Sample viewer

vx.netlux.org/Virus.DOS.FaxFree.Pinniz.1536.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:48:39.934572443Z 74 PC: 12d00 | Reallocate memory
2018-12-17T22:48:39.935499814Z 72 PC: 12d07 | Allocate memory
2018-12-17T22:48:39.93730001Z 42 PC: 134c3 | Get date 0x134c3: ret
0x134c4: pop es
0x134c5: add word ptr cs:[0x40], 1
0x134cb: cli
0x134cc: push ax
0x134cd: xor ax, ax
0x134cf: mov es, ax
0x134d1: mov ax, word ptr cs:[0x37]
0x134d5: mov word ptr es:[0x84], ax
0x134d9: mov ax, word ptr cs:[0x39]
0x134dd: mov word ptr es:[0x86], ax
0x134e1: pop ax
0x134e2: call 0x2319e
0x134e5: cmp byte ptr cs:[0x34d], 7
0x134eb: je 0x134e2
0x134ed: int 0x21
0x134ef: call 0x2317b
0x134f2: cli
0x134f3: xor ax, ax
0x134f5: mov es, ax
2018-12-17T22:48:39.939070889Z 72 PC: 13247 | Allocate memory
2018-12-17T22:48:39.94052182Z 75 PC: 13281 | Execute program
2018-12-17T22:48:39.951866809Z 76 PC: 13934 | Terminate with return code (Return code = '0')
2018-12-17T22:48:39.955339391Z 53 PC: 13295 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:48:39.957068141Z 37 PC: 132ac | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:48:39.960253869Z 77 PC: 132b0 | Get program return code
2018-12-17T22:48:39.962015152Z 49 PC: 132b7 | Terminate and stay resident (Return code = '0' | Memory size = '96')