Sample viewer

vx.netlux.org/Virus.DOS.Today.477

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:16:19.652440749Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-17T23:16:19.655501543Z	255	PC: 12b29 \| UNKNOWN!

{"DateBased":true,"Day":13,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:30.875418524Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:30.878254311Z	9	PC: 12b21 \| Display string (String= 'TODAY IS SOMETHING REALLY SPECIAL. LET YOUR PC REST IN PEACE')

{"DateBased":true,"Day":31,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:31.209418592Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:31.212828653Z	9	PC: 12b21 \| Display string (String= 'TODAY IS SOMETHING REALLY SPECIAL. LET YOUR PC REST IN PEACE')

{"DateBased":true,"Day":1,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:32.539811155Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:32.542787789Z	255	PC: 12b29 \| UNKNOWN!

{"DateBased":true,"Day":13,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:32.914911559Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:32.917408985Z	9	PC: 12b21 \| Display string (String= 'TODAY IS SOMETHING REALLY SPECIAL. LET YOUR PC REST IN PEACE')

{"DateBased":true,"Day":31,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:33.051284382Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:33.053942123Z	9	PC: 12b21 \| Display string (String= 'TODAY IS SOMETHING REALLY SPECIAL. LET YOUR PC REST IN PEACE')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:33.16353493Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:33.166585635Z	255	PC: 12b29 \| UNKNOWN!

{"DateBased":true,"Day":1,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:33.216668314Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:33.219780573Z	255	PC: 12b29 \| UNKNOWN!

{"DateBased":true,"Day":1,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:33.633890616Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:33.637459203Z	255	PC: 12b29 \| UNKNOWN!

{"DateBased":true,"Day":13,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:33.735459965Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:33.738251011Z	9	PC: 12b21 \| Display string (String= 'TODAY IS SOMETHING REALLY SPECIAL. LET YOUR PC REST IN PEACE')

{"DateBased":true,"Day":31,"Month":12,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:35.067430906Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:35.070747028Z	9	PC: 12b21 \| Display string (String= 'TODAY IS SOMETHING REALLY SPECIAL. LET YOUR PC REST IN PEACE')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:36.292642117Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:36.29472688Z	255	PC: 12b29 \| UNKNOWN!

{"DateBased":true,"Day":1,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:37.15175708Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:37.154264569Z	255	PC: 12b29 \| UNKNOWN!

{"DateBased":true,"Day":13,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:37.244615925Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:37.247102037Z	9	PC: 12b21 \| Display string (String= 'TODAY IS SOMETHING REALLY SPECIAL. LET YOUR PC REST IN PEACE')

{"DateBased":true,"Day":31,"Month":5,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":17714,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:56:37.255418124Z	42	PC: 12b04 \| Get date 0x12b04: cmp dh, 5 0x12b07: je 0x12b0e 0x12b09: cmp dh, 0xc 0x12b0c: jne 0x12b23 0x12b0e: cmp dl, 0xd 0x12b11: je 0x12b18 0x12b13: cmp dl, 0x1f 0x12b16: jne 0x12b23 0x12b18: pop dx 0x12b19: add dx, 6 0x12b1d: mov ah, 9 0x12b1f: int 0x21 0x12b21: int 0x20 0x12b23: pop dx 0x12b24: mov ax, 0xffff 0x12b27: int 0x21 0x12b29: cmp ax, 0xffee 0x12b2c: je 0x12b79 0x12b2e: mov ax, cs 0x12b30: dec ax
2018-12-25T12:56:37.257789334Z	9	PC: 12b21 \| Display string (String= 'TODAY IS SOMETHING REALLY SPECIAL. LET YOUR PC REST IN PEACE')