Sample viewer

vx.netlux.org/Virus.DOS.Fist.862

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:45:26.418527931Z	48	PC: 13e48 \| Get DOS version
2018-12-17T22:45:26.421444715Z	255	PC: 13e51 \| UNKNOWN!
2018-12-17T22:45:26.422902464Z	53	PC: 9f5f1 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:26.424938063Z	37	PC: 9f5f1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:26.427716106Z	54	PC: 9f5f1 \| Get free disk space
2018-12-17T22:45:26.439164078Z	67	PC: 9f5f1 \| Get or set file attributes
2018-12-17T22:45:26.446022798Z	67	PC: 9f5f1 \| Get or set file attributes
2018-12-17T22:45:26.781664146Z	61	PC: 9f5f1 \| Open file (Filename = '�!��!PSQ�ێË��J�!�>su3�>')
2018-12-17T22:45:26.790514139Z	63	PC: 9f5f1 \| Read file or device (Read 27 bytes on handle 5)
2018-12-17T22:45:26.79405666Z	66	PC: 9f5f1 \| Move file pointer
2018-12-17T22:45:26.797113214Z	87	PC: 9f5f1 \| Get or set file date and time
2018-12-17T22:45:26.801160414Z	64	PC: 9f5f1 \| Write file or device (Write 862 bytes on handle 5)
2018-12-17T22:45:26.812704141Z	66	PC: 9f5f1 \| Move file pointer
2018-12-17T22:45:26.815459599Z	64	PC: 9f5f1 \| Write file or device (Write 27 bytes on handle 5)
2018-12-17T22:45:26.820262479Z	87	PC: 9f5f1 \| Get or set file date and time
2018-12-17T22:45:26.836373993Z	62	PC: 9f5f1 \| Close file
2018-12-17T22:45:27.147497135Z	67	PC: 9f5f1 \| Get or set file attributes
2018-12-17T22:45:27.159082779Z	37	PC: 9f5f1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:45:27.163381794Z	9	PC: 12a85 \| Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:45:27.17012418Z	0	PC: 12a89 \| Program terminate