Sample viewer

vx.netlux.org/Virus.DOS.Exeovl.578

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:38:29.389862548Z	53	PC: 1424c \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:38:29.391512251Z	37	PC: 14260 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:38:29.392823307Z	71	PC: 1426a \| Get current directory
2018-12-17T22:38:29.396132642Z	26	PC: 14272 \| Set disk transfer address
2018-12-17T22:38:29.397897997Z	78	PC: 14289 \| Find first file
2018-12-17T22:38:29.403886497Z	67	PC: 142c0 \| Get or set file attributes
2018-12-17T22:38:29.414729207Z	67	PC: 142cc \| Get or set file attributes
2018-12-17T22:38:29.433147604Z	61	PC: 142d5 \| Open file (Filename = '')
2018-12-17T22:38:29.445117785Z	87	PC: 142db \| Get or set file date and time
2018-12-17T22:38:29.447464139Z	63	PC: 142f0 \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:38:29.453664409Z	87	PC: 143ca \| Get or set file date and time
2018-12-17T22:38:29.45506552Z	62	PC: 143ce \| Close file
2018-12-17T22:38:29.462245295Z	67	PC: 143dc \| Get or set file attributes
2018-12-17T22:38:29.473265326Z	79	PC: 142a6 \| Find next file
2018-12-17T22:38:29.475660582Z	78	PC: 14293 \| Find first file
2018-12-17T22:38:29.481661852Z	59	PC: 1429d \| Change current directory
2018-12-17T22:38:29.485752516Z	37	PC: 143fa \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:38:29.486777408Z	59	PC: 14417 \| Change current directory
2018-12-17T22:38:29.489116835Z	26	PC: 1441e \| Set disk transfer address
2018-12-17T22:38:29.490103476Z	9	PC: 12a82 \| Display string (String= 'Goat file (EXE). Size=000019DCh/0000006620d bytes. ')
2018-12-17T22:38:29.493944078Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')