Sample viewer

vx.netlux.org/Virus.DOS.SillyRC.512

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:50:46.806152258Z	53	PC: 12a45 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:50:46.80999253Z	74	PC: 12a8c \| Reallocate memory
2018-12-17T22:50:46.811599739Z	90	PC: 12a9b \| Create unique file
2018-12-17T22:50:46.953863553Z	64	PC: 12aa7 \| Write file or device (Write 512 bytes on handle 5)
2018-12-17T22:50:46.966347678Z	62	PC: 12ac6 \| Close file
2018-12-17T22:50:46.979682098Z	86	PC: 12ad0 \| Rename file
2018-12-17T22:50:46.989248745Z	75	PC: 12adb \| Execute program
2018-12-17T22:50:47.007918219Z	53	PC: 22b60 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:50:47.01182599Z	37	PC: 22b70 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:50:47.013180329Z	49	PC: 22b77 \| Terminate and stay resident (Return code = '33' \| Memory size = '80')
2018-12-17T22:50:47.015615715Z	53	PC: 12ae0 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:50:47.017756019Z	48	PC: 12a63 \| Get DOS version
2018-12-17T22:50:47.019058231Z	9	PC: 12a7a \| Display string (String= ' --=[ Selfchecking AntiStealth Goat COM/EXE file, 01/06/01 ]=------------------ (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware ')
2018-12-17T22:50:47.02968061Z	61	PC: 12cb7 \| Open file (Filename = '')
2018-12-17T22:50:47.037403865Z	9	PC: 12a88 \| Display string (String= 'Self test: ')
2018-12-17T22:50:47.04016532Z	93	PC: 12b24 \| File sharing functions
2018-12-17T22:50:47.042234508Z	9	PC: 12b03 \| Display string (String= 'Size change=+0200h/00512d. Virus might be activ? ')
2018-12-17T22:50:47.048467927Z	76	PC: 12b09 \| Terminate with return code (Return code = '1')