214315743Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.215853061Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.217331334Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-17T22:47:47.220266722Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.221806339Z 250 PC: 12e74 | UNKNOWN!
2018-12-17T22:47:47.223075077Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9330,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:22:51.624070907Z 250 PC: 12e74 | UNKNOWN!
2018-12-25T12:22:51.624828043Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T12:22:51.626188616Z 53 PC: 12bef | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:22:51.627114056Z 74 PC: 12c12 | Reallocate memory
2018-12-25T12:22:51.628080236Z 72 PC: 12c18 | Allocate memory
2018-12-25T12:22:51.629900998Z 37 PC: 12c40 | Set interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T12:22:51.630786498Z 37 PC: 12c4a | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:22:51.631653533Z 42 PC: 9f4b0 | Get date 0x9f4b0: cmp dh, 8
0x9f4b3: jne 0x9f4b8
0x9f4b5: jmp 0x9f6a5
0x9f4b8: pop dx
0x9f4b9: mov si, dx
0x9f4bb: push cs
0x9f4bc: pop es
0x9f4bd: mov cx, 0x41
0x9f4c0: mov al, byte ptr [si]
0x9f4c2: cmp al, 0
0x9f4c4: je 0x9f4cc
0x9f4c6: inc si
0x9f4c7: dec cx
0x9f4c8: jne 0x9f4c0
0x9f4ca: jmp 0x9f4de
0x9f4cc: mov cx, 0xb
0x9f4cf: mov di, 0x22a
0x9f4d2: sub si, 0xb
0x9f4d5: repe cmpsb byte ptr [si], byte ptr es:[di]
0x9f4d7: jne 0x9f4de
2018-12-25T12:22:51.634086243Z 250 PC: 9f6a4 | UNKNOWN!
2018-12-25T12:22:51.634833672Z 53 PC: 9f4ed | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:22:51.63613297Z 37 PC: 9f501 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:22:51.637578638Z 67 PC: 9f68e | Get or set file attributes
2018-12-25T12:22:51.64711751Z 67 PC: 9f69a | Get or set file attributes
2018-12-25T12:22:53.202320333Z 61 PC: 9f516 | Open file (Filename = '�A�X�!2��B�X�!�P�k')
2018-12-25T12:22:53.211612585Z 87 PC: 9f51d | Get or set file date and time
2018-12-25T12:22:53.213802202Z 63 PC: 9f536 | Read file or device (Read 3 bytes on handle 5)
2018-12-25T12:22:53.219406246Z 66 PC: 9f686 | Move file pointer
2018-12-25T12:22:53.223775926Z 44 PC: 9f560 | Get time 0x9f560: xor dh, dh
0x9f562: mov byte ptr cs:[0x113], dl
0x9f567: push bx
0x9f568: push cs
0x9f569: push cs
0x9f56a: pop ds
0x9f56b: pop es
0x9f56c: mov si, 0x100
0x9f56f: mov di, 0x541
0x9f572: mov cx, 0x44
0x9f575: rep movsb byte ptr es:[di], byte ptr [si]
0x9f577: mov dl, byte ptr [0x113]
0x9f57b: mov cx, 0x3fc
0x9f57e: mov al, byte ptr [si]
0x9f580: ror al, 5
0x9f583: xor al, dl
0x9f585: mov byte ptr es:[di], al
0x9f588: inc si
0x9f589: inc di
0x9f58a: dec cx
2018-12-25T12:22:53.233252809Z 64 PC: 9f598 | Write file or device (Write 1088 bytes on handle 5)
2018-12-25T12:22:53.248683257Z 66 PC: 9f686 | Move file pointer (See above)
2018-12-25T12:22:53.250770822Z 64 PC: 9f5a7 | Write file or device (Write 3 bytes on handle 5)
2018-12-25T12:22:53.255483601Z 87 PC: 9f5be | Get or set file date and time
2018-12-25T12:22:53.257807977Z 67 PC: 9f69a | Get or set file attributes (See above)
2018-12-25T12:22:53.268594537Z 65 PC: 9f604 | Delete file (Filename = 'C:\DOS\CHKLIST.MS')
2018-12-25T12:22:53.277427808Z 67 PC: 9f69a | Get or set file attributes (See above)
2018-12-25T12:22:53.285453802Z 65 PC: 9f604 | Delete file (See above)
2018-12-25T12:22:53.293869115Z 62 PC: 9f617 | Close file
2018-12-25T12:22:53.303177572Z 67 PC: 9f69a | Get or set file attributes (See above)
2018-12-25T12:22:53.336838954Z 37 PC: 9f62f | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:22:53.338083833Z 53 PC: 9f634 | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T12:22:53.34034598Z 250 PC: 9f6a4 | UNKNOWN! (See above)
2018-12-25T12:22:53.341770682Z 37 PC: 12c5d | Set interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T12:22:53.343609966Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.345011708Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.346751166Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.348060029Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.349841554Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.352146588Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.353104822Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.354691974Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.372609093Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.374085166Z 53 PC: 28b | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T12:22:53.375586306Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.380229246Z 250 PC: 534 | UNKNOWN!
