Sample viewer

vx.netlux.org/Virus.DOS.XXX.1060

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:12:11.894804582Z 255 PC: 12a4a | UNKNOWN!
2018-12-17T22:12:11.895891075Z 42 PC: 12a5a | Get date 0x12a5a: cmp dl, 0x13
0x12a5d: jne 0x12a6e
0x12a5f: cmp dh, 1
0x12a62: jne 0x12a6b
0x12a64: mov byte ptr cs:[0x4dc], 0
0x12a6a: nop
0x12a6b: call 0x12daf
0x12a6e: xor ax, ax
0x12a70: mov es, ax
0x12a72: mov ax, word ptr es:[0x86]
0x12a76: mov bx, word ptr es:[0x84]
0x12a7b: mov word ptr cs:[0x1e0], ax
0x12a7f: mov word ptr cs:[0x1de], bx
0x12a84: call 0x12aea
0x12a87: mov ax, word ptr cs:[0x1a0]
0x12a8b: mov bx, 0x22d
0x12a8e: cli
0x12a8f: xor cx, cx
0x12a91: mov es, cx
0x12a93: mov word ptr es:[0x84], bx
2018-12-17T22:12:11.897827417Z 14 PC: 13d54 | Set default drive (Drive = '^')
2018-12-17T22:12:11.898635943Z 46 PC: 13d69 | Set verify flag

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":2478,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:45:56.956475678Z 255 PC: 12a4a | UNKNOWN!
2018-12-25T11:45:56.958420787Z 42 PC: 12a5a | Get date 0x12a5a: cmp dl, 0x13
0x12a5d: jne 0x12a6e
0x12a5f: cmp dh, 1
0x12a62: jne 0x12a6b
0x12a64: mov byte ptr cs:[0x4dc], 0
0x12a6a: nop
0x12a6b: call 0x12daf
0x12a6e: xor ax, ax
0x12a70: mov es, ax
0x12a72: mov ax, word ptr es:[0x86]
0x12a76: mov bx, word ptr es:[0x84]
0x12a7b: mov word ptr cs:[0x1e0], ax
0x12a7f: mov word ptr cs:[0x1de], bx
0x12a84: call 0x12aea
0x12a87: mov ax, word ptr cs:[0x1a0]
0x12a8b: mov bx, 0x22d
0x12a8e: cli
0x12a8f: xor cx, cx
0x12a91: mov es, cx
0x12a93: mov word ptr es:[0x84], bx
2018-12-25T11:45:56.962577737Z 14 PC: 13d54 | Set default drive (Drive = '^')
2018-12-25T11:45:56.964346887Z 46 PC: 13d69 | Set verify flag