Sample viewer

vx.netlux.org/Virus.DOS.Wildy.421

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:22:19.383962764Z 42 PC: 12a44 | Get date 0x12a44: cmp al, 5
0x12a46: jne 0x12a76
0x12a48: mov ah, 9
0x12a4a: mov dx, 0x247
0x12a4d: int 0x21
0x12a4f: call 0x12a71
0x12a52: cmp al, 0x6c
0x12a54: jne 0x12a4f
0x12a56: call 0x12a6a
0x12a59: call 0x12a71
0x12a5c: cmp al, 0x73
0x12a5e: jne 0x12a59
0x12a60: call 0x12a6a
0x12a63: call 0x12a71
0x12a66: cmp al, 0x64
0x12a68: jne 0x12a63
0x12a6a: mov dl, al
0x12a6c: mov ah, 2
0x12a6e: int 0x21
0x12a70: ret

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3902,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:50:20.713190731Z 42 PC: 12a44 | Get date 0x12a44: cmp al, 5
0x12a46: jne 0x12a76
0x12a48: mov ah, 9
0x12a4a: mov dx, 0x247
0x12a4d: int 0x21
0x12a4f: call 0x12a71
0x12a52: cmp al, 0x6c
0x12a54: jne 0x12a4f
0x12a56: call 0x12a6a
0x12a59: call 0x12a71
0x12a5c: cmp al, 0x73
0x12a5e: jne 0x12a59
0x12a60: call 0x12a6a
0x12a63: call 0x12a71
0x12a66: cmp al, 0x64
0x12a68: jne 0x12a63
0x12a6a: mov dl, al
0x12a6c: mov ah, 2
0x12a6e: int 0x21
0x12a70: ret

{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":3902,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:50:21.035745926Z 42 PC: 12a44 | Get date 0x12a44: cmp al, 5
0x12a46: jne 0x12a76
0x12a48: mov ah, 9
0x12a4a: mov dx, 0x247
0x12a4d: int 0x21
0x12a4f: call 0x12a71
0x12a52: cmp al, 0x6c
0x12a54: jne 0x12a4f
0x12a56: call 0x12a6a
0x12a59: call 0x12a71
0x12a5c: cmp al, 0x73
0x12a5e: jne 0x12a59
0x12a60: call 0x12a6a
0x12a63: call 0x12a71
0x12a66: cmp al, 0x64
0x12a68: jne 0x12a63
0x12a6a: mov dl, al
0x12a6c: mov ah, 2
0x12a6e: int 0x21
0x12a70: ret
2018-12-25T11:50:21.038028309Z 9 PC: 12a4f | Display string (String= ' To��o LSD c�e�ae� �e�� c�ac⫨��...')