Sample viewer

vx.netlux.org/Virus.DOS.Gollum.758

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:52:36.019527944Z	26	PC: 13c93 \| Set disk transfer address
2018-12-17T22:52:36.02082236Z	25	PC: 13c97 \| Get default drive
2018-12-17T22:52:36.021812939Z	67	PC: 13ca2 \| Get or set file attributes
2018-12-17T22:52:36.027467164Z	14	PC: 13caa \| Set default drive (Drive = 'C')
2018-12-17T22:52:36.029486221Z	71	PC: 13cb3 \| Get current directory
2018-12-17T22:52:36.031899231Z	59	PC: 13cba \| Change current directory
2018-12-17T22:52:36.040673394Z	91	PC: 13d4f \| Create new file
2018-12-17T22:52:36.408005179Z	64	PC: 13d5d \| Write file or device (Write 37 bytes on handle 5)
2018-12-17T22:52:36.420853917Z	87	PC: 13d67 \| Get or set file date and time
2018-12-17T22:52:36.422462993Z	62	PC: 13d6b \| Close file
2018-12-17T22:52:36.433301572Z	78	PC: 13d72 \| Find first file
2018-12-17T22:52:36.44493836Z	86	PC: 13e1a \| Rename file
2018-12-17T22:52:36.457965107Z	67	PC: 13e27 \| Get or set file attributes
2018-12-17T22:52:36.469409389Z	61	PC: 13e2c \| Open file (Filename = 'GOLLUM')
2018-12-17T22:52:36.476655545Z	63	PC: 13e37 \| Read file or device (Read 24 bytes on handle 5)
2018-12-17T22:52:36.479795482Z	66	PC: 13e92 \| Move file pointer
2018-12-17T22:52:36.482413248Z	64	PC: 13eb1 \| Write file or device (Write 758 bytes on handle 5)
2018-12-17T22:52:36.492317521Z	66	PC: 13eb9 \| Move file pointer
2018-12-17T22:52:36.498283563Z	64	PC: 13ec2 \| Write file or device (Write 24 bytes on handle 5)
2018-12-17T22:52:36.504745693Z	87	PC: 13ed0 \| Get or set file date and time
2018-12-17T22:52:36.506572606Z	62	PC: 13ed4 \| Close file
2018-12-17T22:52:36.513230888Z	86	PC: 13edf \| Rename file
2018-12-17T22:52:36.524771286Z	60	PC: 13d7e \| Create or truncate file
2018-12-17T22:52:36.536816728Z	64	PC: 13d8b \| Write file or device (Write 11 bytes on handle 5)
2018-12-17T22:52:36.54093476Z	87	PC: 13d95 \| Get or set file date and time
2018-12-17T22:52:36.542781248Z	62	PC: 13d99 \| Close file
2018-12-17T22:52:36.553784085Z	59	PC: 13cc4 \| Change current directory
2018-12-17T22:52:36.557424569Z	25	PC: 13d0d \| Get default drive
2018-12-17T22:52:36.55854922Z	78	PC: 13d1a \| Find first file
2018-12-17T22:52:36.565159983Z	79	PC: 13d1a \| Find next file
2018-12-17T22:52:36.569800319Z	79	PC: 13d1a \| Find next file
2018-12-17T22:52:36.572743891Z	79	PC: 13d1a \| Find next file
2018-12-17T22:52:36.576407735Z	79	PC: 13d1a \| Find next file
2018-12-17T22:52:36.579015954Z	79	PC: 13d1a \| Find next file
2018-12-17T22:52:36.581650194Z	59	PC: 13d02 \| Change current directory
2018-12-17T22:52:36.584231114Z	14	PC: 13d08 \| Set default drive (Drive = 'A')
2018-12-17T22:52:36.586232525Z	9	PC: 12a82 \| Display string (String= 'Goat file (EXE). Size=00001401h/0000005121d bytes. ')
2018-12-17T22:52:36.590656897Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')