Sample viewer

vx.netlux.org/Virus.DOS.Nucleii.606.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:47:50.037387867Z	26	PC: 12a59 \| Set disk transfer address
2018-12-17T22:47:50.039824804Z	25	PC: 12a5d \| Get default drive
2018-12-17T22:47:50.042452708Z	71	PC: 12a68 \| Get current directory
2018-12-17T22:47:50.048576241Z	59	PC: 12a6f \| Change current directory
2018-12-17T22:47:50.054440206Z	78	PC: 12a79 \| Find first file
2018-12-17T22:47:50.064160214Z	87	PC: 12b5d \| Get or set file date and time
2018-12-17T22:47:50.067371476Z	67	PC: 12b69 \| Get or set file attributes
2018-12-17T22:47:50.07008724Z	59	PC: 12b70 \| Change current directory
2018-12-17T22:47:50.07581173Z	59	PC: 12b77 \| Change current directory
2018-12-17T22:47:50.078433113Z	42	PC: 12b7b \| Get date 0x12b7b: cmp cx, 0x7ce 0x12b7f: jb 0x12bad 0x12b81: cmp dl, 0xf 0x12b84: jne 0x12bad 0x12b86: mov dx, 0x2ee 0x12b89: mov ah, 0x1a 0x12b8b: int 0x21 0x12b8d: mov ah, 0x4e 0x12b8f: mov cx, 7 0x12b92: mov dx, 0x2a8 0x12b95: int 0x21 0x12b97: jb 0x12bad 0x12b99: mov ax, 0x4301 0x12b9c: xor cx, cx 0x12b9e: int 0x21 0x12ba0: mov dx, 0x30c 0x12ba3: mov ah, 0x3c 0x12ba5: int 0x21 0x12ba7: jb 0x12bad 0x12ba9: mov ah, 0x4f
2018-12-17T22:47:50.081480413Z	76	PC: 12bb2 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9353,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:22:56.527917278Z	26	PC: 12a59 \| Set disk transfer address
2018-12-25T12:22:56.529549281Z	25	PC: 12a5d \| Get default drive
2018-12-25T12:22:56.530514708Z	71	PC: 12a68 \| Get current directory
2018-12-25T12:22:56.533809664Z	59	PC: 12a6f \| Change current directory
2018-12-25T12:22:56.538041069Z	78	PC: 12a79 \| Find first file
2018-12-25T12:22:56.543749592Z	87	PC: 12b5d \| Get or set file date and time
2018-12-25T12:22:56.545129166Z	67	PC: 12b69 \| Get or set file attributes
2018-12-25T12:22:56.547316728Z	59	PC: 12b70 \| Change current directory
2018-12-25T12:22:56.551111949Z	59	PC: 12b77 \| Change current directory
2018-12-25T12:22:56.552890317Z	42	PC: 12b7b \| Get date 0x12b7b: cmp cx, 0x7ce 0x12b7f: jb 0x12bad 0x12b81: cmp dl, 0xf 0x12b84: jne 0x12bad 0x12b86: mov dx, 0x2ee 0x12b89: mov ah, 0x1a 0x12b8b: int 0x21 0x12b8d: mov ah, 0x4e 0x12b8f: mov cx, 7 0x12b92: mov dx, 0x2a8 0x12b95: int 0x21 0x12b97: jb 0x12bad 0x12b99: mov ax, 0x4301 0x12b9c: xor cx, cx 0x12b9e: int 0x21 0x12ba0: mov dx, 0x30c 0x12ba3: mov ah, 0x3c 0x12ba5: int 0x21 0x12ba7: jb 0x12bad 0x12ba9: mov ah, 0x4f
2018-12-25T12:22:56.555152525Z	76	PC: 12bb2 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1998,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9353,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:22:57.156531834Z	26	PC: 12a59 \| Set disk transfer address
2018-12-25T12:22:57.15781302Z	25	PC: 12a5d \| Get default drive
2018-12-25T12:22:57.158790581Z	71	PC: 12a68 \| Get current directory
2018-12-25T12:22:57.161411143Z	59	PC: 12a6f \| Change current directory
2018-12-25T12:22:57.16551662Z	78	PC: 12a79 \| Find first file
2018-12-25T12:22:57.171062829Z	87	PC: 12b5d \| Get or set file date and time
2018-12-25T12:22:57.172365736Z	67	PC: 12b69 \| Get or set file attributes
2018-12-25T12:22:57.17456853Z	59	PC: 12b70 \| Change current directory
2018-12-25T12:22:57.179171084Z	59	PC: 12b77 \| Change current directory
2018-12-25T12:22:57.180774177Z	42	PC: 12b7b \| Get date 0x12b7b: cmp cx, 0x7ce 0x12b7f: jb 0x12bad 0x12b81: cmp dl, 0xf 0x12b84: jne 0x12bad 0x12b86: mov dx, 0x2ee 0x12b89: mov ah, 0x1a 0x12b8b: int 0x21 0x12b8d: mov ah, 0x4e 0x12b8f: mov cx, 7 0x12b92: mov dx, 0x2a8 0x12b95: int 0x21 0x12b97: jb 0x12bad 0x12b99: mov ax, 0x4301 0x12b9c: xor cx, cx 0x12b9e: int 0x21 0x12ba0: mov dx, 0x30c 0x12ba3: mov ah, 0x3c 0x12ba5: int 0x21 0x12ba7: jb 0x12bad 0x12ba9: mov ah, 0x4f
