Sample viewer

vx.netlux.org/Virus.DOS.Sandworm.1703

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:06:21.895455898Z 47 PC: 12da1 | Get disk transfer address
2018-12-17T23:06:21.896323289Z 26 PC: 12db2 | Set disk transfer address
2018-12-17T23:06:21.897843129Z 9 PC: 12dbb | Display string (String= 'Wormsign ! ')
2018-12-17T23:06:21.902304151Z 25 PC: 12e71 | Get default drive
2018-12-17T23:06:21.903422573Z 78 PC: 12e86 | Find first file
2018-12-17T23:06:21.911106786Z 79 PC: 13094 | Find next file
2018-12-17T23:06:21.915795229Z 79 PC: 13094 | Find next file
2018-12-17T23:06:21.917710125Z 79 PC: 13094 | Find next file
2018-12-17T23:06:21.920162752Z 79 PC: 13094 | Find next file
2018-12-17T23:06:21.922123976Z 79 PC: 13094 | Find next file
2018-12-17T23:06:21.924159681Z 79 PC: 13094 | Find next file
2018-12-17T23:06:21.926646785Z 79 PC: 13094 | Find next file
2018-12-17T23:06:21.928613709Z 67 PC: 12eac | Get or set file attributes
2018-12-17T23:06:21.932462265Z 67 PC: 12eb7 | Get or set file attributes
2018-12-17T23:06:21.948011172Z 61 PC: 12ec1 | Open file (Filename = '')
2018-12-17T23:06:21.952882987Z 63 PC: 12eda | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:06:21.957030868Z 62 PC: 1307a | Close file
2018-12-17T23:06:21.960164094Z 67 PC: 13088 | Get or set file attributes
2018-12-17T23:06:21.971687612Z 79 PC: 13094 | Find next file
2018-12-17T23:06:21.974382358Z 14 PC: 130ba | Set default drive (Drive = 'A')
2018-12-17T23:06:21.975451813Z 26 PC: 130c9 | Set disk transfer address