Sample viewer

vx.netlux.org/Virus.DOS.Calu.2429

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:57:49.280952394Z	42	PC: 15774 \| Get date 0x15774: ret 0x15775: jmp 0x17e85 0x15778: jmp 0x17e78 0x1577b: cmp bp, word ptr [0x6f72] 0x1577f: insw word ptr es:[di], dx 0x15780: add byte ptr [bx + si], dl 0x15782: daa 0x15783: add byte ptr [bx + si], al 0x15785: call 0x15a38 0x15788: mov al, byte ptr cs:[bp + 0x403] 0x1578d: ret 0x1578e: call 0x15a38 0x15791: mov ax, word ptr cs:[bp + 0x402] 0x15796: ret 0x15797: pushaw 0x15798: push ds 0x15799: push es 0x1579a: push bx 0x1579b: mov si, bp 0x1579d: sub si, 0x656
2018-12-17T22:57:49.28413041Z	78	PC: 15774 \| Find first file
2018-12-17T22:57:49.291314666Z	61	PC: 15774 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:57:49.298368154Z	63	PC: 15774 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:57:49.306492481Z	66	PC: 15774 \| Move file pointer
2018-12-17T22:57:49.308275568Z	79	PC: 15774 \| Find next file
2018-12-17T22:57:49.311184976Z	61	PC: 15774 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:57:49.318108597Z	63	PC: 15774 \| Read file or device (Read 3 bytes on handle 6)
2018-12-17T22:57:49.32513028Z	66	PC: 15774 \| Move file pointer
2018-12-17T22:57:49.326774416Z	79	PC: 15774 \| Find next file
2018-12-17T22:57:49.329673881Z	61	PC: 15774 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:57:49.336981645Z	63	PC: 15774 \| Read file or device (Read 3 bytes on handle 7)
2018-12-17T22:57:49.343161441Z	66	PC: 15774 \| Move file pointer
2018-12-17T22:57:49.344263222Z	79	PC: 15774 \| Find next file
2018-12-17T22:57:49.346576403Z	61	PC: 15774 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:57:49.350638454Z	63	PC: 15774 \| Read file or device (Read 3 bytes on handle 8)
2018-12-17T22:57:49.354628315Z	66	PC: 15774 \| Move file pointer
2018-12-17T22:57:49.356969839Z	79	PC: 15774 \| Find next file
2018-12-17T22:57:49.35879689Z	61	PC: 15774 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:57:49.362825687Z	63	PC: 15774 \| Read file or device (Read 3 bytes on handle 9)
2018-12-17T22:57:49.367355245Z	66	PC: 15774 \| Move file pointer
2018-12-17T22:57:49.368549433Z	79	PC: 15774 \| Find next file
2018-12-17T22:57:49.370342212Z	61	PC: 15774 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:57:49.375035782Z	63	PC: 15774 \| Read file or device (Read 3 bytes on handle 10)
2018-12-17T22:57:49.378996473Z	66	PC: 15774 \| Move file pointer
2018-12-17T22:57:49.380087626Z	79	PC: 15774 \| Find next file
2018-12-17T22:57:49.38247322Z	61	PC: 15774 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:57:49.386534748Z	63	PC: 15774 \| Read file or device (Read 3 bytes on handle 11)
2018-12-17T22:57:49.390465965Z	66	PC: 15774 \| Move file pointer
2018-12-17T22:57:49.392050742Z	79	PC: 15774 \| Find next file
2018-12-17T22:57:49.393866451Z	61	PC: 15774 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:57:49.39790921Z	63	PC: 15774 \| Read file or device (Read 3 bytes on handle 12)
2018-12-17T22:57:49.399883198Z	66	PC: 15774 \| Move file pointer
2018-12-17T22:57:49.404255909Z	64	PC: 15774 \| Write file or device (Write 2429 bytes on handle 12)
2018-12-17T22:57:49.415406846Z	66	PC: 15774 \| Move file pointer
2018-12-17T22:57:49.41726937Z	64	PC: 15774 \| Write file or device (Write 3 bytes on handle 12)
2018-12-17T22:57:49.419150556Z	87	PC: 15774 \| Get or set file date and time
2018-12-17T22:57:49.42019246Z	87	PC: 15774 \| Get or set file date and time
2018-12-17T22:57:49.421492945Z	62	PC: 15774 \| Close file
2018-12-17T22:57:49.42649897Z	9	PC: 1514b \| Display string (String= 'Generic triage goat. ')
2018-12-17T22:57:49.430985126Z	76	PC: 15150 \| Terminate with return code (Return code = '0')