Sample viewer

vx.netlux.org/Virus.DOS.April_1st.Com

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:53:44.823643593Z	221	PC: 12a63 \| UNKNOWN!
2018-12-17T22:53:44.825423928Z	53	PC: 12a8d \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:53:44.827119086Z	37	PC: 12a9d \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:53:44.828788747Z	74	PC: 12ab8 \| Reallocate memory
2018-12-17T22:53:44.832281906Z	75	PC: 12aef \| Execute program
2018-12-17T22:53:44.855854098Z	48	PC: 133a1 \| Get DOS version
2018-12-17T22:53:44.857212193Z	9	PC: 133ad \| Display string (String= 'Versi�n incorrecta del DOS ')
2018-12-17T22:53:44.861932422Z	76	PC: 133b1 \| Terminate with return code (Return code = '36')
2018-12-17T22:53:44.865338329Z	77	PC: 12af3 \| Get program return code
2018-12-17T22:53:44.866557932Z	49	PC: 12afc \| Terminate and stay resident (Return code = '36' \| Memory size = '73')

{"DateBased":true,"Day":1,"Month":1,"Year":1988,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11327,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:30:20.171174571Z	221	PC: 12a63 \| UNKNOWN!
2018-12-25T12:30:20.173241907Z	53	PC: 12a8d \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:30:20.17458743Z	37	PC: 12a9d \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:30:20.175994289Z	74	PC: 12ab8 \| Reallocate memory
2018-12-25T12:30:20.177786104Z	75	PC: 12aef \| Execute program
2018-12-25T12:30:20.193526659Z	48	PC: 133a1 \| Get DOS version
2018-12-25T12:30:20.194830032Z	9	PC: 133ad \| Display string (String= 'Versi�n incorrecta del DOS ')
2018-12-25T12:30:20.198972122Z	76	PC: 133b1 \| Terminate with return code (Return code = '36')
2018-12-25T12:30:20.215176832Z	77	PC: 12af3 \| Get program return code
2018-12-25T12:30:20.217785002Z	49	PC: 12afc \| Terminate and stay resident (Return code = '36' \| Memory size = '73')

{"DateBased":true,"Day":1,"Month":4,"Year":1988,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11327,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:30:20.385768611Z	221	PC: 12a63 \| UNKNOWN!
2018-12-25T12:30:20.387096388Z	53	PC: 12a8d \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:30:20.388185488Z	37	PC: 12a9d \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:30:20.389612738Z	74	PC: 12ab8 \| Reallocate memory
2018-12-25T12:30:20.392520465Z	75	PC: 12aef \| Execute program
2018-12-25T12:30:20.406757754Z	48	PC: 133a1 \| Get DOS version
2018-12-25T12:30:20.407763011Z	9	PC: 133ad \| Display string (String= 'Versi�n incorrecta del DOS ')
2018-12-25T12:30:20.411907233Z	76	PC: 133b1 \| Terminate with return code (Return code = '36')
2018-12-25T12:30:20.417126388Z	77	PC: 12af3 \| Get program return code
2018-12-25T12:30:20.418321832Z	49	PC: 12afc \| Terminate and stay resident (Return code = '36' \| Memory size = '73')

{"DateBased":true,"Day":2,"Month":4,"Year":1988,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11327,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:30:21.173582185Z	221	PC: 12a63 \| UNKNOWN!
2018-12-25T12:30:21.175826145Z	53	PC: 12a8d \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:30:21.177180122Z	37	PC: 12a9d \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:30:21.178321991Z	74	PC: 12ab8 \| Reallocate memory
2018-12-25T12:30:21.180033737Z	75	PC: 12aef \| Execute program
2018-12-25T12:30:21.194557372Z	48	PC: 133a1 \| Get DOS version
2018-12-25T12:30:21.195717069Z	9	PC: 133ad \| Display string (String= 'Versi�n incorrecta del DOS ')
2018-12-25T12:30:21.200179783Z	76	PC: 133b1 \| Terminate with return code (Return code = '36')
2018-12-25T12:30:21.203586513Z	77	PC: 12af3 \| Get program return code
2018-12-25T12:30:21.20551359Z	49	PC: 12afc \| Terminate and stay resident (Return code = '36' \| Memory size = '73')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11327,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:30:21.327079288Z	221	PC: 12a63 \| UNKNOWN!
2018-12-25T12:30:21.329184741Z	53	PC: 12a8d \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:30:21.330742198Z	37	PC: 12a9d \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:30:21.332292871Z	74	PC: 12ab8 \| Reallocate memory
2018-12-25T12:30:21.334210741Z	75	PC: 12aef \| Execute program
2018-12-25T12:30:21.350263799Z	48	PC: 133a1 \| Get DOS version
2018-12-25T12:30:21.351638566Z	9	PC: 133ad \| Display string (String= 'Versi�n incorrecta del DOS ')
2018-12-25T12:30:21.355882429Z	76	PC: 133b1 \| Terminate with return code (Return code = '36')
2018-12-25T12:30:21.360110498Z	77	PC: 12af3 \| Get program return code
2018-12-25T12:30:21.361346746Z	49	PC: 12afc \| Terminate and stay resident (Return code = '36' \| Memory size = '73')