Sample viewer

vx.netlux.org/Virus.DOS.Hidenowt.1741.d

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:43:30.270981651Z	53	PC: 1bfcf \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:43:30.277012608Z	61	PC: 1c196 \| Open file (Filename = 'C:\COMMAND.COM')
2018-12-17T22:43:30.282128927Z	66	PC: 1c196 \| Move file pointer
2018-12-17T22:43:30.283519839Z	66	PC: 1c196 \| Move file pointer
2018-12-17T22:43:30.285296406Z	63	PC: 1c196 \| Read file or device (Read 6 bytes on handle 5)
2018-12-17T22:43:30.288241357Z	62	PC: 1c196 \| Close file
2018-12-17T22:43:30.290065153Z	51	PC: 1c196 \| Get or set Ctrl-Break
2018-12-17T22:43:30.293928939Z	51	PC: 1c196 \| Get or set Ctrl-Break
2018-12-17T22:43:30.298893815Z	67	PC: 1c196 \| Get or set file attributes
2018-12-17T22:43:30.303498543Z	61	PC: 1c196 \| Open file (Filename = '�')
2018-12-17T22:43:30.308229869Z	87	PC: 1c196 \| Get or set file date and time
2018-12-17T22:43:30.310103598Z	63	PC: 1c196 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:43:30.312285706Z	66	PC: 1c196 \| Move file pointer
2018-12-17T22:43:30.313595386Z	64	PC: 1c196 \| Write file or device (Write 1752 bytes on handle 5)
2018-12-17T22:43:30.655860778Z	66	PC: 1c196 \| Move file pointer
2018-12-17T22:43:30.660824882Z	64	PC: 1c196 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:43:30.664449549Z	87	PC: 1c196 \| Get or set file date and time
2018-12-17T22:43:30.668282999Z	62	PC: 1c196 \| Close file
2018-12-17T22:43:30.677260761Z	51	PC: 1c196 \| Get or set Ctrl-Break
2018-12-17T22:43:30.67907537Z	47	PC: 1c196 \| Get disk transfer address
2018-12-17T22:43:30.685521335Z	74	PC: 12ad7 \| Reallocate memory
2018-12-17T22:43:30.688246865Z	76	PC: 12aff \| Terminate with return code (Return code = '0')