Sample viewer

vx.netlux.org/Virus.DOS.Hymn.2144

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:49:04.780811707Z 73 PC: 138c9 | Release memory
2018-12-17T22:49:04.782748587Z 72 PC: 138d0 | Allocate memory
2018-12-17T22:49:04.785150149Z 74 PC: 138e2 | Reallocate memory
2018-12-17T22:49:04.786924012Z 74 PC: 138f2 | Reallocate memory
2018-12-17T22:49:04.788925232Z 98 PC: 13939 | Get current PSP
2018-12-17T22:49:04.791343024Z 42 PC: 13973 | Get date 0x13973: cmp dl, dh
0x13975: je 0x1398b
0x13977: jmp 0x13a07
0x1397a: imul sp, word ptr [bp + si + 0x6d], 0x4040
0x1397f: push bx
0x13980: dec si
0x13981: push bx
0x13982: and byte ptr [bx + si], ah
0x13984: and byte ptr [bx + si], ah
0x13986: and byte ptr [bx + si], ah
0x13988: and byte ptr [bx + si], ah
0x1398a: and byte ptr [0x5e1f], cl
0x1398e: push si
0x1398f: mov byte ptr cs:[si + 0x221], 0xcd
0x13995: mov al, 2
0x13997: mov cx, 1
0x1399a: xor dx, dx
0x1399c: mov byte ptr cs:[si + 0x222], 0x25
0x139a2: mov bx, si
0x139a4: add bx, 0x3df

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9768,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:23:45.52760505Z 73 PC: 138c9 | Release memory
2018-12-25T12:23:45.529781913Z 72 PC: 138d0 | Allocate memory
2018-12-25T12:23:45.53153791Z 74 PC: 138e2 | Reallocate memory
2018-12-25T12:23:45.532828648Z 74 PC: 138f2 | Reallocate memory
2018-12-25T12:23:45.534865739Z 98 PC: 13939 | Get current PSP
2018-12-25T12:23:45.535726531Z 42 PC: 13973 | Get date 0x13973: cmp dl, dh
0x13975: je 0x1398b
0x13977: jmp 0x13a07
0x1397a: imul sp, word ptr [bp + si + 0x6d], 0x4040
0x1397f: push bx
0x13980: dec si
0x13981: push bx
0x13982: and byte ptr [bx + si], ah
0x13984: and byte ptr [bx + si], ah
0x13986: and byte ptr [bx + si], ah
0x13988: and byte ptr [bx + si], ah
0x1398a: and byte ptr [0x5e1f], cl
0x1398e: push si
0x1398f: mov byte ptr cs:[si + 0x221], 0xcd
0x13995: mov al, 2
0x13997: mov cx, 1
0x1399a: xor dx, dx
0x1399c: mov byte ptr cs:[si + 0x222], 0x25
0x139a2: mov bx, si
0x139a4: add bx, 0x3df

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9768,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:23:45.584173424Z 73 PC: 138c9 | Release memory
2018-12-25T12:23:45.586767043Z 72 PC: 138d0 | Allocate memory
2018-12-25T12:23:45.58843082Z 74 PC: 138e2 | Reallocate memory
2018-12-25T12:23:45.589846295Z 74 PC: 138f2 | Reallocate memory
2018-12-25T12:23:45.592230116Z 98 PC: 13939 | Get current PSP
2018-12-25T12:23:45.593092498Z 42 PC: 13973 | Get date 0x13973: cmp dl, dh
0x13975: je 0x1398b
0x13977: jmp 0x13a07
0x1397a: imul sp, word ptr [bp + si + 0x6d], 0x4040
0x1397f: push bx
0x13980: dec si
0x13981: push bx
0x13982: and byte ptr [bx + si], ah
0x13984: and byte ptr [bx + si], ah
0x13986: and byte ptr [bx + si], ah
0x13988: and byte ptr [bx + si], ah
0x1398a: and byte ptr [0x5e1f], cl
0x1398e: push si
0x1398f: mov byte ptr cs:[si + 0x221], 0xcd
0x13995: mov al, 2
0x13997: mov cx, 1
0x1399a: xor dx, dx
0x1399c: mov byte ptr cs:[si + 0x222], 0x25
0x139a2: mov bx, si
0x139a4: add bx, 0x3df