Sample viewer

vx.netlux.org/Virus.DOS.Atencion.927

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:49:35.154486709Z	202	PC: 13c45 \| UNKNOWN!
2018-12-17T22:49:35.157643568Z	42	PC: 13c51 \| Get date 0x13c51: cmp dl, 3 0x13c54: jne 0x13cb4 0x13c56: cmp dh, 5 0x13c59: jne 0x13cb4 0x13c5b: mov ah, 0xf 0x13c5d: int 0x10 0x13c5f: mov ah, 0 0x13c61: int 0x10 0x13c63: push cs 0x13c64: pop ds 0x13c65: mov si, 0x2dd 0x13c68: mov bx, word ptr [si] 0x13c6a: cmp bx, 0 0x13c6d: je 0x13c65 0x13c6f: mov ax, 0x34dd 0x13c72: mov dx, 0x12 0x13c75: cmp dx, bx 0x13c77: jae 0x13caf 0x13c79: div bx 0x13c7b: mov bx, ax
2018-12-17T22:49:35.160084907Z	53	PC: 13cb9 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:49:35.161584255Z	74	PC: 13cd6 \| Reallocate memory
2018-12-17T22:49:35.163922734Z	72	PC: 13cdd \| Allocate memory
2018-12-17T22:49:35.165606641Z	37	PC: 13d01 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:49:35.167018837Z	9	PC: 12a5c \| Display string (Could not find end pointer)
2018-12-17T22:49:35.172712114Z	76	PC: 12a61 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9939,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:26:44.793314633Z	202	PC: 13c45 \| UNKNOWN!
2018-12-25T12:26:44.795385538Z	42	PC: 13c51 \| Get date 0x13c51: cmp dl, 3 0x13c54: jne 0x13cb4 0x13c56: cmp dh, 5 0x13c59: jne 0x13cb4 0x13c5b: mov ah, 0xf 0x13c5d: int 0x10 0x13c5f: mov ah, 0 0x13c61: int 0x10 0x13c63: push cs 0x13c64: pop ds 0x13c65: mov si, 0x2dd 0x13c68: mov bx, word ptr [si] 0x13c6a: cmp bx, 0 0x13c6d: je 0x13c65 0x13c6f: mov ax, 0x34dd 0x13c72: mov dx, 0x12 0x13c75: cmp dx, bx 0x13c77: jae 0x13caf 0x13c79: div bx 0x13c7b: mov bx, ax
2018-12-25T12:26:44.79733063Z	53	PC: 13cb9 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:26:44.798748134Z	74	PC: 13cd6 \| Reallocate memory
2018-12-25T12:26:44.800504745Z	72	PC: 13cdd \| Allocate memory
2018-12-25T12:26:44.801947169Z	37	PC: 13d01 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:26:44.802955901Z	9	PC: 12a5c \| Display string (Could not find end pointer)
2018-12-25T12:26:44.807518506Z	76	PC: 12a61 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":3,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9939,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:26:44.851722078Z	202	PC: 13c45 \| UNKNOWN!
2018-12-25T12:26:44.855721973Z	42	PC: 13c51 \| Get date 0x13c51: cmp dl, 3 0x13c54: jne 0x13cb4 0x13c56: cmp dh, 5 0x13c59: jne 0x13cb4 0x13c5b: mov ah, 0xf 0x13c5d: int 0x10 0x13c5f: mov ah, 0 0x13c61: int 0x10 0x13c63: push cs 0x13c64: pop ds 0x13c65: mov si, 0x2dd 0x13c68: mov bx, word ptr [si] 0x13c6a: cmp bx, 0 0x13c6d: je 0x13c65 0x13c6f: mov ax, 0x34dd 0x13c72: mov dx, 0x12 0x13c75: cmp dx, bx 0x13c77: jae 0x13caf 0x13c79: div bx 0x13c7b: mov bx, ax
2018-12-25T12:26:44.857600649Z	53	PC: 13cb9 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:26:44.858903744Z	74	PC: 13cd6 \| Reallocate memory
2018-12-25T12:26:44.860502988Z	72	PC: 13cdd \| Allocate memory
2018-12-25T12:26:44.86292731Z	37	PC: 13d01 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:26:44.864545744Z	9	PC: 12a5c \| Display string (Could not find end pointer)
2018-12-25T12:26:44.868508901Z	76	PC: 12a61 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":3,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9939,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:26:44.986509699Z	202	PC: 13c45 \| UNKNOWN!
2018-12-25T12:26:44.988746282Z	42	PC: 13c51 \| Get date 0x13c51: cmp dl, 3 0x13c54: jne 0x13cb4 0x13c56: cmp dh, 5 0x13c59: jne 0x13cb4 0x13c5b: mov ah, 0xf 0x13c5d: int 0x10 0x13c5f: mov ah, 0 0x13c61: int 0x10 0x13c63: push cs 0x13c64: pop ds 0x13c65: mov si, 0x2dd 0x13c68: mov bx, word ptr [si] 0x13c6a: cmp bx, 0 0x13c6d: je 0x13c65 0x13c6f: mov ax, 0x34dd 0x13c72: mov dx, 0x12 0x13c75: cmp dx, bx 0x13c77: jae 0x13caf 0x13c79: div bx 0x13c7b: mov bx, ax
2018-12-25T12:26:45.129017737Z	2	PC: 13caf \| Character output (Char = 'ad')
2018-12-25T12:26:45.294338307Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:45.459796369Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:45.626372903Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:45.79280366Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:45.957250247Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:46.123092524Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:46.28873697Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:46.454700546Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:46.621614025Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:46.786812067Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:46.952523733Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:47.120537674Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:47.286179645Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:47.451795124Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:47.618411615Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:47.784340721Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:47.949943794Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:48.115533779Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:48.281900745Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:48.447310705Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:48.61273665Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:48.779564078Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:48.945139594Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:49.110905209Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:49.277292126Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:49.442915893Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:49.608548684Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:49.775237395Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:49.94039588Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:50.105855946Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:50.273001034Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:50.438422712Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:50.604331208Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:50.770473708Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:50.936510493Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:51.102157288Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:51.267792226Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:51.434782733Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:51.59966293Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:51.765033069Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:51.934263051Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:52.099830053Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:52.265598873Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:52.431962726Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:52.597721343Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:52.763352995Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:52.928951833Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:53.095031081Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:53.260652791Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:53.426485774Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:53.592331762Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:53.75792041Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:53.923844043Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:54.08957162Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:54.255293968Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:54.420999699Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:54.587712815Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:54.752829769Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:54.918212227Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:55.084747935Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:55.250541163Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:55.416288057Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:55.583001399Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:55.74893486Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:55.914332371Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:56.079973904Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:56.245831758Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:56.411068932Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:56.577571898Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:56.742890035Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:56.908200529Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:57.07406119Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:57.240183417Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:57.405564185Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:57.571111921Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:57.737512681Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:57.902785799Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:58.068312486Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:58.234798497Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:58.400259562Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:58.565834569Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:58.731778927Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:58.89740084Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:59.063164682Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:59.229658226Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:59.395373149Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:59.561029663Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:59.726758214Z	2	PC: 13caf \| Character output (See above)
2018-12-25T12:26:59.893158099Z	2	PC: 13caf \| Character output (See above)