Sample viewer

vx.netlux.org/Virus.DOS.AJ.793

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:29:39.282752234Z	25	PC: 21c56 \| Get default drive
2018-12-17T22:29:39.284001584Z	53	PC: 21c60 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:29:39.285141184Z	250	PC: 21f09 \| UNKNOWN!
2018-12-17T22:29:39.28606102Z	74	PC: 21c86 \| Reallocate memory
2018-12-17T22:29:39.302560989Z	72	PC: 21c8d \| Allocate memory
2018-12-17T22:29:39.30435191Z	37	PC: 21cb6 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:29:39.305743128Z	37	PC: 21cc6 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:29:39.307952082Z	250	PC: 21ee6 \| UNKNOWN!
2018-12-17T22:29:39.308692456Z	9	PC: 12a5c \| Display string (Could not find end pointer)
2018-12-17T22:29:39.314354525Z	76	PC: 12a61 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5301,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:54:11.11383068Z	25	PC: 21c56 \| Get default drive
2018-12-25T11:54:11.115228305Z	53	PC: 21c60 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:54:11.116766481Z	250	PC: 21f09 \| UNKNOWN!
2018-12-25T11:54:11.118285794Z	74	PC: 21c86 \| Reallocate memory
2018-12-25T11:54:11.123362747Z	72	PC: 21c8d \| Allocate memory
2018-12-25T11:54:11.124920486Z	37	PC: 21cb6 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:54:11.12645742Z	37	PC: 21cc6 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:54:11.127643035Z	250	PC: 21ee6 \| UNKNOWN!
2018-12-25T11:54:11.128362975Z	9	PC: 12a5c \| Display string (Could not find end pointer)
2018-12-25T11:54:11.134129121Z	76	PC: 12a61 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":2,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5301,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:54:11.150219348Z	25	PC: 21c56 \| Get default drive
2018-12-25T11:54:11.152057619Z	53	PC: 21c60 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:54:11.153159407Z	250	PC: 21f09 \| UNKNOWN!
2018-12-25T11:54:11.153915358Z	74	PC: 21c86 \| Reallocate memory
2018-12-25T11:54:11.155929874Z	72	PC: 21c8d \| Allocate memory
2018-12-25T11:54:11.157566388Z	37	PC: 21cb6 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:54:11.158953443Z	37	PC: 21cc6 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:54:11.161447967Z	250	PC: 21ee6 \| UNKNOWN!
2018-12-25T11:54:11.16253355Z	9	PC: 12a5c \| Display string (Could not find end pointer)
2018-12-25T11:54:11.168096493Z	76	PC: 12a61 \| Terminate with return code (Return code = '0')

{"DateBased":true,"Day":6,"Month":2,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5301,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:54:11.334950419Z	25	PC: 21c56 \| Get default drive
2018-12-25T11:54:11.336110824Z	53	PC: 21c60 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:54:11.33714627Z	250	PC: 21f09 \| UNKNOWN!
2018-12-25T11:54:11.33832112Z	74	PC: 21c86 \| Reallocate memory
2018-12-25T11:54:11.339355709Z	72	PC: 21c8d \| Allocate memory
2018-12-25T11:54:11.340448835Z	37	PC: 21cb6 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T11:54:11.341843714Z	37	PC: 21cc6 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:54:11.342799166Z	250	PC: 21ee6 \| UNKNOWN!
2018-12-25T11:54:11.343580836Z	9	PC: 12a5c \| Display string (Could not find end pointer)
2018-12-25T11:54:11.347704121Z	76	PC: 12a61 \| Terminate with return code (Return code = '0')