Sample viewer

vx.netlux.org/Virus.DOS.Amoeba.1392

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:13:50.562864128Z 53 PC: 13f4e | Get interrupt vector (Interrupt = '16' AKA 'Close file')
2018-12-17T22:13:50.564996158Z 37 PC: 13f62 | Set interrupt vector (Interrupt = '16' AKA 'Close file')
2018-12-17T22:13:50.566693112Z 53 PC: 13f67 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:13:50.568119572Z 37 PC: 13f7b | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:13:50.569845494Z 53 PC: 13f80 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:13:50.571578422Z 37 PC: 13f94 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:13:50.573058405Z 53 PC: 13f4e | Get interrupt vector (Interrupt = '16' AKA 'Close file')
2018-12-17T22:13:50.574528566Z 37 PC: 13f62 | Set interrupt vector (Interrupt = '16' AKA 'Close file')
2018-12-17T22:13:50.575845057Z 53 PC: 13f67 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:13:50.577425042Z 37 PC: 13f7b | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:13:50.578752632Z 53 PC: 13f80 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:13:50.580346966Z 37 PC: 13f94 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:13:50.58231311Z 53 PC: 13f4e | Get interrupt vector (Interrupt = '16' AKA 'Close file')
2018-12-17T22:13:50.583811471Z 37 PC: 13f62 | Set interrupt vector (Interrupt = '16' AKA 'Close file')
2018-12-17T22:13:50.585650503Z 53 PC: 13f67 | Get interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:13:50.587106723Z 37 PC: 13f7b | Set interrupt vector (Interrupt = '28' AKA 'Get allocation info for specified drive')
2018-12-17T22:13:50.58852279Z 53 PC: 13f80 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:13:50.59058939Z 37 PC: 13f94 | Set interrupt vector (Interrupt = '33' AKA 'Random read')