Sample viewer

vx.netlux.org/Virus.DOS.Siskin.1017

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:39:29.69672524Z 254 PC: 12a6e | UNKNOWN!
2018-12-17T22:39:29.698064399Z 53 PC: 12a96 | Get interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-17T22:39:29.699210271Z 53 PC: 12aa3 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:39:29.700325545Z 53 PC: 12aaf | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:39:29.70189889Z 37 PC: 12acd | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:39:29.703579613Z 37 PC: 12ad4 | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:39:29.70465922Z 37 PC: 12ada | Set interrupt vector (Interrupt = '80' AKA 'Set current PSP')
2018-12-17T22:39:29.706551565Z 76 PC: 12a45 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6789,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:18.582210353Z 254 PC: 12a6e | UNKNOWN!
2018-12-25T12:00:18.583565646Z 53 PC: 12a96 | Get interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-25T12:00:18.584655458Z 53 PC: 12aa3 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-25T12:00:18.585715975Z 53 PC: 12aaf | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:00:18.588291697Z 37 PC: 12acd | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:00:18.589249521Z 37 PC: 12ad4 | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-25T12:00:18.590187411Z 37 PC: 12ada | Set interrupt vector (Interrupt = '80' AKA 'Set current PSP')
2018-12-25T12:00:18.592077812Z 76 PC: 12a45 | Terminate with return code (Return code = '0')

{"DateBased":true,"Day":7,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6789,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:18.635344224Z 254 PC: 12a6e | UNKNOWN!
2018-12-25T12:00:18.636410458Z 53 PC: 12a96 | Get interrupt vector (Interrupt = '32' AKA 'Reserved')
2018-12-25T12:00:18.638043589Z 53 PC: 12aa3 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-25T12:00:18.63921481Z 53 PC: 12aaf | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:00:18.640354112Z 37 PC: 12acd | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:00:18.641913042Z 37 PC: 12ad4 | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-25T12:00:18.643499003Z 37 PC: 12ada | Set interrupt vector (Interrupt = '80' AKA 'Set current PSP')
2018-12-25T12:00:18.645003876Z 76 PC: 12a45 | Terminate with return code (Return code = '0')