Sample viewer

vx.netlux.org/Virus.DOS.Companion.Pinky.952

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:32:50.322721293Z	37	PC: 12cf5 \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-17T22:32:50.324263888Z	37	PC: 12cf9 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-17T22:32:50.325384243Z	47	PC: 12d3d \| Get disk transfer address
2018-12-17T22:32:50.326295386Z	26	PC: 12d4c \| Set disk transfer address
2018-12-17T22:32:50.327667945Z	53	PC: 12d51 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:50.328718286Z	37	PC: 12d61 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:32:50.330073542Z	78	PC: 12cb5 \| Find first file
2018-12-17T22:32:50.336065206Z	74	PC: 12b2f \| Reallocate memory
2018-12-17T22:32:50.337678048Z	81	PC: 12145 \| Get current PSP

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5869,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:55:33.799520615Z	37	PC: 12cf5 \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T11:55:33.801281973Z	37	PC: 12cf9 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:55:33.802597279Z	47	PC: 12d3d \| Get disk transfer address
2018-12-25T11:55:33.803667081Z	26	PC: 12d4c \| Set disk transfer address
2018-12-25T11:55:33.806057922Z	53	PC: 12d51 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:55:33.807227815Z	37	PC: 12d61 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:55:33.808335124Z	78	PC: 12cb5 \| Find first file
2018-12-25T11:55:33.822578759Z	74	PC: 12b2f \| Reallocate memory
2018-12-25T11:55:33.824213758Z	81	PC: 12145 \| Get current PSP

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5869,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:55:33.901683548Z	37	PC: 12cf5 \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T11:55:33.903646176Z	37	PC: 12cf9 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:55:33.904893786Z	47	PC: 12d3d \| Get disk transfer address
2018-12-25T11:55:33.905980471Z	26	PC: 12d4c \| Set disk transfer address
2018-12-25T11:55:33.906908298Z	53	PC: 12d51 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:55:33.908959502Z	37	PC: 12d61 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:55:33.910190746Z	78	PC: 12cb5 \| Find first file
2018-12-25T11:55:33.917073074Z	74	PC: 12b2f \| Reallocate memory
2018-12-25T11:55:33.921880343Z	81	PC: 12145 \| Get current PSP

{"DateBased":true,"Day":2,"Month":10,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5869,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:55:33.970141729Z	37	PC: 12cf5 \| Set interrupt vector (Interrupt = '1' AKA 'Character input')
2018-12-25T11:55:33.972350555Z	37	PC: 12cf9 \| Set interrupt vector (Interrupt = '3' AKA 'Auxiliary input')
2018-12-25T11:55:33.97371244Z	47	PC: 12d3d \| Get disk transfer address
2018-12-25T11:55:33.974912183Z	26	PC: 12d4c \| Set disk transfer address
2018-12-25T11:55:33.976138581Z	53	PC: 12d51 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:55:33.977848047Z	37	PC: 12d61 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-25T11:55:33.979192874Z	78	PC: 12cb5 \| Find first file
2018-12-25T11:55:33.985850078Z	74	PC: 12b2f \| Reallocate memory
2018-12-25T11:55:33.988792566Z	81	PC: 12145 \| Get current PSP