2018-12-25T12:22:53.387834042Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.38929752Z 250 PC: 534 | UNKNOWN! (See above)
2018-12-25T12:22:53.391299979Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.392697008Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.394607275Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.396798652Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.399060988Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.400865992Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.402407565Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.404431531Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.406195752Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.407565677Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.409259163Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.41107684Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.412398611Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.414317851Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.415815175Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.417094358Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.41813528Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.420346609Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.422221417Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.423753664Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.426741203Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.428563454Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.4296039Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.431916418Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.43414403Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.435382808Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.43784153Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.439545425Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.440599605Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.443108984Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.444914854Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.445845847Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.447822634Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.450249907Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.451748706Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.45411743Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.45735502Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.458381149Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.459823652Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.462090036Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.463026631Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.464929685Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.467162447Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.468146784Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.46952963Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.471856103Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.4731563Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.474892589Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.476630019Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.478319496Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.48076247Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.482491585Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.484955501Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.486747698Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.488397321Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.490784534Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.492588687Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.494252746Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.496385389Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.498295214Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.49993348Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.502153945Z 53 PC: 12bcb | Get interrupt vector (See above)
2018-12-25T12:22:53.503684027Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.505381746Z 250 PC: 12e74 | UNKNOWN! (See above)
2018-12-25T12:22:53.506948731Z 53 PC: 12bcb | Get interrupt vector (See above)

{"DateBased":true,"Day":1,"Month":8,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9330,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:22:51.699492452Z 250 PC: 12e74 | UNKNOWN!
2018-12-25T12:22:51.701179486Z 53 PC: 12bcb | Get interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T12:22:51.702819675Z 53 PC: 12bef | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:22:51.704268422Z 74 PC: 12c12 | Reallocate memory
2018-12-25T12:22:51.705982405Z 72 PC: 12c18 | Allocate memory
2018-12-25T12:22:51.710420764Z 37 PC: 12c40 | Set interrupt vector (Interrupt = '75' AKA 'Execute program')
2018-12-25T12:22:51.711353855Z 37 PC: 12c4a | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:22:51.712331482Z 42 PC: 9f4b0 | Get date 0x9f4b0: cmp dh, 8
0x9f4b3: jne 0x9f4b8
0x9f4b5: jmp 0x9f6a5
0x9f4b8: pop dx
0x9f4b9: mov si, dx
0x9f4bb: push cs
0x9f4bc: pop es
0x9f4bd: mov cx, 0x41
0x9f4c0: mov al, byte ptr [si]
0x9f4c2: cmp al, 0
0x9f4c4: je 0x9f4cc
0x9f4c6: inc si
0x9f4c7: dec cx
0x9f4c8: jne 0x9f4c0
0x9f4ca: jmp 0x9f4de
0x9f4cc: mov cx, 0xb
0x9f4cf: mov di, 0x22a
0x9f4d2: sub si, 0xb
0x9f4d5: repe cmpsb byte ptr [si], byte ptr es:[di]
0x9f4d7: jne 0x9f4de
2018-12-25T12:22:51.714288727Z 9 PC: 9f6ac | Display string (String= 'Si no viste el Show de Xuxa por T.V, ni en vivo... ahora podes verlo en tu PC!. - XOU DA XUXA 1.2 By Leviathan.')