Sample viewer

vx.netlux.org/Virus.DOS.HYY.2560

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:02:32.25400439Z	170	PC: 13c94 \| UNKNOWN!
2018-12-17T23:02:32.25646015Z	74	PC: 12aec \| Reallocate memory
2018-12-17T23:02:32.261561901Z	53	PC: 12af7 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:02:32.262937506Z	53	PC: 12b04 \| Get interrupt vector (Interrupt = '40' AKA 'Random block write')
2018-12-17T23:02:32.264266457Z	37	PC: 12b14 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:02:32.266644724Z	37	PC: 12b1c \| Set interrupt vector (Interrupt = '40' AKA 'Random block write')
2018-12-17T23:02:32.268718583Z	75	PC: 12b45 \| Execute program
2018-12-17T23:02:32.288013225Z	9	PC: 13ffc \| Display string (Could not find end pointer)
2018-12-17T23:02:32.294210805Z	76	PC: 14001 \| Terminate with return code (Return code = '0')
2018-12-17T23:02:32.298189915Z	73	PC: 12b4b \| Release memory
2018-12-17T23:02:32.300719903Z	77	PC: 12b4f \| Get program return code
2018-12-17T23:02:32.313188713Z	49	PC: 12b54 \| Terminate and stay resident (Return code = '0' \| Memory size = '340')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14250,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:13.06051639Z	170	PC: 13c94 \| UNKNOWN!
2018-12-25T12:40:13.062359823Z	74	PC: 12aec \| Reallocate memory
2018-12-25T12:40:13.067578127Z	53	PC: 12af7 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:40:13.069452322Z	53	PC: 12b04 \| Get interrupt vector (Interrupt = '40' AKA 'Random block write')
2018-12-25T12:40:13.071342671Z	37	PC: 12b14 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:40:13.074311676Z	37	PC: 12b1c \| Set interrupt vector (Interrupt = '40' AKA 'Random block write')
2018-12-25T12:40:13.076302006Z	75	PC: 12b45 \| Execute program
2018-12-25T12:40:13.099900993Z	9	PC: 13ffc \| Display string (Could not find end pointer)
2018-12-25T12:40:13.110764868Z	76	PC: 14001 \| Terminate with return code (Return code = '0')
2018-12-25T12:40:13.114150545Z	73	PC: 12b4b \| Release memory
2018-12-25T12:40:13.115808265Z	77	PC: 12b4f \| Get program return code
2018-12-25T12:40:13.118288075Z	49	PC: 12b54 \| Terminate and stay resident (Return code = '0' \| Memory size = '340')

{"DateBased":true,"Day":1,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14250,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:13.258013029Z	170	PC: 13c94 \| UNKNOWN!
2018-12-25T12:40:13.260877376Z	74	PC: 12aec \| Reallocate memory
2018-12-25T12:40:13.269866956Z	53	PC: 12af7 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:40:13.271756686Z	53	PC: 12b04 \| Get interrupt vector (Interrupt = '40' AKA 'Random block write')
2018-12-25T12:40:13.274013052Z	37	PC: 12b14 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:40:13.275827332Z	37	PC: 12b1c \| Set interrupt vector (Interrupt = '40' AKA 'Random block write')
2018-12-25T12:40:13.277581961Z	75	PC: 12b45 \| Execute program
2018-12-25T12:40:13.303682201Z	9	PC: 13ffc \| Display string (Could not find end pointer)
2018-12-25T12:40:13.310189025Z	76	PC: 14001 \| Terminate with return code (Return code = '0')
2018-12-25T12:40:13.313626864Z	73	PC: 12b4b \| Release memory
2018-12-25T12:40:13.315562238Z	77	PC: 12b4f \| Get program return code
2018-12-25T12:40:13.323396142Z	49	PC: 12b54 \| Terminate and stay resident (Return code = '0' \| Memory size = '340')

{"DateBased":true,"Day":26,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14250,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:40:13.289934079Z	170	PC: 13c94 \| UNKNOWN!
2018-12-25T12:40:13.291761407Z	74	PC: 12aec \| Reallocate memory
2018-12-25T12:40:13.295419282Z	53	PC: 12af7 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:40:13.296702738Z	53	PC: 12b04 \| Get interrupt vector (Interrupt = '40' AKA 'Random block write')
2018-12-25T12:40:13.298723798Z	37	PC: 12b14 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:40:13.299867057Z	37	PC: 12b1c \| Set interrupt vector (Interrupt = '40' AKA 'Random block write')
2018-12-25T12:40:13.301172971Z	75	PC: 12b45 \| Execute program
2018-12-25T12:40:13.318609941Z	9	PC: 13ffc \| Display string (Could not find end pointer)
2018-12-25T12:40:13.324279906Z	76	PC: 14001 \| Terminate with return code (Return code = '0')
2018-12-25T12:40:13.327518387Z	73	PC: 12b4b \| Release memory
2018-12-25T12:40:13.329728211Z	77	PC: 12b4f \| Get program return code
2018-12-25T12:40:13.331495904Z	49	PC: 12b54 \| Terminate and stay resident (Return code = '0' \| Memory size = '340')