Sample viewer

vx.netlux.org/Virus.DOS.Wildy.402

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:56:37.85330257Z	42	PC: 12a44 \| Get date 0x12a44: cmp al, 5 0x12a46: jne 0x12a5f 0x12a48: cmp dl, 0xd 0x12a4b: jne 0x12a5f 0x12a4d: mov ax, 0x1300 0x12a50: mov bp, 0x239 0x12a53: mov bx, 0x8c 0x12a56: mov dx, 0xd16 0x12a59: mov cx, 0x24 0x12a5c: nop 0x12a5d: int 0x10 0x12a5f: push es 0x12a60: int 0x12 0x12a62: mov cl, 6 0x12a64: shl ax, cl 0x12a66: mov es, ax 0x12a68: cmp byte ptr es:[0x25d], 0x57 0x12a6e: je 0x12ab2 0x12a70: sub ax, 0x40 0x12a73: mov es, ax
2018-12-17T21:56:37.861380196Z	76	PC: 13780 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":720,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:41:34.899670555Z	42	PC: 12a44 \| Get date 0x12a44: cmp al, 5 0x12a46: jne 0x12a5f 0x12a48: cmp dl, 0xd 0x12a4b: jne 0x12a5f 0x12a4d: mov ax, 0x1300 0x12a50: mov bp, 0x239 0x12a53: mov bx, 0x8c 0x12a56: mov dx, 0xd16 0x12a59: mov cx, 0x24 0x12a5c: nop 0x12a5d: int 0x10 0x12a5f: push es 0x12a60: int 0x12 0x12a62: mov cl, 6 0x12a64: shl ax, cl 0x12a66: mov es, ax 0x12a68: cmp byte ptr es:[0x25d], 0x57 0x12a6e: je 0x12ab2 0x12a70: sub ax, 0x40 0x12a73: mov es, ax
2018-12-25T11:41:34.912722327Z	76	PC: 13780 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":720,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:41:34.947845616Z	42	PC: 12a44 \| Get date 0x12a44: cmp al, 5 0x12a46: jne 0x12a5f 0x12a48: cmp dl, 0xd 0x12a4b: jne 0x12a5f 0x12a4d: mov ax, 0x1300 0x12a50: mov bp, 0x239 0x12a53: mov bx, 0x8c 0x12a56: mov dx, 0xd16 0x12a59: mov cx, 0x24 0x12a5c: nop 0x12a5d: int 0x10 0x12a5f: push es 0x12a60: int 0x12 0x12a62: mov cl, 6 0x12a64: shl ax, cl 0x12a66: mov es, ax 0x12a68: cmp byte ptr es:[0x25d], 0x57 0x12a6e: je 0x12ab2 0x12a70: sub ax, 0x40 0x12a73: mov es, ax
2018-12-25T11:41:34.956913973Z	76	PC: 13780 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":13,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":720,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:41:35.048922191Z	42	PC: 12a44 \| Get date 0x12a44: cmp al, 5 0x12a46: jne 0x12a5f 0x12a48: cmp dl, 0xd 0x12a4b: jne 0x12a5f 0x12a4d: mov ax, 0x1300 0x12a50: mov bp, 0x239 0x12a53: mov bx, 0x8c 0x12a56: mov dx, 0xd16 0x12a59: mov cx, 0x24 0x12a5c: nop 0x12a5d: int 0x10 0x12a5f: push es 0x12a60: int 0x12 0x12a62: mov cl, 6 0x12a64: shl ax, cl 0x12a66: mov es, ax 0x12a68: cmp byte ptr es:[0x25d], 0x57 0x12a6e: je 0x12ab2 0x12a70: sub ax, 0x40 0x12a73: mov es, ax
2018-12-25T11:41:35.061106937Z	76	PC: 13780 \| Terminate with return code (Return code = '0')