Sample viewer

vx.netlux.org/Virus.DOS.Ninja.1376.b

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:36:24.325234625Z	144	PC: 12d95 \| UNKNOWN!
2018-12-17T22:36:24.327474917Z	42	PC: 13202 \| Get date 0x13202: cmp cx, 0x7c8 0x13206: jne 0x13219 0x13208: cmp dl, 0xd 0x1320b: jne 0x13219 0x1320d: mov ah, 0x2c 0x1320f: int 0x21 0x13211: cmp ch, 0xd 0x13214: jne 0x13219 0x13216: call 0x23130 0x13219: pop dx 0x1321a: pop cx 0x1321b: pop ax 0x1321c: ret 0x1321d: dec bp 0x1321e: pop dx 0x1321f: dec bx 0x13220: add byte ptr [bp + di], al 0x13222: add byte ptr [bx], cl 0x13225: and byte ptr [bx + si], al 0x13227: inc cx
2018-12-17T22:36:24.328901025Z	9	PC: 12b00 \| Display string (Could not find end pointer)
2018-12-17T22:36:24.331986575Z	76	PC: 12c0a \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6520,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:59:45.74383444Z	144	PC: 12d95 \| UNKNOWN!
2018-12-25T11:59:45.747279227Z	42	PC: 13202 \| Get date 0x13202: cmp cx, 0x7c8 0x13206: jne 0x13219 0x13208: cmp dl, 0xd 0x1320b: jne 0x13219 0x1320d: mov ah, 0x2c 0x1320f: int 0x21 0x13211: cmp ch, 0xd 0x13214: jne 0x13219 0x13216: call 0x23130 0x13219: pop dx 0x1321a: pop cx 0x1321b: pop ax 0x1321c: ret 0x1321d: dec bp 0x1321e: pop dx 0x1321f: dec bx 0x13220: add byte ptr [bp + di], al 0x13222: add byte ptr [bx], cl 0x13225: and byte ptr [bx + si], al 0x13227: inc cx
2018-12-25T11:59:45.750200822Z	9	PC: 12b00 \| Display string (Could not find end pointer)
2018-12-25T11:59:45.756493775Z	76	PC: 12c0a \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":13,"Month":1,"Year":1992,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6520,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:59:45.813706427Z	144	PC: 12d95 \| UNKNOWN!
2018-12-25T11:59:45.816836773Z	42	PC: 13202 \| Get date 0x13202: cmp cx, 0x7c8 0x13206: jne 0x13219 0x13208: cmp dl, 0xd 0x1320b: jne 0x13219 0x1320d: mov ah, 0x2c 0x1320f: int 0x21 0x13211: cmp ch, 0xd 0x13214: jne 0x13219 0x13216: call 0x23130 0x13219: pop dx 0x1321a: pop cx 0x1321b: pop ax 0x1321c: ret 0x1321d: dec bp 0x1321e: pop dx 0x1321f: dec bx 0x13220: add byte ptr [bp + di], al 0x13222: add byte ptr [bx], cl 0x13225: and byte ptr [bx + si], al 0x13227: inc cx
2018-12-25T11:59:45.818834013Z	44	PC: 13211 \| Get time 0x13211: cmp ch, 0xd 0x13214: jne 0x13219 0x13216: call 0x23130 0x13219: pop dx 0x1321a: pop cx 0x1321b: pop ax 0x1321c: ret 0x1321d: dec bp 0x1321e: pop dx 0x1321f: dec bx 0x13220: add byte ptr [bp + di], al 0x13222: add byte ptr [bx], cl 0x13225: and byte ptr [bx + si], al 0x13227: inc cx 0x13228: add bh, bh 0x1322a: push word ptr [bp + di] 0x1322c: add cl, dh 0x1322e: add ax, 0x1972 0x13231: or word ptr [bx + si], ax 0x13233: xor ax, word ptr [bx + si]
2018-12-25T11:59:45.820993915Z	9	PC: 12b00 \| Display string (Could not find end pointer)
2018-12-25T11:59:45.82706535Z	76	PC: 12c0a \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6520,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:59:45.866797164Z	144	PC: 12d95 \| UNKNOWN!
2018-12-25T11:59:45.869853574Z	42	PC: 13202 \| Get date 0x13202: cmp cx, 0x7c8 0x13206: jne 0x13219 0x13208: cmp dl, 0xd 0x1320b: jne 0x13219 0x1320d: mov ah, 0x2c 0x1320f: int 0x21 0x13211: cmp ch, 0xd 0x13214: jne 0x13219 0x13216: call 0x23130 0x13219: pop dx 0x1321a: pop cx 0x1321b: pop ax 0x1321c: ret 0x1321d: dec bp 0x1321e: pop dx 0x1321f: dec bx 0x13220: add byte ptr [bp + di], al 0x13222: add byte ptr [bx], cl 0x13225: and byte ptr [bx + si], al 0x13227: inc cx
2018-12-25T11:59:45.872107247Z	9	PC: 12b00 \| Display string (Could not find end pointer)
2018-12-25T11:59:45.878137297Z	76	PC: 12c0a \| Terminate with return code (Return code = '0')