Sample viewer

vx.netlux.org/Virus.DOS.Cryptel.260

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:59:46.433858048Z	26	PC: 13e60 \| Set disk transfer address
2018-12-17T22:59:46.435873167Z	78	PC: 13e6a \| Find first file
2018-12-17T22:59:46.441665095Z	47	PC: 13e83 \| Get disk transfer address
2018-12-17T22:59:46.442720477Z	61	PC: 13e91 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:59:46.449464435Z	63	PC: 13e9d \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:59:46.455951358Z	66	PC: 13ebc \| Move file pointer
2018-12-17T22:59:46.457239467Z	64	PC: 13ed1 \| Write file or device (Write 260 bytes on handle 5)
2018-12-17T22:59:46.470551275Z	66	PC: 13ed9 \| Move file pointer
2018-12-17T22:59:46.472086935Z	64	PC: 13ee9 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:59:46.478480759Z	62	PC: 13eed \| Close file
2018-12-17T22:59:46.486193171Z	79	PC: 13e73 \| Find next file
2018-12-17T22:59:46.489335276Z	47	PC: 13e83 \| Get disk transfer address
2018-12-17T22:59:46.490350732Z	61	PC: 13e91 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:59:46.496474483Z	63	PC: 13e9d \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:59:46.503016408Z	66	PC: 13ebc \| Move file pointer
2018-12-17T22:59:46.504245351Z	64	PC: 13ed1 \| Write file or device (Write 260 bytes on handle 5)
2018-12-17T22:59:46.506651555Z	66	PC: 13ed9 \| Move file pointer
2018-12-17T22:59:46.508246619Z	64	PC: 13ee9 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:59:46.510597533Z	62	PC: 13eed \| Close file
2018-12-17T22:59:46.517776299Z	79	PC: 13e73 \| Find next file
2018-12-17T22:59:46.520819384Z	47	PC: 13e83 \| Get disk transfer address
2018-12-17T22:59:46.521706725Z	61	PC: 13e91 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:59:46.527689825Z	63	PC: 13e9d \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:59:46.534066099Z	66	PC: 13ebc \| Move file pointer
2018-12-17T22:59:46.535579193Z	64	PC: 13ed1 \| Write file or device (Write 260 bytes on handle 5)
2018-12-17T22:59:46.538415052Z	66	PC: 13ed9 \| Move file pointer
2018-12-17T22:59:46.54735698Z	64	PC: 13ee9 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:59:46.550688256Z	62	PC: 13eed \| Close file
2018-12-17T22:59:46.558048467Z	79	PC: 13e73 \| Find next file
2018-12-17T22:59:46.560951226Z	47	PC: 13e83 \| Get disk transfer address
2018-12-17T22:59:46.562025959Z	61	PC: 13e91 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:59:46.568109415Z	63	PC: 13e9d \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:59:46.574485217Z	66	PC: 13ebc \| Move file pointer
2018-12-17T22:59:46.575827518Z	64	PC: 13ed1 \| Write file or device (Write 260 bytes on handle 5)
2018-12-17T22:59:46.578308507Z	66	PC: 13ed9 \| Move file pointer
2018-12-17T22:59:46.579943854Z	64	PC: 13ee9 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:59:46.582388019Z	62	PC: 13eed \| Close file
2018-12-17T22:59:46.590327167Z	79	PC: 13e73 \| Find next file
2018-12-17T22:59:46.593293907Z	47	PC: 13e83 \| Get disk transfer address
2018-12-17T22:59:46.594078735Z	61	PC: 13e91 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:59:46.598229461Z	63	PC: 13e9d \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:59:46.602756252Z	66	PC: 13ebc \| Move file pointer
2018-12-17T22:59:46.604172672Z	64	PC: 13ed1 \| Write file or device (Write 260 bytes on handle 5)
2018-12-17T22:59:46.606725296Z	66	PC: 13ed9 \| Move file pointer
2018-12-17T22:59:46.607945271Z	64	PC: 13ee9 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:59:46.610443949Z	62	PC: 13eed \| Close file
2018-12-17T22:59:46.618137629Z	79	PC: 13e73 \| Find next file
2018-12-17T22:59:46.620502889Z	47	PC: 13e83 \| Get disk transfer address
2018-12-17T22:59:46.62181843Z	61	PC: 13e91 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:59:46.627994728Z	63	PC: 13e9d \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:59:46.63420107Z	66	PC: 13ebc \| Move file pointer
2018-12-17T22:59:46.635793614Z	64	PC: 13ed1 \| Write file or device (Write 260 bytes on handle 5)
2018-12-17T22:59:46.643461995Z	66	PC: 13ed9 \| Move file pointer
2018-12-17T22:59:46.644639016Z	64	PC: 13ee9 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:59:46.650874414Z	62	PC: 13eed \| Close file
2018-12-17T22:59:46.65857586Z	79	PC: 13e73 \| Find next file
2018-12-17T22:59:46.660822502Z	47	PC: 13e83 \| Get disk transfer address
2018-12-17T22:59:46.662610474Z	61	PC: 13e91 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:59:46.667553822Z	63	PC: 13e9d \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:59:46.675623575Z	66	PC: 13ebc \| Move file pointer
2018-12-17T22:59:46.679491477Z	64	PC: 13ed1 \| Write file or device (Write 260 bytes on handle 5)
2018-12-17T22:59:46.683826014Z	66	PC: 13ed9 \| Move file pointer
2018-12-17T22:59:46.685521259Z	64	PC: 13ee9 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:59:46.689280722Z	62	PC: 13eed \| Close file
2018-12-17T22:59:46.697322317Z	79	PC: 13e73 \| Find next file
2018-12-17T22:59:46.700466027Z	47	PC: 13e83 \| Get disk transfer address
2018-12-17T22:59:46.702392923Z	61	PC: 13e91 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:59:46.709685933Z	63	PC: 13e9d \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:59:46.712214527Z	62	PC: 13eed \| Close file
2018-12-17T22:59:46.714392472Z	79	PC: 13e73 \| Find next file
2018-12-17T22:59:46.716679973Z	9	PC: 12a85 \| Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:59:46.721907356Z	0	PC: 12a89 \| Program terminate