Sample viewer

vx.netlux.org/Virus.DOS.Ninja.1376

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:10:03.817928031Z	144	PC: 12a5c \| UNKNOWN!
2018-12-17T23:10:03.821184035Z	42	PC: 12ec3 \| Get date 0x12ec3: cmp cx, 0x7c8 0x12ec7: jne 0x12eda 0x12ec9: cmp dl, 0xd 0x12ecc: jne 0x12eda 0x12ece: mov ah, 0x2c 0x12ed0: int 0x21 0x12ed2: cmp ch, 0xd 0x12ed5: jne 0x12eda 0x12ed7: call 0x22df1 0x12eda: pop dx 0x12edb: pop cx 0x12edc: pop ax 0x12edd: ret 0x12ede: int 0x20 0x12ee0: add byte ptr [bx + si], al 0x12ee2: add byte ptr [bx + si], al 0x12ee4: add byte ptr [bx + si], al 0x12ee6: add byte ptr [bx + si], al 0x12ee8: add byte ptr [bx + si], al 0x12eea: add byte ptr [bx + si], al

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16738,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:53:39.039839285Z	144	PC: 12a5c \| UNKNOWN!
2018-12-25T12:53:39.042667146Z	42	PC: 12ec3 \| Get date 0x12ec3: cmp cx, 0x7c8 0x12ec7: jne 0x12eda 0x12ec9: cmp dl, 0xd 0x12ecc: jne 0x12eda 0x12ece: mov ah, 0x2c 0x12ed0: int 0x21 0x12ed2: cmp ch, 0xd 0x12ed5: jne 0x12eda 0x12ed7: call 0x22df1 0x12eda: pop dx 0x12edb: pop cx 0x12edc: pop ax 0x12edd: ret 0x12ede: int 0x20 0x12ee0: add byte ptr [bx + si], al 0x12ee2: add byte ptr [bx + si], al 0x12ee4: add byte ptr [bx + si], al 0x12ee6: add byte ptr [bx + si], al 0x12ee8: add byte ptr [bx + si], al 0x12eea: add byte ptr [bx + si], al

{"DateBased":true,"Day":1,"Month":1,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16738,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:53:40.462908072Z	144	PC: 12a5c \| UNKNOWN!
2018-12-25T12:53:40.466573459Z	42	PC: 12ec3 \| Get date 0x12ec3: cmp cx, 0x7c8 0x12ec7: jne 0x12eda 0x12ec9: cmp dl, 0xd 0x12ecc: jne 0x12eda 0x12ece: mov ah, 0x2c 0x12ed0: int 0x21 0x12ed2: cmp ch, 0xd 0x12ed5: jne 0x12eda 0x12ed7: call 0x22df1 0x12eda: pop dx 0x12edb: pop cx 0x12edc: pop ax 0x12edd: ret 0x12ede: int 0x20 0x12ee0: add byte ptr [bx + si], al 0x12ee2: add byte ptr [bx + si], al 0x12ee4: add byte ptr [bx + si], al 0x12ee6: add byte ptr [bx + si], al 0x12ee8: add byte ptr [bx + si], al 0x12eea: add byte ptr [bx + si], al

{"DateBased":true,"Day":13,"Month":1,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":16738,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:53:40.907292071Z	144	PC: 12a5c \| UNKNOWN!
2018-12-25T12:53:40.910695963Z	42	PC: 12ec3 \| Get date 0x12ec3: cmp cx, 0x7c8 0x12ec7: jne 0x12eda 0x12ec9: cmp dl, 0xd 0x12ecc: jne 0x12eda 0x12ece: mov ah, 0x2c 0x12ed0: int 0x21 0x12ed2: cmp ch, 0xd 0x12ed5: jne 0x12eda 0x12ed7: call 0x22df1 0x12eda: pop dx 0x12edb: pop cx 0x12edc: pop ax 0x12edd: ret 0x12ede: int 0x20 0x12ee0: add byte ptr [bx + si], al 0x12ee2: add byte ptr [bx + si], al 0x12ee4: add byte ptr [bx + si], al 0x12ee6: add byte ptr [bx + si], al 0x12ee8: add byte ptr [bx + si], al 0x12eea: add byte ptr [bx + si], al
2018-12-25T12:53:40.912848359Z	44	PC: 12ed2 \| Get time 0x12ed2: cmp ch, 0xd 0x12ed5: jne 0x12eda 0x12ed7: call 0x22df1 0x12eda: pop dx 0x12edb: pop cx 0x12edc: pop ax 0x12edd: ret 0x12ede: int 0x20 0x12ee0: add byte ptr [bx + si], al 0x12ee2: add byte ptr [bx + si], al 0x12ee4: add byte ptr [bx + si], al 0x12ee6: add byte ptr [bx + si], al 0x12ee8: add byte ptr [bx + si], al 0x12eea: add byte ptr [bx + si], al 0x12eec: add byte ptr [bx + si], al 0x12eee: add byte ptr [bx + si], al 0x12ef0: add byte ptr [bx + si], al 0x12ef2: add byte ptr [bx + si], al 0x12ef4: add byte ptr [bx + si], al 0x12ef6: inc bx