Sample viewer

vx.netlux.org/Virus.DOS.Nuker.Trance.1688

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:52:53.484395899Z	48	PC: 12a5b \| Get DOS version
2018-12-17T22:52:53.486948543Z	42	PC: 12ade \| Get date 0x12ade: cmp al, 1 0x12ae0: jne 0x12af6 0x12ae2: cmp dl, 1 0x12ae5: jne 0x12af6 0x12ae7: mov bx, 0x6e9 0x12aea: sub ax, ax 0x12aec: mov ds, ax 0x12aee: mov di, 0x70 0x12af1: mov word ptr [di + 2], es 0x12af4: mov word ptr [di], bx 0x12af6: sub byte ptr [0x413], 4 0x12afb: push cs 0x12afc: pop ds 0x12afd: push ds 0x12afe: pop es 0x12aff: cld 0x12b00: lea si, word ptr [bp + 0x1e4] 0x12b04: mov di, 0x100 0x12b07: movsw word ptr es:[di], word ptr [si] 0x12b08: movsb byte ptr es:[di], byte ptr [si]

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11036,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:29:46.577921381Z	48	PC: 12a5b \| Get DOS version
2018-12-25T12:29:46.579712201Z	42	PC: 12ade \| Get date 0x12ade: cmp al, 1 0x12ae0: jne 0x12af6 0x12ae2: cmp dl, 1 0x12ae5: jne 0x12af6 0x12ae7: mov bx, 0x6e9 0x12aea: sub ax, ax 0x12aec: mov ds, ax 0x12aee: mov di, 0x70 0x12af1: mov word ptr [di + 2], es 0x12af4: mov word ptr [di], bx 0x12af6: sub byte ptr [0x413], 4 0x12afb: push cs 0x12afc: pop ds 0x12afd: push ds 0x12afe: pop es 0x12aff: cld 0x12b00: lea si, word ptr [bp + 0x1e4] 0x12b04: mov di, 0x100 0x12b07: movsw word ptr es:[di], word ptr [si] 0x12b08: movsb byte ptr es:[di], byte ptr [si]

{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11036,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:29:46.787022127Z	48	PC: 12a5b \| Get DOS version
2018-12-25T12:29:46.789604417Z	42	PC: 12ade \| Get date 0x12ade: cmp al, 1 0x12ae0: jne 0x12af6 0x12ae2: cmp dl, 1 0x12ae5: jne 0x12af6 0x12ae7: mov bx, 0x6e9 0x12aea: sub ax, ax 0x12aec: mov ds, ax 0x12aee: mov di, 0x70 0x12af1: mov word ptr [di + 2], es 0x12af4: mov word ptr [di], bx 0x12af6: sub byte ptr [0x413], 4 0x12afb: push cs 0x12afc: pop ds 0x12afd: push ds 0x12afe: pop es 0x12aff: cld 0x12b00: lea si, word ptr [bp + 0x1e4] 0x12b04: mov di, 0x100 0x12b07: movsw word ptr es:[di], word ptr [si] 0x12b08: movsb byte ptr es:[di], byte ptr [si]

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11036,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:29:47.195848422Z	48	PC: 12a5b \| Get DOS version
2018-12-25T12:29:47.198262672Z	42	PC: 12ade \| Get date 0x12ade: cmp al, 1 0x12ae0: jne 0x12af6 0x12ae2: cmp dl, 1 0x12ae5: jne 0x12af6 0x12ae7: mov bx, 0x6e9 0x12aea: sub ax, ax 0x12aec: mov ds, ax 0x12aee: mov di, 0x70 0x12af1: mov word ptr [di + 2], es 0x12af4: mov word ptr [di], bx 0x12af6: sub byte ptr [0x413], 4 0x12afb: push cs 0x12afc: pop ds 0x12afd: push ds 0x12afe: pop es 0x12aff: cld 0x12b00: lea si, word ptr [bp + 0x1e4] 0x12b04: mov di, 0x100 0x12b07: movsw word ptr es:[di], word ptr [si] 0x12b08: movsb byte ptr es:[di], byte ptr [si]