Sample viewer

vx.netlux.org/Virus.DOS.Timid.303.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:57:14.387674354Z 26 PC: 13e55 | Set disk transfer address
2018-12-17T22:57:14.389775593Z 78 PC: 13ea1 | Find first file
2018-12-17T22:57:14.396015229Z 61 PC: 13eb9 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:57:14.400649359Z 63 PC: 13ec8 | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:57:14.406952994Z 62 PC: 13ecd | Close file
2018-12-17T22:57:14.410249977Z 61 PC: 13ef4 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:57:14.422773137Z 66 PC: 13f04 | Move file pointer
2018-12-17T22:57:14.424932031Z 64 PC: 13f13 | Write file or device (Write 303 bytes on handle 5)
2018-12-17T22:57:14.440205046Z 66 PC: 13f25 | Move file pointer
2018-12-17T22:57:14.44148614Z 64 PC: 13f33 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:57:14.448127573Z 66 PC: 13f40 | Move file pointer
2018-12-17T22:57:14.450131215Z 64 PC: 13f66 | Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:57:14.453046484Z 62 PC: 13f6e | Close file
2018-12-17T22:57:14.464149002Z 9 PC: 13e6a | Display string (String= 'SLEEP.COM')
2018-12-17T22:57:14.46768741Z 26 PC: 13e71 | Set disk transfer address
2018-12-17T22:57:14.46897279Z 9 PC: 12a85 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:57:14.475265926Z 0 PC: 12a89 | Program terminate