Sample viewer

vx.netlux.org/Virus.DOS.Voronezh.1536.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:22:42.513684Z 53 PC: 1330f | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:42.514705421Z 182 PC: 13314 | UNKNOWN!
2018-12-17T22:22:42.515901855Z 171 PC: 1331d | UNKNOWN!
2018-12-17T22:22:42.516744099Z 37 PC: 1335a | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:22:42.517915302Z 53 PC: 1335f | Get interrupt vector (Interrupt = '23' AKA 'Rename file')
2018-12-17T22:22:42.52786506Z 37 PC: 13377 | Set interrupt vector (Interrupt = '23' AKA 'Rename file')
2018-12-17T22:22:42.528735627Z 53 PC: 1337c | Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:22:42.529590121Z 37 PC: 13391 | Set interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:22:42.53106597Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/....). Size=00000834h/0000002100d bytes. ')
2018-12-17T22:22:42.536996547Z 48 PC: 12a8f | Get DOS version
2018-12-17T22:22:42.538321659Z 67 PC: 9f6d1 | Get or set file attributes
2018-12-17T22:22:42.544481456Z 54 PC: 9f6eb | Get free disk space
2018-12-17T22:22:42.562507969Z 67 PC: 9f700 | Get or set file attributes
2018-12-17T22:22:42.6020314Z 61 PC: 9f705 | Open file (Filename = '')
2018-12-17T22:22:42.609649895Z 87 PC: 9f71e | Get or set file date and time
2018-12-17T22:22:42.611623823Z 63 PC: 9f77b | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:22:42.61424689Z 66 PC: 9f951 | Move file pointer
2018-12-17T22:22:42.615677554Z 87 PC: 9f921 | Get or set file date and time
2018-12-17T22:22:42.617560864Z 62 PC: 9f925 | Close file
2018-12-17T22:22:42.624360319Z 67 PC: 9f92d | Get or set file attributes
2018-12-17T22:22:42.633601871Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-17T22:22:42.64065623Z 93 PC: 12afe | File sharing functions
2018-12-17T22:22:42.642748411Z 9 PC: 12a86 | Display string (String= 'Size change=0600h/01536d. ')
2018-12-17T22:22:42.646893783Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')