Sample viewer

vx.netlux.org/Virus.DOS.Exeovl.536

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:24:20.914161569Z	53	PC: 14246 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:24:20.915727736Z	37	PC: 1425a \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:24:20.917681194Z	71	PC: 14264 \| Get current directory
2018-12-17T22:24:20.921439893Z	26	PC: 1426c \| Set disk transfer address
2018-12-17T22:24:20.922610804Z	78	PC: 14281 \| Find first file
2018-12-17T22:24:20.929862721Z	67	PC: 142b6 \| Get or set file attributes
2018-12-17T22:24:20.936442993Z	67	PC: 142c1 \| Get or set file attributes
2018-12-17T22:24:20.952852135Z	61	PC: 142ca \| Open file (Filename = '')
2018-12-17T22:24:20.958512727Z	87	PC: 142d0 \| Get or set file date and time
2018-12-17T22:24:20.959599675Z	63	PC: 142e3 \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:24:20.961372546Z	87	PC: 143a6 \| Get or set file date and time
2018-12-17T22:24:20.962871193Z	62	PC: 143aa \| Close file
2018-12-17T22:24:20.967760745Z	67	PC: 143b7 \| Get or set file attributes
2018-12-17T22:24:20.974541133Z	79	PC: 1429e \| Find next file
2018-12-17T22:24:20.977376692Z	78	PC: 1428b \| Find first file
2018-12-17T22:24:20.981732456Z	59	PC: 14295 \| Change current directory
2018-12-17T22:24:20.987712887Z	37	PC: 143d4 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:24:20.9889596Z	59	PC: 143ed \| Change current directory
2018-12-17T22:24:20.990373936Z	26	PC: 143f4 \| Set disk transfer address
2018-12-17T22:24:20.992099434Z	9	PC: 12a82 \| Display string (String= 'Goat file (EXE). Size=000019DCh/0000006620d bytes. ')
2018-12-17T22:24:20.995087853Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')