Sample viewer

vx.netlux.org/Virus.DOS.PS-MPC.Yam.1136

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:12:26.680364355Z 65 PC: 12ac0 | Delete file (Filename = ' K /K command Executes the specified command and continues running. LThe /P and /MSG switches may be used only when COMMAND is started by using +the SHELL command in the CONFIG.SYS file. F##¸#ã#,$z$À$%U% %à%,&y&')
2018-12-17T22:12:26.685447903Z 9 PC: 12a49 | Display string (String= 'This File is 100 bytes Long! ')
2018-12-17T22:12:26.689864465Z 76 PC: 12a4d | Terminate with return code (Return code = '36')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":2504,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:46:00.950125689Z 65 PC: 12ac0 | Delete file (Filename = ' K /K command Executes the specified command and continues running. LThe /P and /MSG switches may be used only when COMMAND is started by using +the SHELL command in the CONFIG.SYS file. F##¸#ã#,$z$À$%U% %à%,&y&')
2018-12-25T11:46:00.964197586Z 9 PC: 12a49 | Display string (String= 'This File is 100 bytes Long! ')
2018-12-25T11:46:00.969075147Z 76 PC: 12a4d | Terminate with return code (Return code = '36')

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":9,"Min":0,"Second":0,"TimeBased":true,"OriginalID":2504,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:46:01.019584946Z 65 PC: 12ac0 | Delete file (Filename = ' K /K command Executes the specified command and continues running. LThe /P and /MSG switches may be used only when COMMAND is started by using +the SHELL command in the CONFIG.SYS file. F##¸#ã#,$z$À$%U% %à%,&y&')
2018-12-25T11:46:01.024936426Z 9 PC: 12a49 | Display string (String= 'This File is 100 bytes Long! ')
2018-12-25T11:46:01.02974488Z 76 PC: 12a4d | Terminate with return code (Return code = '36')