Sample viewer

vx.netlux.org/Virus.DOS.Shaker.409

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:06:33.171478737Z 219 PC: 12ab2 | UNKNOWN!
2018-12-17T23:06:33.173939917Z 74 PC: 12acb | Reallocate memory
2018-12-17T23:06:33.17631623Z 72 PC: 12ad4 | Allocate memory
2018-12-17T23:06:33.178754746Z 42 PC: 12bdd | Get date 0x12bdd: cmp al, 5
0x12bdf: jne 0x12bff
0x12be1: push word ptr [0x70]
0x12be5: pop word ptr es:[0x174]
0x12bea: push word ptr [0x72]
0x12bee: pop word ptr es:[0x176]
0x12bf3: cli
0x12bf4: mov word ptr [0x72], es
0x12bf8: mov word ptr [0x70], 0x15c
0x12bfe: sti
0x12bff: ret
0x12c00: push ax
0x12c01: push cx
0x12c02: push dx
0x12c03: mov ah, 2
0x12c05: int 0x1a
0x12c07: cmp ch, 0x11
0x12c0a: jne 0x12c14
0x12c0c: cmp cl, 0x20
0x12c0f: ja 0x12c14
2018-12-17T23:06:33.18185116Z 9 PC: 12aa2 | Display string (String= 'Hello - This is a 100 COM test file, 1993 ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15571,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:43:52.184875434Z 219 PC: 12ab2 | UNKNOWN!
2018-12-25T12:43:52.187265716Z 74 PC: 12acb | Reallocate memory
2018-12-25T12:43:52.188929996Z 72 PC: 12ad4 | Allocate memory
2018-12-25T12:43:52.190929453Z 42 PC: 12bdd | Get date 0x12bdd: cmp al, 5
0x12bdf: jne 0x12bff
0x12be1: push word ptr [0x70]
0x12be5: pop word ptr es:[0x174]
0x12bea: push word ptr [0x72]
0x12bee: pop word ptr es:[0x176]
0x12bf3: cli
0x12bf4: mov word ptr [0x72], es
0x12bf8: mov word ptr [0x70], 0x15c
0x12bfe: sti
0x12bff: ret
0x12c00: push ax
0x12c01: push cx
0x12c02: push dx
0x12c03: mov ah, 2
0x12c05: int 0x1a
0x12c07: cmp ch, 0x11
0x12c0a: jne 0x12c14
0x12c0c: cmp cl, 0x20
0x12c0f: ja 0x12c14
2018-12-25T12:43:52.193966559Z 9 PC: 12aa2 | Display string (String= 'Hello - This is a 100 COM test file, 1993 ')

{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15571,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:43:52.199801399Z 219 PC: 12ab2 | UNKNOWN!
2018-12-25T12:43:52.200775199Z 74 PC: 12acb | Reallocate memory
2018-12-25T12:43:52.203400805Z 72 PC: 12ad4 | Allocate memory
2018-12-25T12:43:52.205498443Z 42 PC: 12bdd | Get date 0x12bdd: cmp al, 5
0x12bdf: jne 0x12bff
0x12be1: push word ptr [0x70]
0x12be5: pop word ptr es:[0x174]
0x12bea: push word ptr [0x72]
0x12bee: pop word ptr es:[0x176]
0x12bf3: cli
0x12bf4: mov word ptr [0x72], es
0x12bf8: mov word ptr [0x70], 0x15c
0x12bfe: sti
0x12bff: ret
0x12c00: push ax
0x12c01: push cx
0x12c02: push dx
0x12c03: mov ah, 2
0x12c05: int 0x1a
0x12c07: cmp ch, 0x11
0x12c0a: jne 0x12c14
0x12c0c: cmp cl, 0x20
0x12c0f: ja 0x12c14
2018-12-25T12:43:52.208399603Z 9 PC: 12aa2 | Display string (String= 'Hello - This is a 100 COM test file, 1993 ')