Sample viewer

vx.netlux.org/Virus.DOS.Mipo.1131

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:51:18.063010384Z	255	PC: 144a3 \| UNKNOWN!
2018-12-17T22:51:18.065672074Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:51:18.066970263Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:51:18.068132383Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:51:18.069634862Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:51:18.079112315Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:51:18.081116549Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:18.083097986Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:51:18.094492253Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:51:18.095888807Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:51:18.097272087Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:51:18.099436136Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:51:18.100924898Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:51:18.102107661Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:51:18.104305088Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:51:18.105639884Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:51:18.107013344Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:51:18.108870485Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:51:18.111962676Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:51:18.113703654Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:51:18.11523117Z	37	PC: 13467 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:51:18.116912497Z	37	PC: 1346f \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:51:18.118311017Z	37	PC: 13477 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:18.119468103Z	37	PC: 1347f \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:51:18.129588733Z	68	PC: 137ef \| I/O control for devices (Set for = '')
2018-12-17T22:51:18.148582279Z	37	PC: 12e75 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:51:18.153648221Z	58	PC: 142fa \| Remove subdirectory
2018-12-17T22:51:18.164647965Z	25	PC: 14233 \| Get default drive
2018-12-17T22:51:18.166248439Z	71	PC: 14246 \| Get current directory
2018-12-17T22:51:18.169864573Z	59	PC: 142fa \| Change current directory
2018-12-17T22:51:18.17511832Z	14	PC: 1428c \| Set default drive (Drive = 'A')
2018-12-17T22:51:18.176191661Z	25	PC: 14290 \| Get default drive
2018-12-17T22:51:18.177492477Z	59	PC: 142fa \| Change current directory
2018-12-17T22:51:18.330676138Z	54	PC: 12d6a \| Get free disk space
2018-12-17T22:51:18.336325954Z	67	PC: 12dca \| Get or set file attributes
2018-12-17T22:51:18.339946496Z	60	PC: 1407a \| Create or truncate file
2018-12-17T22:51:18.682262863Z	62	PC: 140ca \| Close file
2018-12-17T22:51:18.684594879Z	65	PC: 141c3 \| Delete file (Filename = 'C:\mempatch.exe')
2018-12-17T22:51:18.69453272Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:51:18.695897129Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:51:18.698189204Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:51:18.699770818Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:51:18.701341029Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:51:18.703545702Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:51:18.705018439Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:51:18.706358557Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:51:18.708375341Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:51:18.70950787Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:51:18.710988489Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:51:18.713011936Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:51:18.714178274Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:51:18.715290914Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:51:18.717214674Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:51:18.71839325Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:51:18.719525396Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:51:18.722115308Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:51:18.723306299Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:51:18.724401654Z	76	PC: 135a5 \| Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":22,"Min":0,"Second":0,"TimeBased":true,"OriginalID":10515,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:13.714011215Z	255	PC: 144a3 \| UNKNOWN!
