Sample viewer

vx.netlux.org/Virus.DOS.Jorgito.636

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:54:36.826826938Z	249	PC: 15596 \| UNKNOWN!
2018-12-17T22:54:36.828085117Z	53	PC: 155b1 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:54:36.829024793Z	74	PC: 155ce \| Reallocate memory
2018-12-17T22:54:36.830111448Z	72	PC: 155d5 \| Allocate memory
2018-12-17T22:54:36.831877375Z	37	PC: 155fe \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:54:36.832911323Z	74	PC: 13df6 \| Reallocate memory
2018-12-17T22:54:36.834043505Z	48	PC: 13e2e \| Get DOS version
2018-12-17T22:54:36.836228995Z	74	PC: 14f5a \| Reallocate memory
2018-12-17T22:54:36.83787953Z	74	PC: 14f5a \| Reallocate memory
2018-12-17T22:54:36.839897956Z	68	PC: 14f00 \| I/O control for devices (Set for = '')
2018-12-17T22:54:36.841814864Z	68	PC: 14f00 \| I/O control for devices (Set for = '')
2018-12-17T22:54:36.842937034Z	68	PC: 14f00 \| I/O control for devices (Set for = '')
2018-12-17T22:54:36.844038396Z	68	PC: 14f00 \| I/O control for devices (Set for = '')
2018-12-17T22:54:36.845820719Z	68	PC: 14f00 \| I/O control for devices (Set for = '')
2018-12-17T22:54:36.847513413Z	26	PC: 12de5 \| Set disk transfer address
2018-12-17T22:54:36.848503974Z	78	PC: 12dee \| Find first file
2018-12-17T22:54:36.85434067Z	25	PC: 12f25 \| Get default drive
2018-12-17T22:54:36.856380325Z	71	PC: 12f4c \| Get current directory
2018-12-17T22:54:36.859990761Z	26	PC: 12de5 \| Set disk transfer address
2018-12-17T22:54:36.861259729Z	78	PC: 12dee \| Find first file
2018-12-17T22:54:36.86582223Z	26	PC: 12de5 \| Set disk transfer address
2018-12-17T22:54:36.86671665Z	78	PC: 12dee \| Find first file
2018-12-17T22:54:36.873133303Z	53	PC: 14c36 \| Get interrupt vector (Interrupt = '103' AKA 'Set handle count')
2018-12-17T22:54:36.87545528Z	64	PC: 12ad0 \| Write file or device (Write 52 bytes on handle 1)
2018-12-17T22:54:36.878384612Z	76	PC: 13f1d \| Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11612,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:30:54.641243014Z	249	PC: 15596 \| UNKNOWN!
2018-12-25T12:30:54.643287674Z	53	PC: 155b1 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:30:54.645062536Z	74	PC: 155ce \| Reallocate memory
2018-12-25T12:30:54.646951453Z	72	PC: 155d5 \| Allocate memory
2018-12-25T12:30:54.649435084Z	37	PC: 155fe \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:30:54.650888572Z	74	PC: 13df6 \| Reallocate memory
2018-12-25T12:30:54.652612869Z	48	PC: 13e2e \| Get DOS version
2018-12-25T12:30:54.654929615Z	74	PC: 14f5a \| Reallocate memory
2018-12-25T12:30:54.663598682Z	74	PC: 14f5a \| Reallocate memory (See above)
2018-12-25T12:30:54.667639104Z	68	PC: 14f00 \| I/O control for devices (Set for = '')
2018-12-25T12:30:54.669616526Z	68	PC: 14f00 \| I/O control for devices (See above)
2018-12-25T12:30:54.6728913Z	68	PC: 14f00 \| I/O control for devices (See above)
2018-12-25T12:30:54.674873461Z	68	PC: 14f00 \| I/O control for devices (See above)
2018-12-25T12:30:54.676854875Z	68	PC: 14f00 \| I/O control for devices (See above)
2018-12-25T12:30:54.680763057Z	26	PC: 12de5 \| Set disk transfer address
2018-12-25T12:30:54.682414037Z	78	PC: 12dee \| Find first file
2018-12-25T12:30:54.689336732Z	25	PC: 12f25 \| Get default drive
2018-12-25T12:30:54.692416565Z	71	PC: 12f4c \| Get current directory
2018-12-25T12:30:54.697429996Z	26	PC: 12de5 \| Set disk transfer address (See above)
2018-12-25T12:30:54.698588742Z	78	PC: 12dee \| Find first file (See above)
2018-12-25T12:30:54.706297061Z	26	PC: 12de5 \| Set disk transfer address (See above)
2018-12-25T12:30:54.707699755Z	78	PC: 12dee \| Find first file (See above)
2018-12-25T12:30:54.719400746Z	53	PC: 14c36 \| Get interrupt vector (Interrupt = '103' AKA 'Set handle count')
2018-12-25T12:30:54.722598385Z	64	PC: 12ad0 \| Write file or device (Write 52 bytes on handle 1)
2018-12-25T12:30:54.729829182Z	76	PC: 13f1d \| Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":1,"Year":1998,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":11612,"SideJobID":0}

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:30:54.867585518Z	249	PC: 15596 \| UNKNOWN!
2018-12-25T12:30:54.86952947Z	53	PC: 155b1 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:30:54.870666803Z	74	PC: 155ce \| Reallocate memory
2018-12-25T12:30:54.871931974Z	72	PC: 155d5 \| Allocate memory
2018-12-25T12:30:54.874677973Z	37	PC: 155fe \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:30:54.876106035Z	74	PC: 13df6 \| Reallocate memory
2018-12-25T12:30:54.877600201Z	48	PC: 13e2e \| Get DOS version
2018-12-25T12:30:54.880580112Z	74	PC: 14f5a \| Reallocate memory
2018-12-25T12:30:54.883170597Z	74	PC: 14f5a \| Reallocate memory (See above)
2018-12-25T12:30:54.88596058Z	68	PC: 14f00 \| I/O control for devices (Set for = '')
2018-12-25T12:30:54.887724111Z	68	PC: 14f00 \| I/O control for devices (See above)
2018-12-25T12:30:54.889485301Z	68	PC: 14f00 \| I/O control for devices (See above)
2018-12-25T12:30:54.89079569Z	68	PC: 14f00 \| I/O control for devices (See above)
2018-12-25T12:30:54.892071182Z	68	PC: 14f00 \| I/O control for devices (See above)
2018-12-25T12:30:54.894682413Z	26	PC: 12de5 \| Set disk transfer address
2018-12-25T12:30:54.895678434Z	78	PC: 12dee \| Find first file
2018-12-25T12:30:54.901224927Z	25	PC: 12f25 \| Get default drive
2018-12-25T12:30:54.903010285Z	71	PC: 12f4c \| Get current directory
2018-12-25T12:30:54.905418724Z	26	PC: 12de5 \| Set disk transfer address (See above)
2018-12-25T12:30:54.906652456Z	78	PC: 12dee \| Find first file (See above)
2018-12-25T12:30:54.914186005Z	26	PC: 12de5 \| Set disk transfer address (See above)
2018-12-25T12:30:54.915155639Z	78	PC: 12dee \| Find first file (See above)
2018-12-25T12:30:54.925714622Z	53	PC: 14c36 \| Get interrupt vector (Interrupt = '103' AKA 'Set handle count')
2018-12-25T12:30:54.929348781Z	64	PC: 12ad0 \| Write file or device (Write 52 bytes on handle 1)
2018-12-25T12:30:54.93522635Z	76	PC: 13f1d \| Terminate with return code (Return code = '1')