Sample viewer

vx.netlux.org/Virus.DOS.Sandworm.1542

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:14:23.791914309Z 47 PC: 12da1 | Get disk transfer address
2018-12-17T22:14:23.793546331Z 26 PC: 12db2 | Set disk transfer address
2018-12-17T22:14:23.794717508Z 9 PC: 12dbb | Display string (String= 'Wormsign ! ')
2018-12-17T22:14:23.797242645Z 25 PC: 12deb | Get default drive
2018-12-17T22:14:23.798607328Z 78 PC: 12e00 | Find first file
2018-12-17T22:14:23.802326507Z 79 PC: 1300e | Find next file
2018-12-17T22:14:23.803946417Z 79 PC: 1300e | Find next file
2018-12-17T22:14:23.806265872Z 79 PC: 1300e | Find next file
2018-12-17T22:14:23.808344631Z 79 PC: 1300e | Find next file
2018-12-17T22:14:23.809881844Z 79 PC: 1300e | Find next file
2018-12-17T22:14:23.811434691Z 79 PC: 1300e | Find next file
2018-12-17T22:14:23.814242632Z 79 PC: 1300e | Find next file
2018-12-17T22:14:23.815822161Z 67 PC: 12e26 | Get or set file attributes
2018-12-17T22:14:23.819192861Z 67 PC: 12e31 | Get or set file attributes
2018-12-17T22:14:23.832176364Z 61 PC: 12e3b | Open file (Filename = 'TEST.COM')
2018-12-17T22:14:23.83676531Z 63 PC: 12e54 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:14:23.838448262Z 62 PC: 12ff4 | Close file
2018-12-17T22:14:23.840606049Z 67 PC: 13002 | Get or set file attributes
2018-12-17T22:14:23.852153361Z 79 PC: 1300e | Find next file
2018-12-17T22:14:23.855104183Z 14 PC: 13034 | Set default drive (Drive = 'A')
2018-12-17T22:14:23.856700246Z 26 PC: 13043 | Set disk transfer address