2018-12-25T12:28:13.715504239Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:28:13.716699853Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.717842755Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.719819463Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.720963637Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.722017424Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.723837787Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.72530684Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.726810491Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.728512925Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.730327539Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.731389601Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.732562383Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.734154376Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.73521982Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.736298228Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.738110122Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.739279171Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.740334564Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.741980912Z	37	PC: 13467 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:28:13.74335033Z	37	PC: 1346f \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:28:13.744283864Z	37	PC: 13477 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:13.745936775Z	37	PC: 1347f \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-25T12:28:13.747996259Z	68	PC: 137ef \| I/O control for devices (Set for = '')
2018-12-25T12:28:13.793466753Z	37	PC: 12e75 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-25T12:28:13.798134677Z	58	PC: 142fa \| Remove subdirectory
2018-12-25T12:28:13.807069628Z	25	PC: 14233 \| Get default drive
2018-12-25T12:28:13.808432656Z	71	PC: 14246 \| Get current directory
2018-12-25T12:28:13.818337049Z	59	PC: 142fa \| Change current directory (See above)
2018-12-25T12:28:13.823935922Z	14	PC: 1428c \| Set default drive (Drive = 'A')
2018-12-25T12:28:13.82510185Z	25	PC: 14290 \| Get default drive
2018-12-25T12:28:13.827165499Z	59	PC: 142fa \| Change current directory (See above)
2018-12-25T12:28:14.011798872Z	54	PC: 12d6a \| Get free disk space
2018-12-25T12:28:14.020889635Z	67	PC: 12dca \| Get or set file attributes
2018-12-25T12:28:14.02699105Z	60	PC: 1407a \| Create or truncate file
2018-12-25T12:28:14.725289348Z	62	PC: 140ca \| Close file
2018-12-25T12:28:14.727517883Z	65	PC: 141c3 \| Delete file (Filename = 'C:\mempatch.exe')
2018-12-25T12:28:14.73767836Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:28:14.739096172Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.74038046Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.741965288Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.743307318Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.744157534Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.745257259Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.746745087Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.747714057Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.748926856Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.752325351Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.754868499Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.75641547Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.757930805Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.758993032Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.760274164Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.76183425Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.762922514Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.764252115Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.765677939Z	76	PC: 135a5 \| Terminate with return code (Return code = '0')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":10515,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:28:13.869751618Z	255	PC: 144a3 \| UNKNOWN!
2018-12-25T12:28:13.872240985Z	53	PC: 13452 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:28:13.874100635Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.875495404Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.876651197Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.878360772Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.879696623Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.881028756Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.882817713Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.884459982Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.885896264Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.887861958Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.88923979Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.890555336Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.89229399Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.893756092Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.895125014Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.89671849Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.898549786Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.900588241Z	53	PC: 13452 \| Get interrupt vector (See above)
2018-12-25T12:28:13.90292582Z	37	PC: 13467 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:28:13.904674867Z	37	PC: 1346f \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-25T12:28:13.906271961Z	37	PC: 13477 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:28:13.907487144Z	37	PC: 1347f \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-25T12:28:13.909114524Z	68	PC: 137ef \| I/O control for devices (Set for = '')
2018-12-25T12:28:13.943313319Z	37	PC: 12e75 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-25T12:28:13.948642437Z	58	PC: 142fa \| Remove subdirectory
2018-12-25T12:28:13.958828143Z	25	PC: 14233 \| Get default drive
2018-12-25T12:28:13.961593401Z	71	PC: 14246 \| Get current directory
2018-12-25T12:28:13.965324129Z	59	PC: 142fa \| Change current directory (See above)
2018-12-25T12:28:13.972485895Z	14	PC: 1428c \| Set default drive (Drive = 'A')
2018-12-25T12:28:13.974903157Z	25	PC: 14290 \| Get default drive
2018-12-25T12:28:13.978705088Z	59	PC: 142fa \| Change current directory (See above)
2018-12-25T12:28:14.206986411Z	54	PC: 12d6a \| Get free disk space
2018-12-25T12:28:14.219890505Z	67	PC: 12dca \| Get or set file attributes
2018-12-25T12:28:14.227016123Z	60	PC: 1407a \| Create or truncate file
2018-12-25T12:28:14.579872924Z	62	PC: 140ca \| Close file
2018-12-25T12:28:14.58215791Z	65	PC: 141c3 \| Delete file (Filename = 'C:\mempatch.exe')
2018-12-25T12:28:14.592543638Z	37	PC: 13566 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-25T12:28:14.594367096Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.595866378Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.59838133Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.599837385Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.601406643Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.604086313Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.605961378Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.607722351Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.610546125Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.612362016Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.614243022Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.616830735Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.618958041Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.620728741Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.62249058Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.625249916Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.627000048Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.628765737Z	37	PC: 13566 \| Set interrupt vector (See above)
2018-12-25T12:28:14.631786715Z	76	PC: 135a5 \| Terminate with return code (Return code = '0')