Sample viewer

vx.netlux.org/Virus.DOS.Gisela.702

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:33:20.111970644Z	250	PC: 15161 \| UNKNOWN!
2018-12-17T22:33:20.113219366Z	53	PC: 15169 \| Get interrupt vector (Interrupt = '22' AKA 'Create or truncate file')
2018-12-17T22:33:20.114348406Z	74	PC: 15185 \| Reallocate memory
2018-12-17T22:33:20.115561814Z	72	PC: 1518b \| Allocate memory
2018-12-17T22:33:20.117704559Z	53	PC: 151ba \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:33:20.118811825Z	37	PC: 151ce \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:33:20.119913013Z	53	PC: 9fa98 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:33:20.122178752Z	37	PC: 9fab4 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:33:20.123251571Z	67	PC: 9fac0 \| Get or set file attributes
2018-12-17T22:33:20.128270069Z	67	PC: 9fad1 \| Get or set file attributes
2018-12-17T22:33:20.468784592Z	61	PC: 9fadb \| Open file (Filename = '')
2018-12-17T22:33:20.473241688Z	87	PC: 9faed \| Get or set file date and time
2018-12-17T22:33:20.474561283Z	63	PC: 9fb09 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:33:20.476992409Z	66	PC: 9fb1f \| Move file pointer
2018-12-17T22:33:20.478421691Z	66	PC: 9fb42 \| Move file pointer
2018-12-17T22:33:20.47961298Z	63	PC: 9fb54 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:33:20.482348683Z	64	PC: 9fb6d \| Write file or device (Write 702 bytes on handle 5)
2018-12-17T22:33:20.49169254Z	66	PC: 9fb7b \| Move file pointer
2018-12-17T22:33:20.492687429Z	64	PC: 9fb8d \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:33:20.494496216Z	87	PC: 9fba6 \| Get or set file date and time
2018-12-17T22:33:20.495922984Z	62	PC: 9fbb0 \| Close file
2018-12-17T22:33:20.500766705Z	67	PC: 9fbc1 \| Get or set file attributes
2018-12-17T22:33:20.506520978Z	37	PC: 151db \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:33:20.508266385Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=00002710h/0000010000d bytes. ')
2018-12-17T22:33:20.512904886Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')