Sample viewer

vx.netlux.org/Virus.DOS.Pac-Man.Clyde.1012

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:07:22.509316559Z	37	PC: 12d4a \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T23:07:22.511293518Z	37	PC: 12d4e \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T23:07:22.512690744Z	47	PC: 12d92 \| Get disk transfer address
2018-12-17T23:07:22.51414846Z	26	PC: 12da1 \| Set disk transfer address
2018-12-17T23:07:22.515508659Z	53	PC: 12da6 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:07:22.517614496Z	37	PC: 12db6 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:07:22.518796834Z	78	PC: 12d0a \| Find first file
2018-12-17T23:07:22.524520502Z	74	PC: 12b39 \| Reallocate memory
2018-12-17T23:07:22.527126551Z	81	PC: 12145 \| Get current PSP

{"DateBased":true,"Day":3,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15837,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:41.022651797Z	37	PC: 12d4a \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T12:44:41.024379211Z	37	PC: 12d4e \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:44:41.025540234Z	47	PC: 12d92 \| Get disk transfer address
2018-12-25T12:44:41.026576495Z	26	PC: 12da1 \| Set disk transfer address
2018-12-25T12:44:41.02801749Z	53	PC: 12da6 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:44:41.029220724Z	37	PC: 12db6 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:44:41.030376113Z	78	PC: 12d0a \| Find first file
2018-12-25T12:44:41.03634708Z	74	PC: 12b39 \| Reallocate memory
2018-12-25T12:44:41.038273252Z	81	PC: 12145 \| Get current PSP

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15837,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:41.330803941Z	37	PC: 12d4a \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T12:44:41.333616141Z	37	PC: 12d4e \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:44:41.335091402Z	47	PC: 12d92 \| Get disk transfer address
2018-12-25T12:44:41.336310254Z	26	PC: 12da1 \| Set disk transfer address
2018-12-25T12:44:41.337481136Z	53	PC: 12da6 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:44:41.339348255Z	37	PC: 12db6 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:44:41.340949212Z	78	PC: 12d0a \| Find first file
2018-12-25T12:44:41.347816978Z	74	PC: 12b39 \| Reallocate memory
2018-12-25T12:44:41.350340314Z	81	PC: 12145 \| Get current PSP

{"DateBased":true,"Day":3,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15837,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:41.91227521Z	37	PC: 12d4a \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T12:44:41.913661918Z	37	PC: 12d4e \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T12:44:41.914781877Z	47	PC: 12d92 \| Get disk transfer address
2018-12-25T12:44:41.915803312Z	26	PC: 12da1 \| Set disk transfer address
2018-12-25T12:44:41.917852834Z	53	PC: 12da6 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:44:41.919328367Z	37	PC: 12db6 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T12:44:41.920724565Z	78	PC: 12d0a \| Find first file
2018-12-25T12:44:41.92728105Z	74	PC: 12b39 \| Reallocate memory
2018-12-25T12:44:41.928866453Z	81	PC: 12145 \| Get current PSP