Sample viewer

vx.netlux.org/Virus.DOS.Ninja.1326

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:04:55.867295719Z	144	PC: 12a5b \| UNKNOWN!
2018-12-17T23:04:55.870579735Z	42	PC: 12ebe \| Get date 0x12ebe: cmp cx, 0x7c8 0x12ec2: jne 0x12ed5 0x12ec4: cmp dl, 0xd 0x12ec7: jne 0x12ed5 0x12ec9: mov ah, 0x2c 0x12ecb: int 0x21 0x12ecd: cmp ch, 0xd 0x12ed0: jne 0x12ed5 0x12ed2: call 0x22ded 0x12ed5: pop dx 0x12ed6: pop cx 0x12ed7: pop ax 0x12ed8: ret 0x12ed9: int 0x20 0x12edb: add byte ptr [bx + si], al 0x12edd: add byte ptr [bx + si], al 0x12edf: add byte ptr [bx + si], al 0x12ee1: add byte ptr [bx + si], al 0x12ee3: add byte ptr [bx + si], al 0x12ee5: add byte ptr [bx + si], al

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15032,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:42:27.095016003Z	144	PC: 12a5b \| UNKNOWN!
2018-12-25T12:42:27.09889207Z	42	PC: 12ebe \| Get date 0x12ebe: cmp cx, 0x7c8 0x12ec2: jne 0x12ed5 0x12ec4: cmp dl, 0xd 0x12ec7: jne 0x12ed5 0x12ec9: mov ah, 0x2c 0x12ecb: int 0x21 0x12ecd: cmp ch, 0xd 0x12ed0: jne 0x12ed5 0x12ed2: call 0x22ded 0x12ed5: pop dx 0x12ed6: pop cx 0x12ed7: pop ax 0x12ed8: ret 0x12ed9: int 0x20 0x12edb: add byte ptr [bx + si], al 0x12edd: add byte ptr [bx + si], al 0x12edf: add byte ptr [bx + si], al 0x12ee1: add byte ptr [bx + si], al 0x12ee3: add byte ptr [bx + si], al 0x12ee5: add byte ptr [bx + si], al

{"DateBased":true,"Day":1,"Month":1,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15032,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:42:27.094820271Z	144	PC: 12a5b \| UNKNOWN!
2018-12-25T12:42:27.097383665Z	42	PC: 12ebe \| Get date 0x12ebe: cmp cx, 0x7c8 0x12ec2: jne 0x12ed5 0x12ec4: cmp dl, 0xd 0x12ec7: jne 0x12ed5 0x12ec9: mov ah, 0x2c 0x12ecb: int 0x21 0x12ecd: cmp ch, 0xd 0x12ed0: jne 0x12ed5 0x12ed2: call 0x22ded 0x12ed5: pop dx 0x12ed6: pop cx 0x12ed7: pop ax 0x12ed8: ret 0x12ed9: int 0x20 0x12edb: add byte ptr [bx + si], al 0x12edd: add byte ptr [bx + si], al 0x12edf: add byte ptr [bx + si], al 0x12ee1: add byte ptr [bx + si], al 0x12ee3: add byte ptr [bx + si], al 0x12ee5: add byte ptr [bx + si], al

{"DateBased":true,"Day":13,"Month":1,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15032,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:42:27.229507247Z	144	PC: 12a5b \| UNKNOWN!
2018-12-25T12:42:27.232680579Z	42	PC: 12ebe \| Get date 0x12ebe: cmp cx, 0x7c8 0x12ec2: jne 0x12ed5 0x12ec4: cmp dl, 0xd 0x12ec7: jne 0x12ed5 0x12ec9: mov ah, 0x2c 0x12ecb: int 0x21 0x12ecd: cmp ch, 0xd 0x12ed0: jne 0x12ed5 0x12ed2: call 0x22ded 0x12ed5: pop dx 0x12ed6: pop cx 0x12ed7: pop ax 0x12ed8: ret 0x12ed9: int 0x20 0x12edb: add byte ptr [bx + si], al 0x12edd: add byte ptr [bx + si], al 0x12edf: add byte ptr [bx + si], al 0x12ee1: add byte ptr [bx + si], al 0x12ee3: add byte ptr [bx + si], al 0x12ee5: add byte ptr [bx + si], al
2018-12-25T12:42:27.235134264Z	44	PC: 12ecd \| Get time 0x12ecd: cmp ch, 0xd 0x12ed0: jne 0x12ed5 0x12ed2: call 0x22ded 0x12ed5: pop dx 0x12ed6: pop cx 0x12ed7: pop ax 0x12ed8: ret 0x12ed9: int 0x20 0x12edb: add byte ptr [bx + si], al 0x12edd: add byte ptr [bx + si], al 0x12edf: add byte ptr [bx + si], al 0x12ee1: add byte ptr [bx + si], al 0x12ee3: add byte ptr [bx + si], al 0x12ee5: add byte ptr [bx + si], al 0x12ee7: add byte ptr [bx + si], al 0x12ee9: add byte ptr [bx + si], al 0x12eeb: add byte ptr [bx + si], al 0x12eed: add byte ptr [bx + si], al 0x12eef: add byte ptr [bx + si], al 0x12ef1: inc bx