Sample viewer

vx.netlux.org/Virus.DOS.HtTM.935

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:52:00.769797198Z 48 PC: 12a44 | Get DOS version
2018-12-17T22:52:00.772351698Z 48 PC: 12ae4 | Get DOS version
2018-12-17T22:52:00.775602329Z 74 PC: 12af1 | Reallocate memory
2018-12-17T22:52:00.782787387Z 74 PC: 12af9 | Reallocate memory
2018-12-17T22:52:00.792425574Z 72 PC: 12b09 | Allocate memory
2018-12-17T22:52:00.794373364Z 42 PC: 12b58 | Get date 0x12b58: cmp dh, 5
0x12b5b: jb 0x12b87
0x12b5d: cmp dl, 9
0x12b60: jb 0x12b87
0x12b62: cmp cx, 0x7cb
0x12b66: jb 0x12b87
0x12b68: cmp al, 0
0x12b6a: jne 0x12b87
0x12b6c: mov ah, 0x2c
0x12b6e: int 0x21
0x12b70: cmp ch, 0xc
0x12b73: jne 0x12b87
0x12b75: cmp cl, 0x1e
0x12b78: jb 0x12b87
0x12b7a: cmp dh, 0x1e
0x12b7d: jb 0x12b87
0x12b7f: cmp dl, 0x32
0x12b82: jb 0x12b87
0x12b84: call 0x12d5f
0x12b87: xor ax, ax

{"DateBased":true,"Day":1,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10739,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:28:58.772958981Z 48 PC: 12a44 | Get DOS version
2018-12-25T12:28:58.776726557Z 48 PC: 12ae4 | Get DOS version
2018-12-25T12:28:58.778122768Z 74 PC: 12af1 | Reallocate memory
2018-12-25T12:28:58.779590397Z 74 PC: 12af9 | Reallocate memory
2018-12-25T12:28:58.78166411Z 72 PC: 12b09 | Allocate memory
2018-12-25T12:28:58.783409964Z 42 PC: 12b58 | Get date 0x12b58: cmp dh, 5
0x12b5b: jb 0x12b87
0x12b5d: cmp dl, 9
0x12b60: jb 0x12b87
0x12b62: cmp cx, 0x7cb
0x12b66: jb 0x12b87
0x12b68: cmp al, 0
0x12b6a: jne 0x12b87
0x12b6c: mov ah, 0x2c
0x12b6e: int 0x21
0x12b70: cmp ch, 0xc
0x12b73: jne 0x12b87
0x12b75: cmp cl, 0x1e
0x12b78: jb 0x12b87
0x12b7a: cmp dh, 0x1e
0x12b7d: jb 0x12b87
0x12b7f: cmp dl, 0x32
0x12b82: jb 0x12b87
0x12b84: call 0x12d5f
0x12b87: xor ax, ax

{"DateBased":true,"Day":9,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10739,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:28:59.077581041Z 48 PC: 12a44 | Get DOS version
2018-12-25T12:28:59.089323369Z 48 PC: 12ae4 | Get DOS version
2018-12-25T12:28:59.091121863Z 74 PC: 12af1 | Reallocate memory
2018-12-25T12:28:59.093346662Z 74 PC: 12af9 | Reallocate memory
2018-12-25T12:28:59.095338512Z 72 PC: 12b09 | Allocate memory
2018-12-25T12:28:59.098340017Z 42 PC: 12b58 | Get date 0x12b58: cmp dh, 5
0x12b5b: jb 0x12b87
0x12b5d: cmp dl, 9
0x12b60: jb 0x12b87
0x12b62: cmp cx, 0x7cb
0x12b66: jb 0x12b87
0x12b68: cmp al, 0
0x12b6a: jne 0x12b87
0x12b6c: mov ah, 0x2c
0x12b6e: int 0x21
0x12b70: cmp ch, 0xc
0x12b73: jne 0x12b87
0x12b75: cmp cl, 0x1e
0x12b78: jb 0x12b87
0x12b7a: cmp dh, 0x1e
0x12b7d: jb 0x12b87
0x12b7f: cmp dl, 0x32
0x12b82: jb 0x12b87
0x12b84: call 0x12d5f
0x12b87: xor ax, ax

