Sample viewer

vx.netlux.org/Virus.DOS.Hidenowt.1741.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:27:51.260406765Z	53	PC: 13adf \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:27:51.262284863Z	61	PC: 13ca6 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:27:51.26958902Z	66	PC: 13ca6 \| Move file pointer
2018-12-17T22:27:51.291318589Z	66	PC: 13ca6 \| Move file pointer
2018-12-17T22:27:51.293003515Z	63	PC: 13ca6 \| Read file or device (Read 6 bytes on handle 5)
2018-12-17T22:27:51.29629559Z	62	PC: 13ca6 \| Close file
2018-12-17T22:27:51.314118405Z	51	PC: 13ca6 \| Get or set Ctrl-Break
2018-12-17T22:27:51.31507076Z	51	PC: 13ca6 \| Get or set Ctrl-Break
2018-12-17T22:27:51.316003118Z	67	PC: 13ca6 \| Get or set file attributes
2018-12-17T22:27:51.321919232Z	61	PC: 13ca6 \| Open file (Filename = '�')
2018-12-17T22:27:51.342797186Z	87	PC: 13ca6 \| Get or set file date and time
2018-12-17T22:27:51.344833743Z	63	PC: 13ca6 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:27:51.34823313Z	66	PC: 13ca6 \| Move file pointer
2018-12-17T22:27:51.351194758Z	64	PC: 13ca6 \| Write file or device (Write 1752 bytes on handle 5)
2018-12-17T22:27:51.708170615Z	66	PC: 13ca6 \| Move file pointer
2018-12-17T22:27:51.709863097Z	64	PC: 13ca6 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:27:51.714237721Z	87	PC: 13ca6 \| Get or set file date and time
2018-12-17T22:27:51.716283683Z	62	PC: 13ca6 \| Close file
2018-12-17T22:27:51.743255537Z	51	PC: 13ca6 \| Get or set Ctrl-Break
2018-12-17T22:27:51.745765661Z	47	PC: 13ca6 \| Get disk transfer address
2018-12-17T22:27:51.748274805Z	9	PC: 12a82 \| Display string (String= 'Goat file (EXE). Size=000011A0h/0000004512d bytes. ')
2018-12-17T22:27:51.769381474Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')