Sample viewer

vx.netlux.org/Virus.DOS.Dimon.1051

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:50:38.679299863Z	9	PC: 12b15 \| Display string (Could not find end pointer)
2018-12-17T22:50:38.684624506Z	26	PC: 12b2b \| Set disk transfer address
2018-12-17T22:50:38.686559982Z	78	PC: 12b6d \| Find first file
2018-12-17T22:50:38.693836192Z	61	PC: 12b8d \| Open file (Filename = 'Ń.‹Ă¸')
2018-12-17T22:50:38.701846921Z	63	PC: 12b9f \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:50:38.709016029Z	66	PC: 12bcf \| Move file pointer
2018-12-17T22:50:38.710938561Z	64	PC: 12be2 \| Write file or device (Write 1458 bytes on handle 5)
2018-12-17T22:50:38.727192827Z	62	PC: 12beb \| Close file
2018-12-17T22:50:38.736457873Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:38.739946497Z	61	PC: 12b8d \| Open file (Filename = 'Ń.‹Ă¸')
2018-12-17T22:50:38.753377629Z	63	PC: 12b9f \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:50:38.760853744Z	62	PC: 12beb \| Close file
2018-12-17T22:50:38.763112849Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:38.766749661Z	61	PC: 12b8d \| Open file (Filename = 'Ń.‹Ă¸')
2018-12-17T22:50:38.781119708Z	63	PC: 12b9f \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:50:38.790283163Z	66	PC: 12bcf \| Move file pointer
2018-12-17T22:50:38.792198801Z	64	PC: 12be2 \| Write file or device (Write 1143 bytes on handle 5)
2018-12-17T22:50:38.80332818Z	62	PC: 12beb \| Close file
2018-12-17T22:50:38.812769717Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:38.81608744Z	61	PC: 12b8d \| Open file (Filename = 'Ń.‹Ă¸')
2018-12-17T22:50:38.824512407Z	63	PC: 12b9f \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:50:38.83140177Z	62	PC: 12beb \| Close file
2018-12-17T22:50:38.833519448Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:38.838164555Z	61	PC: 12b8d \| Open file (Filename = 'Ń.‹Ă¸')
2018-12-17T22:50:38.845096338Z	63	PC: 12b9f \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:50:38.852301133Z	62	PC: 12beb \| Close file
2018-12-17T22:50:38.855430532Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:38.858493516Z	61	PC: 12b8d \| Open file (Filename = 'Ń.‹Ă¸')
2018-12-17T22:50:38.865525637Z	63	PC: 12b9f \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:50:38.873673985Z	66	PC: 12bcf \| Move file pointer
2018-12-17T22:50:38.8766946Z	64	PC: 12be2 \| Write file or device (Write 1552 bytes on handle 5)
2018-12-17T22:50:38.886664039Z	62	PC: 12beb \| Close file
2018-12-17T22:50:38.896689724Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:38.900127633Z	61	PC: 12b8d \| Open file (Filename = 'Ń.‹Ă¸')
2018-12-17T22:50:38.90807835Z	63	PC: 12b9f \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:50:38.916172245Z	62	PC: 12beb \| Close file
2018-12-17T22:50:38.918306234Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:38.921372805Z	78	PC: 12b6d \| Find first file
2018-12-17T22:50:38.928477993Z	61	PC: 12b8d \| Open file (Filename = 'Ń.‹Ă¸')
2018-12-17T22:50:38.935551402Z	63	PC: 12b9f \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:50:38.950610443Z	66	PC: 12bcf \| Move file pointer
2018-12-17T22:50:38.952502277Z	64	PC: 12be2 \| Write file or device (Write 55696 bytes on handle 5)
2018-12-17T22:50:39.29760634Z	62	PC: 12beb \| Close file
2018-12-17T22:50:39.306074619Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:39.309182157Z	78	PC: 12b6d \| Find first file
2018-12-17T22:50:39.317648442Z	78	PC: 12b6d \| Find first file
2018-12-17T22:50:39.330369921Z	61	PC: 12b8d \| Open file (Filename = 'Ń.‹Ă¸')
2018-12-17T22:50:39.339150217Z	63	PC: 12b9f \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:50:39.345841567Z	62	PC: 12beb \| Close file
2018-12-17T22:50:39.3478709Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:39.35120851Z	61	PC: 12b8d \| Open file (Filename = 'Ń.‹Ă¸')
2018-12-17T22:50:39.359159297Z	63	PC: 12b9f \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:50:39.370455789Z	62	PC: 12beb \| Close file
2018-12-17T22:50:39.372488368Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:39.376876692Z	61	PC: 12b8d \| Open file (Filename = 'Ń.‹Ă¸')
2018-12-17T22:50:39.38630782Z	63	PC: 12b9f \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:50:39.39597451Z	66	PC: 12bcf \| Move file pointer
2018-12-17T22:50:39.398810438Z	64	PC: 12be2 \| Write file or device (Write 16801 bytes on handle 5)
2018-12-17T22:50:39.410072576Z	62	PC: 12beb \| Close file
2018-12-17T22:50:39.418183814Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:39.425630273Z	61	PC: 12b8d \| Open file (Filename = 'Ń.‹Ă¸')
2018-12-17T22:50:39.432087785Z	63	PC: 12b9f \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:50:39.439253256Z	62	PC: 12beb \| Close file
2018-12-17T22:50:39.442233595Z	79	PC: 12bf6 \| Find next file
2018-12-17T22:50:39.450618748Z	78	PC: 12b6d \| Find first file
2018-12-17T22:50:39.456084005Z	78	PC: 12b6d \| Find first file
2018-12-17T22:50:39.462994518Z	78	PC: 12b6d \| Find first file
2018-12-17T22:50:39.469743648Z	26	PC: 12c12 \| Set disk transfer address
2018-12-17T22:50:39.472501598Z	9	PC: 12a85 \| Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat F400H bytes long ')
2018-12-17T22:50:39.479306102Z	0	PC: 12a89 \| Program terminate