Sample viewer

vx.netlux.org/Virus.DOS.DAN.Octubre.1784

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:15:59.743684219Z	68	PC: 13e8a \| I/O control for devices (Set for = '')
2018-12-17T23:15:59.745737539Z	53	PC: 13f0e \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:15:59.746811451Z	72	PC: 13f44 \| Allocate memory
2018-12-17T23:15:59.748341678Z	74	PC: 13f60 \| Reallocate memory
2018-12-17T23:15:59.750332665Z	72	PC: 13f44 \| Allocate memory
2018-12-17T23:15:59.752049645Z	98	PC: 13f9a \| Get current PSP
2018-12-17T23:15:59.753170267Z	61	PC: 9f18d \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T23:15:59.760133979Z	53	PC: 9f2ee \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:15:59.761578913Z	37	PC: 9f2fe \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:15:59.763019025Z	67	PC: 9f4ae \| Get or set file attributes
2018-12-17T23:15:59.769563746Z	65	PC: 9f4b2 \| Delete file (Filename = '�!�P�k')
2018-12-17T23:15:59.775240046Z	67	PC: 9f4ae \| Get or set file attributes
2018-12-17T23:15:59.780727169Z	65	PC: 9f4b2 \| Delete file (Filename = '��')
2018-12-17T23:15:59.786778943Z	63	PC: 9f315 \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:15:59.789307228Z	64	PC: 9f4a2 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:15:59.792732445Z	64	PC: 9f4a2 \| Write file or device (Write 1784 bytes on handle 5)
2018-12-17T23:16:00.129628543Z	37	PC: 9f3a2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:16:00.130954304Z	62	PC: 13fc5 \| Close file
2018-12-17T23:16:00.138584164Z	9	PC: 12a85 \| Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T23:16:00.144205421Z	0	PC: 12a89 \| Program terminate