Sample viewer

vx.netlux.org/Virus.DOS.Da.282.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:55:15.822374988Z 78 PC: 13e85 | Find first file
2018-12-17T22:55:15.828671948Z 61 PC: 13ea1 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:55:15.835093768Z 63 PC: 13eae | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:15.841292695Z 66 PC: 13ec8 | Move file pointer
2018-12-17T22:55:15.843124435Z 63 PC: 13ed5 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:55:15.845045653Z 66 PC: 13eed | Move file pointer
2018-12-17T22:55:15.846098269Z 64 PC: 13f05 | Write file or device (Write 282 bytes on handle 5)
2018-12-17T22:55:15.857891256Z 66 PC: 13f0e | Move file pointer
2018-12-17T22:55:15.859682727Z 64 PC: 13f1a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:15.867020521Z 62 PC: 13f1e | Close file
2018-12-17T22:55:15.875950856Z 79 PC: 13f27 | Find next file
2018-12-17T22:55:15.879166608Z 61 PC: 13ea1 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:55:15.886128348Z 63 PC: 13eae | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:15.893320321Z 66 PC: 13ec8 | Move file pointer
2018-12-17T22:55:15.895300907Z 63 PC: 13ed5 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:55:15.898202277Z 66 PC: 13eed | Move file pointer
2018-12-17T22:55:15.900050684Z 64 PC: 13f05 | Write file or device (Write 282 bytes on handle 5)
2018-12-17T22:55:15.903858319Z 66 PC: 13f0e | Move file pointer
2018-12-17T22:55:15.905366684Z 64 PC: 13f1a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:15.908116271Z 62 PC: 13f1e | Close file
2018-12-17T22:55:15.916540949Z 79 PC: 13f27 | Find next file
2018-12-17T22:55:15.919688838Z 61 PC: 13ea1 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:55:15.92661059Z 63 PC: 13eae | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:15.934198744Z 66 PC: 13ec8 | Move file pointer
2018-12-17T22:55:15.935606219Z 63 PC: 13ed5 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:55:15.943894546Z 66 PC: 13eed | Move file pointer
2018-12-17T22:55:15.946104623Z 64 PC: 13f05 | Write file or device (Write 282 bytes on handle 5)
2018-12-17T22:55:15.948983479Z 66 PC: 13f0e | Move file pointer
2018-12-17T22:55:15.950673446Z 64 PC: 13f1a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:15.954671591Z 62 PC: 13f1e | Close file
2018-12-17T22:55:15.962517039Z 79 PC: 13f27 | Find next file
2018-12-17T22:55:15.965152653Z 61 PC: 13ea1 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:55:15.972274495Z 63 PC: 13eae | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:15.978630295Z 66 PC: 13ec8 | Move file pointer
2018-12-17T22:55:15.980017883Z 63 PC: 13ed5 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:55:15.982938065Z 66 PC: 13eed | Move file pointer
2018-12-17T22:55:15.984497399Z 64 PC: 13f05 | Write file or device (Write 282 bytes on handle 5)
2018-12-17T22:55:15.98723696Z 66 PC: 13f0e | Move file pointer
2018-12-17T22:55:15.98867799Z 64 PC: 13f1a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:15.991867184Z 62 PC: 13f1e | Close file
2018-12-17T22:55:15.999949025Z 79 PC: 13f27 | Find next file
2018-12-17T22:55:16.004337734Z 61 PC: 13ea1 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:55:16.011253571Z 63 PC: 13eae | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:16.017543597Z 66 PC: 13ec8 | Move file pointer
2018-12-17T22:55:16.018935759Z 63 PC: 13ed5 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:55:16.022113034Z 66 PC: 13eed | Move file pointer
2018-12-17T22:55:16.023963829Z 64 PC: 13f05 | Write file or device (Write 282 bytes on handle 5)
2018-12-17T22:55:16.027027844Z 66 PC: 13f0e | Move file pointer
2018-12-17T22:55:16.02899372Z 64 PC: 13f1a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:16.031583974Z 62 PC: 13f1e | Close file
2018-12-17T22:55:16.039173627Z 79 PC: 13f27 | Find next file
2018-12-17T22:55:16.042608437Z 61 PC: 13ea1 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:55:16.048950115Z 63 PC: 13eae | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:16.055188313Z 66 PC: 13ec8 | Move file pointer
2018-12-17T22:55:16.057457933Z 63 PC: 13ed5 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:55:16.060222076Z 66 PC: 13eed | Move file pointer
2018-12-17T22:55:16.062001489Z 64 PC: 13f05 | Write file or device (Write 282 bytes on handle 5)
2018-12-17T22:55:16.070677648Z 66 PC: 13f0e | Move file pointer
2018-12-17T22:55:16.072222964Z 64 PC: 13f1a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:16.079276651Z 62 PC: 13f1e | Close file
2018-12-17T22:55:16.088169604Z 79 PC: 13f27 | Find next file
2018-12-17T22:55:16.091092604Z 61 PC: 13ea1 | Open file (Filename = 'PAH.COM')
2018-12-17T22:55:16.097851725Z 63 PC: 13eae | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:16.105519217Z 66 PC: 13ec8 | Move file pointer
2018-12-17T22:55:16.107285741Z 63 PC: 13ed5 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:55:16.109986553Z 66 PC: 13eed | Move file pointer
2018-12-17T22:55:16.112553327Z 64 PC: 13f05 | Write file or device (Write 282 bytes on handle 5)
2018-12-17T22:55:16.115919736Z 66 PC: 13f0e | Move file pointer
2018-12-17T22:55:16.117587376Z 64 PC: 13f1a | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:55:16.121173625Z 62 PC: 13f1e | Close file
2018-12-17T22:55:16.129418452Z 79 PC: 13f27 | Find next file
2018-12-17T22:55:16.132284706Z 61 PC: 13ea1 | Open file (Filename = 'TEST.COM')
2018-12-17T22:55:16.13970798Z 63 PC: 13eae | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:55:16.143641582Z 66 PC: 13ec8 | Move file pointer
2018-12-17T22:55:16.145278551Z 63 PC: 13ed5 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:55:16.148999304Z 62 PC: 13f1e | Close file
2018-12-17T22:55:16.15086056Z 79 PC: 13f27 | Find next file
2018-12-17T22:55:16.153770259Z 9 PC: 12a85 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:55:16.159617853Z 0 PC: 12a89 | Program terminate