Sample viewer

vx.netlux.org/Virus.DOS.CivilWar.Darkray.465

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:57:36.081442902Z	9	PC: 12a54 \| Display string (String= 'This file contains a virus!!! Please COLD-boot from a write protected system disk and use you anti virus software!!!')
2018-12-17T22:57:36.088520637Z	47	PC: 12a62 \| Get disk transfer address
2018-12-17T22:57:36.090270891Z	26	PC: 12a74 \| Set disk transfer address
2018-12-17T22:57:36.091854185Z	78	PC: 12a83 \| Find first file
2018-12-17T22:57:36.098887116Z	61	PC: 12a8e \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:57:36.106702115Z	63	PC: 12a9d \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:57:36.113629938Z	66	PC: 12aab \| Move file pointer
2018-12-17T22:57:36.115060789Z	79	PC: 12a83 \| Find next file
2018-12-17T22:57:36.118588934Z	61	PC: 12a8e \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:57:36.125957383Z	63	PC: 12a9d \| Read file or device (Read 4 bytes on handle 6)
2018-12-17T22:57:36.133251645Z	66	PC: 12aab \| Move file pointer
2018-12-17T22:57:36.135961371Z	79	PC: 12a83 \| Find next file
2018-12-17T22:57:36.140011396Z	61	PC: 12a8e \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:57:36.147644291Z	63	PC: 12a9d \| Read file or device (Read 4 bytes on handle 7)
2018-12-17T22:57:36.155294175Z	66	PC: 12aab \| Move file pointer
2018-12-17T22:57:36.156916189Z	79	PC: 12a83 \| Find next file
2018-12-17T22:57:36.159949636Z	61	PC: 12a8e \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:57:36.169034336Z	63	PC: 12a9d \| Read file or device (Read 4 bytes on handle 8)
2018-12-17T22:57:36.176930795Z	66	PC: 12aab \| Move file pointer
2018-12-17T22:57:36.178715211Z	79	PC: 12a83 \| Find next file
2018-12-17T22:57:36.181926333Z	61	PC: 12a8e \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:57:36.189868659Z	63	PC: 12a9d \| Read file or device (Read 4 bytes on handle 9)
2018-12-17T22:57:36.196807347Z	66	PC: 12aab \| Move file pointer
2018-12-17T22:57:36.199110617Z	79	PC: 12a83 \| Find next file
2018-12-17T22:57:36.206626154Z	61	PC: 12a8e \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:57:36.215003814Z	63	PC: 12a9d \| Read file or device (Read 4 bytes on handle 10)
2018-12-17T22:57:36.222149437Z	66	PC: 12aab \| Move file pointer
2018-12-17T22:57:36.224701909Z	79	PC: 12a83 \| Find next file
2018-12-17T22:57:36.227532206Z	61	PC: 12a8e \| Open file (Filename = 'PAH.COM')
2018-12-17T22:57:36.234773939Z	63	PC: 12a9d \| Read file or device (Read 4 bytes on handle 11)
2018-12-17T22:57:36.242609699Z	66	PC: 12aab \| Move file pointer
2018-12-17T22:57:36.244306589Z	79	PC: 12a83 \| Find next file
2018-12-17T22:57:36.247354952Z	61	PC: 12a8e \| Open file (Filename = 'TEST.COM')
2018-12-17T22:57:36.256721557Z	63	PC: 12a9d \| Read file or device (Read 4 bytes on handle 12)
2018-12-17T22:57:36.259688346Z	79	PC: 12a83 \| Find next file
2018-12-17T22:57:36.262859562Z	26	PC: 12af7 \| Set disk transfer address