Sample viewer

vx.netlux.org/Virus.DOS.Burglar.1364

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:03:35.077541676Z 44 PC: 12e23 | Get time 0x12e23: cmp cl, 0x10
0x12e26: jne 0x12e2f
0x12e28: mov byte ptr cs:[si + 0x60a], 1
0x12e2e: nop
0x12e2f: push si
0x12e30: mov ah, 0x30
0x12e32: add ah, 0x49
0x12e35: mov al, 0xf0
0x12e37: xchg al, ah
0x12e39: int 0x21
0x12e3b: or ax, ax
0x12e3d: je 0x12e90
0x12e3f: mov di, 0x7777
0x12e42: nop
0x12e43: dec di
0x12e44: nop
0x12e45: nop
0x12e46: jne 0x12e42
0x12e48: push ds
0x12e49: mov bx, es
2018-12-17T23:03:35.08029551Z 240 PC: 12e3b | UNKNOWN!

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":14596,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:41:02.528622213Z 44 PC: 12e23 | Get time 0x12e23: cmp cl, 0x10
0x12e26: jne 0x12e2f
0x12e28: mov byte ptr cs:[si + 0x60a], 1
0x12e2e: nop
0x12e2f: push si
0x12e30: mov ah, 0x30
0x12e32: add ah, 0x49
0x12e35: mov al, 0xf0
0x12e37: xchg al, ah
0x12e39: int 0x21
0x12e3b: or ax, ax
0x12e3d: je 0x12e90
0x12e3f: mov di, 0x7777
0x12e42: nop
0x12e43: dec di
0x12e44: nop
0x12e45: nop
0x12e46: jne 0x12e42
0x12e48: push ds
0x12e49: mov bx, es
2018-12-25T12:41:02.531382621Z 240 PC: 12e3b | UNKNOWN!

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":16,"Second":0,"TimeBased":true,"OriginalID":14596,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:41:03.042644089Z 44 PC: 12e23 | Get time 0x12e23: cmp cl, 0x10
0x12e26: jne 0x12e2f
0x12e28: mov byte ptr cs:[si + 0x60a], 1
0x12e2e: nop
0x12e2f: push si
0x12e30: mov ah, 0x30
0x12e32: add ah, 0x49
0x12e35: mov al, 0xf0
0x12e37: xchg al, ah
0x12e39: int 0x21
0x12e3b: or ax, ax
0x12e3d: je 0x12e90
0x12e3f: mov di, 0x7777
0x12e42: nop
0x12e43: dec di
0x12e44: nop
0x12e45: nop
0x12e46: jne 0x12e42
0x12e48: push ds
0x12e49: mov bx, es
2018-12-25T12:41:03.045317265Z 240 PC: 12e3b | UNKNOWN!