Sample viewer

vx.netlux.org/Virus.DOS.CrazyFrog.1477

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:44:57.125356269Z	11	PC: 140ee \| Get input status
2018-12-17T22:44:57.129174742Z	241	PC: 1411d \| UNKNOWN!
2018-12-17T22:44:57.130943764Z	74	PC: 1412c \| Reallocate memory
2018-12-17T22:44:57.133574401Z	74	PC: 14134 \| Reallocate memory
2018-12-17T22:44:57.135942594Z	72	PC: 1413b \| Allocate memory
2018-12-17T22:44:57.13846284Z	53	PC: 1414b \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:44:57.140439794Z	37	PC: 14174 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:44:57.142555709Z	48	PC: 12a63 \| Get DOS version
2018-12-17T22:44:57.14441142Z	9	PC: 12a7a \| Display string (String= ' --=[ Selfchecking AntiStealth Goat COM/EXE file, 01/06/01 ]=------------------ (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware ')
2018-12-17T22:44:57.155710873Z	67	PC: 9fba8 \| Get or set file attributes
2018-12-17T22:44:57.162973946Z	67	PC: 9fba8 \| Get or set file attributes
2018-12-17T22:44:57.454062061Z	61	PC: 9fba8 \| Open file (Filename = '��')
2018-12-17T22:44:57.46553801Z	87	PC: 9fba8 \| Get or set file date and time
2018-12-17T22:44:57.47050911Z	63	PC: 9fba8 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:44:57.47380028Z	87	PC: 9fba8 \| Get or set file date and time
2018-12-17T22:44:57.475823747Z	62	PC: 9fba8 \| Close file
2018-12-17T22:44:57.494404205Z	67	PC: 9fba8 \| Get or set file attributes
2018-12-17T22:44:57.527187059Z	61	PC: 12cb7 \| Open file (Filename = '')
2018-12-17T22:44:57.547028974Z	9	PC: 12a88 \| Display string (String= 'Self test: ')
2018-12-17T22:44:57.551622255Z	93	PC: 12b24 \| File sharing functions
2018-12-17T22:44:57.557001364Z	9	PC: 12b03 \| Display string (String= 'Size change=+05C5h/01477d. Virus might be activ? ')
2018-12-17T22:44:57.565826102Z	76	PC: 12b09 \| Terminate with return code (Return code = '1')