Sample viewer

vx.netlux.org/Virus.DOS.Cumple.1249

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:07:25.214216382Z	250	PC: 12a90 \| UNKNOWN!
2018-12-17T23:07:25.215135707Z	53	PC: 12a95 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:07:25.217216333Z	37	PC: 12aa5 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:07:25.218653371Z	74	PC: 12ac0 \| Reallocate memory
2018-12-17T23:07:25.220410156Z	75	PC: 12af7 \| Execute program
2018-12-17T23:07:25.238339424Z	9	PC: 130f2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')
2018-12-17T23:07:25.245708126Z	77	PC: 12afb \| Get program return code
2018-12-17T23:07:25.247053367Z	49	PC: 12b04 \| Terminate and stay resident (Return code = '0' \| Memory size = '95')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15853,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:42.389601722Z	250	PC: 12a90 \| UNKNOWN!
2018-12-25T12:44:42.395687353Z	53	PC: 12a95 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:42.397264716Z	37	PC: 12aa5 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:42.398454902Z	74	PC: 12ac0 \| Reallocate memory
2018-12-25T12:44:42.400092762Z	75	PC: 12af7 \| Execute program
2018-12-25T12:44:42.417046837Z	9	PC: 130f2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')
2018-12-25T12:44:42.424558471Z	77	PC: 12afb \| Get program return code
2018-12-25T12:44:42.425725674Z	49	PC: 12b04 \| Terminate and stay resident (Return code = '0' \| Memory size = '95')

{"DateBased":true,"Day":27,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15853,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:42.514260359Z	250	PC: 12a90 \| UNKNOWN!
2018-12-25T12:44:42.516060806Z	53	PC: 12a95 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:42.517302298Z	37	PC: 12aa5 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:42.518492265Z	74	PC: 12ac0 \| Reallocate memory
2018-12-25T12:44:42.520523297Z	75	PC: 12af7 \| Execute program
2018-12-25T12:44:42.535556818Z	9	PC: 130f2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')
2018-12-25T12:44:42.543390693Z	77	PC: 12afb \| Get program return code
2018-12-25T12:44:42.545106844Z	49	PC: 12b04 \| Terminate and stay resident (Return code = '0' \| Memory size = '95')

{"DateBased":true,"Day":11,"Month":7,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15853,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:42.611891177Z	250	PC: 12a90 \| UNKNOWN!
2018-12-25T12:44:42.613654831Z	53	PC: 12a95 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:42.61517463Z	37	PC: 12aa5 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:42.616662433Z	74	PC: 12ac0 \| Reallocate memory
2018-12-25T12:44:42.618963208Z	75	PC: 12af7 \| Execute program
2018-12-25T12:44:42.637348985Z	9	PC: 130f2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')
2018-12-25T12:44:42.645488444Z	77	PC: 12afb \| Get program return code
2018-12-25T12:44:42.647008122Z	49	PC: 12b04 \| Terminate and stay resident (Return code = '0' \| Memory size = '95')

{"DateBased":true,"Day":15,"Month":11,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15853,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:42.65040492Z	250	PC: 12a90 \| UNKNOWN!
2018-12-25T12:44:42.652202805Z	53	PC: 12a95 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:42.654064482Z	37	PC: 12aa5 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:42.655538319Z	74	PC: 12ac0 \| Reallocate memory
2018-12-25T12:44:42.665774882Z	75	PC: 12af7 \| Execute program
2018-12-25T12:44:42.680420433Z	9	PC: 130f2 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')
2018-12-25T12:44:42.687933039Z	77	PC: 12afb \| Get program return code
2018-12-25T12:44:42.690093613Z	49	PC: 12b04 \| Terminate and stay resident (Return code = '0' \| Memory size = '95')