Sample viewer

vx.netlux.org/Virus.DOS.Patoruzu.1024

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:04:36.049747459Z 221 PC: 12ddd | UNKNOWN!
2018-12-17T23:04:36.051755116Z 74 PC: 12d8e | Reallocate memory
2018-12-17T23:04:36.054264535Z 75 PC: 12d98 | Execute program
2018-12-17T23:04:36.071436141Z 221 PC: 1344d | UNKNOWN!
2018-12-17T23:04:36.074116943Z 76 PC: 130b5 | Terminate with return code (Return code = '0')
2018-12-17T23:04:36.079257902Z 53 PC: 12da8 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:04:36.081281918Z 53 PC: 12db5 | Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T23:04:36.082692922Z 37 PC: 12dc5 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:04:36.085026421Z 37 PC: 12dcd | Set interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T23:04:36.086357935Z 49 PC: 12dd2 | Terminate and stay resident (Return code = '0' | Memory size = '81')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14937,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:42:13.31154356Z 221 PC: 12ddd | UNKNOWN!
2018-12-25T12:42:13.312940466Z 74 PC: 12d8e | Reallocate memory
2018-12-25T12:42:13.314673927Z 75 PC: 12d98 | Execute program
2018-12-25T12:42:13.32984324Z 221 PC: 1344d | UNKNOWN!
2018-12-25T12:42:13.332816451Z 76 PC: 130b5 | Terminate with return code (Return code = '0')
2018-12-25T12:42:13.337208483Z 53 PC: 12da8 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:42:13.338733756Z 53 PC: 12db5 | Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-25T12:42:13.340416502Z 37 PC: 12dc5 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:42:13.348032457Z 37 PC: 12dcd | Set interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-25T12:42:13.349542934Z 49 PC: 12dd2 | Terminate and stay resident (Return code = '0' | Memory size = '81')

{"DateBased":true,"Day":17,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":14937,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:42:13.265756934Z 221 PC: 12ddd | UNKNOWN!
2018-12-25T12:42:13.267505569Z 74 PC: 12d8e | Reallocate memory
2018-12-25T12:42:13.268695689Z 75 PC: 12d98 | Execute program
2018-12-25T12:42:13.282182381Z 221 PC: 1344d | UNKNOWN!
2018-12-25T12:42:13.284700583Z 76 PC: 130b5 | Terminate with return code (Return code = '0')
2018-12-25T12:42:13.287965793Z 53 PC: 12da8 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:42:13.288962291Z 53 PC: 12db5 | Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-25T12:42:13.289902916Z 37 PC: 12dc5 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:42:13.292559033Z 37 PC: 12dcd | Set interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-25T12:42:13.293868137Z 49 PC: 12dd2 | Terminate and stay resident (Return code = '0' | Memory size = '81')