Sample viewer

vx.netlux.org/Virus.DOS.GTM.727

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:42:36.640338989Z	84	PC: 14329 \| Get verify flag
2018-12-17T22:42:36.64219633Z	53	PC: 1459f \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:42:36.64342613Z	37	PC: 145d2 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:42:36.64484752Z	99	PC: 13536 \| Get DBCS lead byte table pointer
2018-12-17T22:42:36.64691633Z	68	PC: 13550 \| I/O control for devices (Set for = '')
2018-12-17T22:42:36.648684557Z	68	PC: 1355b \| I/O control for devices (Set for = '')
2018-12-17T22:42:36.650594517Z	68	PC: 13566 \| I/O control for devices (Set for = '')
2018-12-17T22:42:36.65246485Z	68	PC: 1356e \| I/O control for devices (Set for = '��b��g�t�S3��[r�2��W�<t��>W')
2018-12-17T22:42:36.655063245Z	48	PC: 13573 \| Get DOS version
2018-12-17T22:42:36.657448678Z	64	PC: 136a8 \| Write file or device (Write 28 bytes on handle 2)
2018-12-17T22:42:36.662809876Z	76	PC: 132b3 \| Terminate with return code (Return code = '1')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7610,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:02:03.825277506Z	84	PC: 14329 \| Get verify flag
2018-12-25T12:02:03.827025578Z	53	PC: 1459f \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:02:03.828677044Z	37	PC: 145d2 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:02:03.830510568Z	99	PC: 13536 \| Get DBCS lead byte table pointer
2018-12-25T12:02:03.833019399Z	68	PC: 13550 \| I/O control for devices (Set for = '')
2018-12-25T12:02:03.83473625Z	68	PC: 1355b \| I/O control for devices (Set for = '')
2018-12-25T12:02:03.83702174Z	68	PC: 13566 \| I/O control for devices (Set for = '')
2018-12-25T12:02:03.8386413Z	68	PC: 1356e \| I/O control for devices (Set for = '��b��g�t�S3��[r�2��W�<t��>W')
2018-12-25T12:02:03.841127187Z	48	PC: 13573 \| Get DOS version
2018-12-25T12:02:03.842371803Z	64	PC: 136a8 \| Write file or device (Write 28 bytes on handle 2)
2018-12-25T12:02:03.845330432Z	76	PC: 132b3 \| Terminate with return code (Return code = '1')

{"DateBased":true,"Day":2,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7610,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:02:04.455862865Z	84	PC: 14329 \| Get verify flag
2018-12-25T12:02:04.45770908Z	53	PC: 1459f \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:02:04.460607569Z	37	PC: 145d2 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:02:04.463206794Z	99	PC: 13536 \| Get DBCS lead byte table pointer
2018-12-25T12:02:04.465448088Z	68	PC: 13550 \| I/O control for devices (Set for = '')
2018-12-25T12:02:04.467683853Z	68	PC: 1355b \| I/O control for devices (Set for = '')
2018-12-25T12:02:04.471214012Z	68	PC: 13566 \| I/O control for devices (Set for = '')
2018-12-25T12:02:04.473520475Z	68	PC: 1356e \| I/O control for devices (Set for = '��b��g�t�S3��[r�2��W�<t��>W')
2018-12-25T12:02:04.475858911Z	48	PC: 13573 \| Get DOS version
2018-12-25T12:02:04.47762687Z	64	PC: 136a8 \| Write file or device (Write 28 bytes on handle 2)
2018-12-25T12:02:04.482855207Z	76	PC: 132b3 \| Terminate with return code (Return code = '1')

{"DateBased":true,"Day":3,"Month":9,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":7610,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:02:04.722917201Z	84	PC: 14329 \| Get verify flag
2018-12-25T12:02:04.724532856Z	53	PC: 1459f \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:02:04.725991343Z	37	PC: 145d2 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:02:04.727246421Z	99	PC: 13536 \| Get DBCS lead byte table pointer
2018-12-25T12:02:04.728624597Z	68	PC: 13550 \| I/O control for devices (Set for = '')
2018-12-25T12:02:04.729823354Z	68	PC: 1355b \| I/O control for devices (Set for = '')
2018-12-25T12:02:04.731217806Z	68	PC: 13566 \| I/O control for devices (Set for = '')
2018-12-25T12:02:04.738389562Z	68	PC: 1356e \| I/O control for devices (Set for = '��b��g�t�S3��[r�2��W�<t��>W')
2018-12-25T12:02:04.739894595Z	48	PC: 13573 \| Get DOS version
2018-12-25T12:02:04.741337344Z	64	PC: 136a8 \| Write file or device (Write 28 bytes on handle 2)
2018-12-25T12:02:04.746087227Z	76	PC: 132b3 \| Terminate with return code (Return code = '1')