Sample viewer

vx.netlux.org/Virus.DOS.Khizhnjak.1610

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:11:30.370477665Z	37	PC: 13ef5 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:30.373086388Z	37	PC: 13efd \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:11:30.374531197Z	25	PC: 13f1d \| Get default drive
2018-12-17T23:11:30.375530865Z	71	PC: 13f2e \| Get current directory
2018-12-17T23:11:30.378853624Z	78	PC: 13f60 \| Find first file
2018-12-17T23:11:30.384678246Z	60	PC: 14143 \| Create or truncate file
2018-12-17T23:11:30.403222122Z	65	PC: 14149 \| Delete file (Filename = '')
2018-12-17T23:11:30.414617706Z	78	PC: 1426f \| Find first file
2018-12-17T23:11:30.420219729Z	78	PC: 1419f \| Find first file
2018-12-17T23:11:30.430270222Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.433386317Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.435714065Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.437868865Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.439863697Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.442418843Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.44419549Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.445895628Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.461974615Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.46932114Z	60	PC: 14143 \| Create or truncate file
2018-12-17T23:11:30.817395837Z	65	PC: 14149 \| Delete file (Filename = '')
2018-12-17T23:11:30.827304564Z	14	PC: 14153 \| Set default drive (Drive = 'C')
2018-12-17T23:11:30.828906424Z	59	PC: 1415d \| Change current directory
2018-12-17T23:11:30.832656539Z	78	PC: 14204 \| Find first file
2018-12-17T23:11:30.838731417Z	78	PC: 1419f \| Find first file
2018-12-17T23:11:30.844376295Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.846992567Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.850625852Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.853313337Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.856187243Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.860275613Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.862312003Z	79	PC: 141a8 \| Find next file
2018-12-17T23:11:30.863971905Z	60	PC: 14143 \| Create or truncate file
2018-12-17T23:11:30.866144309Z	60	PC: 14143 \| Create or truncate file
2018-12-17T23:11:30.867818059Z	14	PC: 13ff0 \| Set default drive (Drive = 'A')
2018-12-17T23:11:30.868722625Z	59	PC: 13ffa \| Change current directory
2018-12-17T23:11:30.871395196Z	59	PC: 14008 \| Change current directory
2018-12-17T23:11:30.873227336Z	9	PC: 12a85 \| Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T23:11:30.876438474Z	0	PC: 12a89 \| Program terminate