Sample viewer

vx.netlux.org/Virus.DOS.Killme.1997

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:06:47.20135195Z	75	PC: 1df86 \| Execute program
2018-12-17T22:06:47.203211784Z	74	PC: 1df90 \| Reallocate memory
2018-12-17T22:06:47.205014606Z	74	PC: 1df99 \| Reallocate memory
2018-12-17T22:06:47.206495491Z	72	PC: 1dfa3 \| Allocate memory
2018-12-17T22:06:47.208107222Z	72	PC: 1dfb1 \| Allocate memory
2018-12-17T22:06:47.213506675Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000AF00h/0000044800d bytes. ')
2018-12-17T22:06:47.216050173Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')

{"DateBased":true,"Day":13,"Month":7,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1874,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:44:30.352188349Z	75	PC: 1df86 \| Execute program
2018-12-25T11:44:30.355509767Z	74	PC: 1df90 \| Reallocate memory
2018-12-25T11:44:30.357228565Z	74	PC: 1df99 \| Reallocate memory
2018-12-25T11:44:30.358689606Z	72	PC: 1dfa3 \| Allocate memory
2018-12-25T11:44:30.360886799Z	72	PC: 1dfb1 \| Allocate memory
2018-12-25T11:44:30.363079844Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000AF00h/0000044800d bytes. ')
2018-12-25T11:44:30.368754344Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')

{"DateBased":true,"Day":15,"Month":7,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1874,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:44:30.2970512Z	75	PC: 1df86 \| Execute program
2018-12-25T11:44:30.298466704Z	74	PC: 1df90 \| Reallocate memory
2018-12-25T11:44:30.299631102Z	74	PC: 1df99 \| Reallocate memory
2018-12-25T11:44:30.300621993Z	72	PC: 1dfa3 \| Allocate memory
2018-12-25T11:44:30.302252943Z	72	PC: 1dfb1 \| Allocate memory
2018-12-25T11:44:30.30500554Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000AF00h/0000044800d bytes. ')
2018-12-25T11:44:30.311398556Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1874,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:44:30.74028856Z	75	PC: 1df86 \| Execute program
2018-12-25T11:44:30.74953987Z	74	PC: 1df90 \| Reallocate memory
2018-12-25T11:44:30.751343209Z	74	PC: 1df99 \| Reallocate memory
2018-12-25T11:44:30.752805268Z	72	PC: 1dfa3 \| Allocate memory
2018-12-25T11:44:30.770627556Z	72	PC: 1dfb1 \| Allocate memory
2018-12-25T11:44:30.773258197Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000AF00h/0000044800d bytes. ')
2018-12-25T11:44:30.780136249Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')

{"DateBased":true,"Day":1,"Month":7,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":1874,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:44:30.889190927Z	75	PC: 1df86 \| Execute program
2018-12-25T11:44:30.890695009Z	74	PC: 1df90 \| Reallocate memory
2018-12-25T11:44:30.891839556Z	74	PC: 1df99 \| Reallocate memory
2018-12-25T11:44:30.892768483Z	72	PC: 1dfa3 \| Allocate memory
2018-12-25T11:44:30.894175141Z	72	PC: 1dfb1 \| Allocate memory
2018-12-25T11:44:30.895467923Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000AF00h/0000044800d bytes. ')
2018-12-25T11:44:30.898759101Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')