Sample viewer

vx.netlux.org/Virus.DOS.Exeovl.577

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:47:45.658235627Z	53	PC: 1424c \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:45.660719203Z	37	PC: 14260 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:45.662151544Z	71	PC: 1426a \| Get current directory
2018-12-17T22:47:45.665244143Z	26	PC: 14272 \| Set disk transfer address
2018-12-17T22:47:45.66677549Z	78	PC: 14289 \| Find first file
2018-12-17T22:47:45.67498285Z	67	PC: 142c0 \| Get or set file attributes
2018-12-17T22:47:45.68169511Z	67	PC: 142cc \| Get or set file attributes
2018-12-17T22:47:45.698448485Z	61	PC: 142d5 \| Open file (Filename = '')
2018-12-17T22:47:45.712816047Z	87	PC: 142db \| Get or set file date and time
2018-12-17T22:47:45.714565223Z	63	PC: 142f0 \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:47:45.721481656Z	87	PC: 143c9 \| Get or set file date and time
2018-12-17T22:47:45.724184083Z	62	PC: 143cd \| Close file
2018-12-17T22:47:45.731855506Z	67	PC: 143db \| Get or set file attributes
2018-12-17T22:47:45.742730086Z	79	PC: 142a6 \| Find next file
2018-12-17T22:47:45.746468028Z	78	PC: 14293 \| Find first file
2018-12-17T22:47:45.751663389Z	59	PC: 1429d \| Change current directory
2018-12-17T22:47:45.755003684Z	37	PC: 143f9 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:47:45.756769822Z	59	PC: 14416 \| Change current directory
2018-12-17T22:47:45.758467942Z	26	PC: 1441d \| Set disk transfer address
2018-12-17T22:47:45.75961625Z	9	PC: 12a82 \| Display string (String= 'Goat file (EXE). Size=000019DCh/0000006620d bytes. ')
2018-12-17T22:47:45.763650479Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')