Sample viewer

vx.netlux.org/Virus.DOS.Lct.591

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:03:17.597433897Z	42	PC: 12a61 \| Get date 0x12a61: cmp dh, 0xc 0x12a64: jne 0x12a6e 0x12a66: cmp dl, 0x19 0x12a69: jne 0x12a6e 0x12a6b: jmp 0x12c3c 0x12a6e: cmp dh, 4 0x12a71: jne 0x12a78 0x12a73: cmp dl, 1 0x12a76: jne 0x12a78 0x12a78: call 0x12c1c 0x12a7b: call 0x12c0a 0x12a7e: mov si, bp 0x12a80: add si, 0x222 0x12a84: lodsw ax, word ptr [si] 0x12a85: cmp ax, 5 0x12a88: ja 0x12a8c 0x12a8a: jmp 0x12ae2 0x12a8c: call 0x12bf2 0x12a8f: mov bx, ax 0x12a91: mov al, 0
2018-12-17T23:03:17.600050337Z	26	PC: 12c26 \| Set disk transfer address
2018-12-17T23:03:17.602189453Z	78	PC: 12c17 \| Find first file

{"DateBased":true,"Day":25,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14485,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:45.415207129Z	42	PC: 12a61 \| Get date 0x12a61: cmp dh, 0xc 0x12a64: jne 0x12a6e 0x12a66: cmp dl, 0x19 0x12a69: jne 0x12a6e 0x12a6b: jmp 0x12c3c 0x12a6e: cmp dh, 4 0x12a71: jne 0x12a78 0x12a73: cmp dl, 1 0x12a76: jne 0x12a78 0x12a78: call 0x12c1c 0x12a7b: call 0x12c0a 0x12a7e: mov si, bp 0x12a80: add si, 0x222 0x12a84: lodsw ax, word ptr [si] 0x12a85: cmp ax, 5 0x12a88: ja 0x12a8c 0x12a8a: jmp 0x12ae2 0x12a8c: call 0x12bf2 0x12a8f: mov bx, ax 0x12a91: mov al, 0

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14485,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:45.550836721Z	42	PC: 12a61 \| Get date 0x12a61: cmp dh, 0xc 0x12a64: jne 0x12a6e 0x12a66: cmp dl, 0x19 0x12a69: jne 0x12a6e 0x12a6b: jmp 0x12c3c 0x12a6e: cmp dh, 4 0x12a71: jne 0x12a78 0x12a73: cmp dl, 1 0x12a76: jne 0x12a78 0x12a78: call 0x12c1c 0x12a7b: call 0x12c0a 0x12a7e: mov si, bp 0x12a80: add si, 0x222 0x12a84: lodsw ax, word ptr [si] 0x12a85: cmp ax, 5 0x12a88: ja 0x12a8c 0x12a8a: jmp 0x12ae2 0x12a8c: call 0x12bf2 0x12a8f: mov bx, ax 0x12a91: mov al, 0
2018-12-25T12:40:45.553433523Z	26	PC: 12c26 \| Set disk transfer address
2018-12-25T12:40:45.55456244Z	78	PC: 12c17 \| Find first file

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14485,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:46.116844926Z	42	PC: 12a61 \| Get date 0x12a61: cmp dh, 0xc 0x12a64: jne 0x12a6e 0x12a66: cmp dl, 0x19 0x12a69: jne 0x12a6e 0x12a6b: jmp 0x12c3c 0x12a6e: cmp dh, 4 0x12a71: jne 0x12a78 0x12a73: cmp dl, 1 0x12a76: jne 0x12a78 0x12a78: call 0x12c1c 0x12a7b: call 0x12c0a 0x12a7e: mov si, bp 0x12a80: add si, 0x222 0x12a84: lodsw ax, word ptr [si] 0x12a85: cmp ax, 5 0x12a88: ja 0x12a8c 0x12a8a: jmp 0x12ae2 0x12a8c: call 0x12bf2 0x12a8f: mov bx, ax 0x12a91: mov al, 0
2018-12-25T12:40:46.118547676Z	26	PC: 12c26 \| Set disk transfer address
2018-12-25T12:40:46.119918999Z	78	PC: 12c17 \| Find first file

{"DateBased":true,"Day":1,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14485,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:46.46261363Z	42	PC: 12a61 \| Get date 0x12a61: cmp dh, 0xc 0x12a64: jne 0x12a6e 0x12a66: cmp dl, 0x19 0x12a69: jne 0x12a6e 0x12a6b: jmp 0x12c3c 0x12a6e: cmp dh, 4 0x12a71: jne 0x12a78 0x12a73: cmp dl, 1 0x12a76: jne 0x12a78 0x12a78: call 0x12c1c 0x12a7b: call 0x12c0a 0x12a7e: mov si, bp 0x12a80: add si, 0x222 0x12a84: lodsw ax, word ptr [si] 0x12a85: cmp ax, 5 0x12a88: ja 0x12a8c 0x12a8a: jmp 0x12ae2 0x12a8c: call 0x12bf2 0x12a8f: mov bx, ax 0x12a91: mov al, 0
2018-12-25T12:40:46.465126493Z	26	PC: 12c26 \| Set disk transfer address
2018-12-25T12:40:46.467166555Z	78	PC: 12c17 \| Find first file