{"DateBased":true,"Day":9,"Month":5,"Year":1995,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10739,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:28:59.161894586Z 48 PC: 12a44 | Get DOS version
2018-12-25T12:28:59.164454024Z 48 PC: 12ae4 | Get DOS version
2018-12-25T12:28:59.165562254Z 74 PC: 12af1 | Reallocate memory
2018-12-25T12:28:59.166934586Z 74 PC: 12af9 | Reallocate memory
2018-12-25T12:28:59.168425904Z 72 PC: 12b09 | Allocate memory
2018-12-25T12:28:59.170075329Z 42 PC: 12b58 | Get date 0x12b58: cmp dh, 5
0x12b5b: jb 0x12b87
0x12b5d: cmp dl, 9
0x12b60: jb 0x12b87
0x12b62: cmp cx, 0x7cb
0x12b66: jb 0x12b87
0x12b68: cmp al, 0
0x12b6a: jne 0x12b87
0x12b6c: mov ah, 0x2c
0x12b6e: int 0x21
0x12b70: cmp ch, 0xc
0x12b73: jne 0x12b87
0x12b75: cmp cl, 0x1e
0x12b78: jb 0x12b87
0x12b7a: cmp dh, 0x1e
0x12b7d: jb 0x12b87
0x12b7f: cmp dl, 0x32
0x12b82: jb 0x12b87
0x12b84: call 0x12d5f
0x12b87: xor ax, ax

{"DateBased":true,"Day":14,"Month":5,"Year":1995,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10739,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:28:59.407643711Z 48 PC: 12a44 | Get DOS version
2018-12-25T12:28:59.409376199Z 48 PC: 12ae4 | Get DOS version
2018-12-25T12:28:59.410452566Z 74 PC: 12af1 | Reallocate memory
2018-12-25T12:28:59.411862904Z 74 PC: 12af9 | Reallocate memory
2018-12-25T12:28:59.413445363Z 72 PC: 12b09 | Allocate memory
2018-12-25T12:28:59.415129416Z 42 PC: 12b58 | Get date 0x12b58: cmp dh, 5
0x12b5b: jb 0x12b87
0x12b5d: cmp dl, 9
0x12b60: jb 0x12b87
0x12b62: cmp cx, 0x7cb
0x12b66: jb 0x12b87
0x12b68: cmp al, 0
0x12b6a: jne 0x12b87
0x12b6c: mov ah, 0x2c
0x12b6e: int 0x21
0x12b70: cmp ch, 0xc
0x12b73: jne 0x12b87
0x12b75: cmp cl, 0x1e
0x12b78: jb 0x12b87
0x12b7a: cmp dh, 0x1e
0x12b7d: jb 0x12b87
0x12b7f: cmp dl, 0x32
0x12b82: jb 0x12b87
0x12b84: call 0x12d5f
0x12b87: xor ax, ax
2018-12-25T12:28:59.417236878Z 44 PC: 12b70 | Get time 0x12b70: cmp ch, 0xc
0x12b73: jne 0x12b87
0x12b75: cmp cl, 0x1e
0x12b78: jb 0x12b87
0x12b7a: cmp dh, 0x1e
0x12b7d: jb 0x12b87
0x12b7f: cmp dl, 0x32
0x12b82: jb 0x12b87
0x12b84: call 0x12d5f
0x12b87: xor ax, ax
0x12b89: ret
0x12b8a: mov ax, ds
0x12b8c: add ax, 0x10
0x12b8f: add word ptr cs:[bp + 0x17d], ax
0x12b94: add ax, word ptr cs:[bp + 0x175]
0x12b99: cli
0x12b9a: mov ss, ax
0x12b9c: mov sp, word ptr cs:[bp + 0x177]
0x12ba1: sti
0x12ba2: ljmp ptr cs:[bp + 0x17b]

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":10739,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:28:59.697780946Z 48 PC: 12a44 | Get DOS version
2018-12-25T12:28:59.700266583Z 48 PC: 12ae4 | Get DOS version
2018-12-25T12:28:59.701204335Z 74 PC: 12af1 | Reallocate memory
2018-12-25T12:28:59.702617966Z 74 PC: 12af9 | Reallocate memory
2018-12-25T12:28:59.704235547Z 72 PC: 12b09 | Allocate memory
2018-12-25T12:28:59.705838499Z 42 PC: 12b58 | Get date 0x12b58: cmp dh, 5
0x12b5b: jb 0x12b87
0x12b5d: cmp dl, 9
0x12b60: jb 0x12b87
0x12b62: cmp cx, 0x7cb
0x12b66: jb 0x12b87
0x12b68: cmp al, 0
0x12b6a: jne 0x12b87
0x12b6c: mov ah, 0x2c
0x12b6e: int 0x21
0x12b70: cmp ch, 0xc
0x12b73: jne 0x12b87
0x12b75: cmp cl, 0x1e
0x12b78: jb 0x12b87
0x12b7a: cmp dh, 0x1e
0x12b7d: jb 0x12b87
0x12b7f: cmp dl, 0x32
0x12b82: jb 0x12b87
0x12b84: call 0x12d5f
0x12b87: xor ax, ax