2018-12-25T12:22:57.183306714Z	76	PC: 12bb2 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":15,"Month":1,"Year":1998,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9353,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:22:57.243422693Z	26	PC: 12a59 \| Set disk transfer address
2018-12-25T12:22:57.245407734Z	25	PC: 12a5d \| Get default drive
2018-12-25T12:22:57.246391796Z	71	PC: 12a68 \| Get current directory
2018-12-25T12:22:57.248993506Z	59	PC: 12a6f \| Change current directory
2018-12-25T12:22:57.252842939Z	78	PC: 12a79 \| Find first file
2018-12-25T12:22:57.263612413Z	87	PC: 12b5d \| Get or set file date and time
2018-12-25T12:22:57.265396364Z	67	PC: 12b69 \| Get or set file attributes
2018-12-25T12:22:57.267406886Z	59	PC: 12b70 \| Change current directory
2018-12-25T12:22:57.276536528Z	59	PC: 12b77 \| Change current directory
2018-12-25T12:22:57.278248786Z	42	PC: 12b7b \| Get date 0x12b7b: cmp cx, 0x7ce 0x12b7f: jb 0x12bad 0x12b81: cmp dl, 0xf 0x12b84: jne 0x12bad 0x12b86: mov dx, 0x2ee 0x12b89: mov ah, 0x1a 0x12b8b: int 0x21 0x12b8d: mov ah, 0x4e 0x12b8f: mov cx, 7 0x12b92: mov dx, 0x2a8 0x12b95: int 0x21 0x12b97: jb 0x12bad 0x12b99: mov ax, 0x4301 0x12b9c: xor cx, cx 0x12b9e: int 0x21 0x12ba0: mov dx, 0x30c 0x12ba3: mov ah, 0x3c 0x12ba5: int 0x21 0x12ba7: jb 0x12bad 0x12ba9: mov ah, 0x4f
2018-12-25T12:22:57.280324519Z	26	PC: 12b8d \| Set disk transfer address
2018-12-25T12:22:57.282048641Z	78	PC: 12b97 \| Find first file
2018-12-25T12:22:57.291145516Z	67	PC: 12ba0 \| Get or set file attributes
2018-12-25T12:22:57.29555217Z	60	PC: 12ba7 \| Create or truncate file
2018-12-25T12:22:57.314557822Z	79	PC: 12b97 \| Find next file (See above)
2018-12-25T12:22:57.318166146Z	67	PC: 12ba0 \| Get or set file attributes (See above)
2018-12-25T12:22:57.325468822Z	60	PC: 12ba7 \| Create or truncate file (See above)
2018-12-25T12:22:57.333813796Z	79	PC: 12b97 \| Find next file (See above)
2018-12-25T12:22:57.335680459Z	67	PC: 12ba0 \| Get or set file attributes (See above)
2018-12-25T12:22:57.344000404Z	60	PC: 12ba7 \| Create or truncate file (See above)
2018-12-25T12:22:57.354771153Z	79	PC: 12b97 \| Find next file (See above)
2018-12-25T12:22:57.356508122Z	67	PC: 12ba0 \| Get or set file attributes (See above)
2018-12-25T12:22:57.364100535Z	60	PC: 12ba7 \| Create or truncate file (See above)
2018-12-25T12:22:57.377098945Z	79	PC: 12b97 \| Find next file (See above)
2018-12-25T12:22:57.380359962Z	67	PC: 12ba0 \| Get or set file attributes (See above)
2018-12-25T12:22:57.390524995Z	60	PC: 12ba7 \| Create or truncate file (See above)
2018-12-25T12:22:57.402976867Z	79	PC: 12b97 \| Find next file (See above)
2018-12-25T12:22:57.406066102Z	67	PC: 12ba0 \| Get or set file attributes (See above)
2018-12-25T12:22:57.418304667Z	60	PC: 12ba7 \| Create or truncate file (See above)
2018-12-25T12:22:57.429880063Z	79	PC: 12b97 \| Find next file (See above)
2018-12-25T12:22:57.432262623Z	67	PC: 12ba0 \| Get or set file attributes (See above)
2018-12-25T12:22:57.441563638Z	60	PC: 12ba7 \| Create or truncate file (See above)
2018-12-25T12:22:57.453303048Z	79	PC: 12b97 \| Find next file (See above)
2018-12-25T12:22:57.455750032Z	67	PC: 12ba0 \| Get or set file attributes (See above)
2018-12-25T12:22:57.464789965Z	60	PC: 12ba7 \| Create or truncate file (See above)
2018-12-25T12:22:57.479063258Z	79	PC: 12b97 \| Find next file (See above)
2018-12-25T12:22:57.481792044Z	67	PC: 12ba0 \| Get or set file attributes (See above)
2018-12-25T12:22:57.491141779Z	60	PC: 12ba7 \| Create or truncate file (See above)
2018-12-25T12:22:57.502816575Z	79	PC: 12b97 \| Find next file (See above)
2018-12-25T12:22:57.506593952Z	76	PC: 12bb2 \| Terminate with return code (Return code = '0')