Sample viewer

vx.netlux.org/Virus.DOS.Pulce.1840

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:49:13.729901726Z 235 PC: 12e9d | UNKNOWN!
2018-12-17T22:49:13.730871338Z 42 PC: 12ef0 | Get date 0x12ef0: cmp al, 3
0x12ef2: jne 0x12f07
0x12ef4: mov ah, 0x2c
0x12ef6: int 0x21
0x12ef8: cmp ch, 0xd
0x12efb: jb 0x12f07
0x12efd: mov word ptr [0x20], 0x11d
0x12f03: mov word ptr [0x22], es
0x12f07: mov word ptr [0x84], 0x1f7
0x12f0d: mov word ptr [0x86], es
0x12f11: sti
0x12f12: pop es
0x12f13: cmp sp, -4
0x12f16: je 0x12f3a
0x12f18: pop ds
0x12f19: mov ax, ds
0x12f1b: add ax, 0x10
0x12f1e: mov cx, ax
0x12f20: add ax, word ptr cs:[0x716]
0x12f25: cli

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9816,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:23:48.668106456Z 235 PC: 12e9d | UNKNOWN!
2018-12-25T12:23:48.669928422Z 42 PC: 12ef0 | Get date 0x12ef0: cmp al, 3
0x12ef2: jne 0x12f07
0x12ef4: mov ah, 0x2c
0x12ef6: int 0x21
0x12ef8: cmp ch, 0xd
0x12efb: jb 0x12f07
0x12efd: mov word ptr [0x20], 0x11d
0x12f03: mov word ptr [0x22], es
0x12f07: mov word ptr [0x84], 0x1f7
0x12f0d: mov word ptr [0x86], es
0x12f11: sti
0x12f12: pop es
0x12f13: cmp sp, -4
0x12f16: je 0x12f3a
0x12f18: pop ds
0x12f19: mov ax, ds
0x12f1b: add ax, 0x10
0x12f1e: mov cx, ax
0x12f20: add ax, word ptr cs:[0x716]
0x12f25: cli

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":9816,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:23:48.725051469Z 235 PC: 12e9d | UNKNOWN!
2018-12-25T12:23:48.728083647Z 42 PC: 12ef0 | Get date 0x12ef0: cmp al, 3
0x12ef2: jne 0x12f07
0x12ef4: mov ah, 0x2c
0x12ef6: int 0x21
0x12ef8: cmp ch, 0xd
0x12efb: jb 0x12f07
0x12efd: mov word ptr [0x20], 0x11d
0x12f03: mov word ptr [0x22], es
0x12f07: mov word ptr [0x84], 0x1f7
0x12f0d: mov word ptr [0x86], es
0x12f11: sti
0x12f12: pop es
0x12f13: cmp sp, -4
0x12f16: je 0x12f3a
0x12f18: pop ds
0x12f19: mov ax, ds
0x12f1b: add ax, 0x10
0x12f1e: mov cx, ax
0x12f20: add ax, word ptr cs:[0x716]
0x12f25: cli
2018-12-25T12:23:48.730619793Z 44 PC: 12ef8 | Get time 0x12ef8: cmp ch, 0xd
0x12efb: jb 0x12f07
0x12efd: mov word ptr [0x20], 0x11d
0x12f03: mov word ptr [0x22], es
0x12f07: mov word ptr [0x84], 0x1f7
0x12f0d: mov word ptr [0x86], es
0x12f11: sti
0x12f12: pop es
0x12f13: cmp sp, -4
0x12f16: je 0x12f3a
0x12f18: pop ds
0x12f19: mov ax, ds
0x12f1b: add ax, 0x10
0x12f1e: mov cx, ax
0x12f20: add ax, word ptr cs:[0x716]
0x12f25: cli
0x12f26: mov ss, ax
0x12f28: mov sp, word ptr cs:[0x718]
0x12f2d: sti
0x12f2e: add cx, word ptr cs:[0x71e]