Sample viewer

vx.netlux.org/Virus.DOS.ExComBat.3093

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:59:28.114626767Z	26	PC: 13eb0 \| Set disk transfer address
2018-12-17T22:59:28.116817612Z	78	PC: 13efb \| Find first file
2018-12-17T22:59:28.122758081Z	78	PC: 13f6c \| Find first file
2018-12-17T22:59:28.128434231Z	67	PC: 13f89 \| Get or set file attributes
2018-12-17T22:59:28.144565367Z	61	PC: 13f92 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:59:28.152122977Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.154111942Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.155996667Z	63	PC: 13fc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:28.166858291Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.168801164Z	64	PC: 13ff2 \| Write file or device (Write 3093 bytes on handle 5)
2018-12-17T22:59:28.193414152Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.196590875Z	64	PC: 14000 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:28.208662948Z	87	PC: 1400d \| Get or set file date and time
2018-12-17T22:59:28.211259029Z	62	PC: 14017 \| Close file
2018-12-17T22:59:28.222674486Z	67	PC: 14027 \| Get or set file attributes
2018-12-17T22:59:28.234539631Z	79	PC: 14035 \| Find next file
2018-12-17T22:59:28.238196766Z	67	PC: 13f89 \| Get or set file attributes
2018-12-17T22:59:28.249980923Z	61	PC: 13f92 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:59:28.258848094Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.261386202Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.263626773Z	63	PC: 13fc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:28.27275728Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.27455288Z	64	PC: 13ff2 \| Write file or device (Write 3093 bytes on handle 5)
2018-12-17T22:59:28.283986348Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.286413124Z	64	PC: 14000 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:28.294134567Z	87	PC: 1400d \| Get or set file date and time
2018-12-17T22:59:28.296016965Z	62	PC: 14017 \| Close file
2018-12-17T22:59:28.305782876Z	67	PC: 14027 \| Get or set file attributes
2018-12-17T22:59:28.317191721Z	79	PC: 14035 \| Find next file
2018-12-17T22:59:28.320253387Z	67	PC: 13f89 \| Get or set file attributes
2018-12-17T22:59:28.332551567Z	61	PC: 13f92 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:59:28.341311598Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.343965442Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.347475506Z	63	PC: 13fc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:28.354990846Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.367706132Z	64	PC: 13ff2 \| Write file or device (Write 3093 bytes on handle 5)
2018-12-17T22:59:28.38005195Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.382185453Z	64	PC: 14000 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:28.389976385Z	87	PC: 1400d \| Get or set file date and time
2018-12-17T22:59:28.392062857Z	62	PC: 14017 \| Close file
2018-12-17T22:59:28.40154776Z	67	PC: 14027 \| Get or set file attributes
2018-12-17T22:59:28.413214051Z	79	PC: 14035 \| Find next file
2018-12-17T22:59:28.416585214Z	67	PC: 13f89 \| Get or set file attributes
2018-12-17T22:59:28.429498176Z	61	PC: 13f92 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:59:28.437036869Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.438713603Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.441394222Z	63	PC: 13fc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:28.448653212Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.450903893Z	64	PC: 13ff2 \| Write file or device (Write 3093 bytes on handle 5)
2018-12-17T22:59:28.461615552Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.46355074Z	64	PC: 14000 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:28.471690445Z	87	PC: 1400d \| Get or set file date and time
2018-12-17T22:59:28.474348622Z	62	PC: 14017 \| Close file
2018-12-17T22:59:28.483765049Z	67	PC: 14027 \| Get or set file attributes
2018-12-17T22:59:28.495472925Z	79	PC: 14035 \| Find next file
2018-12-17T22:59:28.499943336Z	67	PC: 13f89 \| Get or set file attributes
2018-12-17T22:59:28.512504425Z	61	PC: 13f92 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:59:28.520332871Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.522332072Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.524761797Z	63	PC: 13fc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:28.534799349Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.537481689Z	64	PC: 13ff2 \| Write file or device (Write 3093 bytes on handle 5)
2018-12-17T22:59:28.548537154Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.550192471Z	64	PC: 14000 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:28.557531446Z	87	PC: 1400d \| Get or set file date and time
2018-12-17T22:59:28.560292711Z	62	PC: 14017 \| Close file
2018-12-17T22:59:28.569472262Z	67	PC: 14027 \| Get or set file attributes
2018-12-17T22:59:28.580671798Z	79	PC: 14035 \| Find next file
2018-12-17T22:59:28.584880943Z	67	PC: 13f89 \| Get or set file attributes
2018-12-17T22:59:28.596426652Z	61	PC: 13f92 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:59:28.604972768Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.607221754Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.610018718Z	63	PC: 13fc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:28.617496066Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.619462194Z	64	PC: 13ff2 \| Write file or device (Write 3093 bytes on handle 5)
2018-12-17T22:59:28.630440684Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.632384452Z	64	PC: 14000 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:28.63743308Z	87	PC: 1400d \| Get or set file date and time
2018-12-17T22:59:28.63931526Z	62	PC: 14017 \| Close file
2018-12-17T22:59:28.644770908Z	67	PC: 14027 \| Get or set file attributes
2018-12-17T22:59:28.655894963Z	79	PC: 14035 \| Find next file
2018-12-17T22:59:28.659692651Z	67	PC: 13f89 \| Get or set file attributes
2018-12-17T22:59:28.671580453Z	61	PC: 13f92 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:59:28.679707178Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.682416092Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.684168432Z	63	PC: 13fc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:28.691548774Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.693484666Z	64	PC: 13ff2 \| Write file or device (Write 3093 bytes on handle 5)
2018-12-17T22:59:28.704122031Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.705765891Z	64	PC: 14000 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:28.713630926Z	87	PC: 1400d \| Get or set file date and time
2018-12-17T22:59:28.715935959Z	62	PC: 14017 \| Close file
2018-12-17T22:59:28.724793525Z	67	PC: 14027 \| Get or set file attributes
2018-12-17T22:59:28.736564882Z	79	PC: 14035 \| Find next file
2018-12-17T22:59:28.74098374Z	67	PC: 13f89 \| Get or set file attributes
2018-12-17T22:59:28.752383805Z	61	PC: 13f92 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:59:28.759960004Z	66	PC: 14243 \| Move file pointer
2018-12-17T22:59:28.762641242Z	66	PC: 1424d \| Move file pointer
2018-12-17T22:59:28.764282814Z	63	PC: 13fc4 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:59:28.767528966Z	62	PC: 14017 \| Close file
2018-12-17T22:59:28.770560211Z	67	PC: 14027 \| Get or set file attributes
2018-12-17T22:59:28.781833415Z	79	PC: 14035 \| Find next file
2018-12-17T22:59:28.784820397Z	78	PC: 14050 \| Find first file
2018-12-17T22:59:28.792663026Z	78	PC: 141da \| Find first file
2018-12-17T22:59:28.805206698Z	26	PC: 13ec3 \| Set disk transfer address
2018-12-17T22:59:28.806860376Z	9	PC: 12a85 \| Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:59:28.813540067Z	0	PC: 12a89 \| Program terminate