Sample viewer

vx.netlux.org/Virus.DOS.Brontozavr.4096

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:59:26.511074596Z 170 PC: 12b9d | UNKNOWN!
2018-12-17T21:59:26.513250404Z 37 PC: 12be9 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:59:26.514777768Z 53 PC: 12bee | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:59:26.51625634Z 37 PC: 12bfe | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:59:26.518810072Z 53 PC: 12c03 | Get interrupt vector (Interrupt = '16' AKA 'Close file')
2018-12-17T21:59:26.520044016Z 37 PC: 12c13 | Set interrupt vector (Interrupt = '16' AKA 'Close file')
2018-12-17T21:59:26.521244853Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-17T21:59:26.52560395Z 76 PC: 12a86 | Terminate with return code (Return code = '36')