Sample viewer

vx.netlux.org/Virus.DOS.Khizhnjak-based.Hihi.551

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:06:23.017603404Z	78	PC: 13a1c \| Find first file
2018-12-17T23:06:23.024568071Z	61	PC: 13a52 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:06:23.031326789Z	63	PC: 13a66 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:06:23.037755576Z	66	PC: 13a78 \| Move file pointer
2018-12-17T23:06:23.040008062Z	66	PC: 13aad \| Move file pointer
2018-12-17T23:06:23.041766618Z	63	PC: 13abd \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:06:23.044282645Z	66	PC: 13ae6 \| Move file pointer
2018-12-17T23:06:23.046373905Z	64	PC: 13af7 \| Write file or device (Write 543 bytes on handle 5)
2018-12-17T23:06:23.060529118Z	66	PC: 13b06 \| Move file pointer
2018-12-17T23:06:23.062100056Z	64	PC: 13b16 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:06:23.068777971Z	62	PC: 13a29 \| Close file
2018-12-17T23:06:23.076957168Z	79	PC: 13a33 \| Find next file
2018-12-17T23:06:23.080519145Z	61	PC: 13a52 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:06:23.090905707Z	63	PC: 13a66 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:06:23.09730749Z	66	PC: 13a78 \| Move file pointer
2018-12-17T23:06:23.098657852Z	66	PC: 13aad \| Move file pointer
2018-12-17T23:06:23.099962101Z	63	PC: 13abd \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:06:23.102841748Z	66	PC: 13ae6 \| Move file pointer
2018-12-17T23:06:23.104435268Z	64	PC: 13af7 \| Write file or device (Write 543 bytes on handle 5)
2018-12-17T23:06:23.112437639Z	66	PC: 13b06 \| Move file pointer
2018-12-17T23:06:23.114962064Z	64	PC: 13b16 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:06:23.121481991Z	62	PC: 13a29 \| Close file
2018-12-17T23:06:23.12965967Z	79	PC: 13a33 \| Find next file
2018-12-17T23:06:23.133423062Z	61	PC: 13a52 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:06:23.140097287Z	63	PC: 13a66 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:06:23.146652622Z	66	PC: 13a78 \| Move file pointer
2018-12-17T23:06:23.149877372Z	66	PC: 13aad \| Move file pointer
2018-12-17T23:06:23.151453175Z	63	PC: 13abd \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:06:23.153976507Z	66	PC: 13ae6 \| Move file pointer
2018-12-17T23:06:23.156892303Z	64	PC: 13af7 \| Write file or device (Write 543 bytes on handle 5)
2018-12-17T23:06:23.165429776Z	66	PC: 13b06 \| Move file pointer
2018-12-17T23:06:23.167119446Z	64	PC: 13b16 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:06:23.174209081Z	62	PC: 13a29 \| Close file
2018-12-17T23:06:23.185206385Z	79	PC: 13a33 \| Find next file
2018-12-17T23:06:23.188332242Z	61	PC: 13a52 \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:06:23.196186946Z	63	PC: 13a66 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:06:23.202766583Z	66	PC: 13a78 \| Move file pointer
2018-12-17T23:06:23.204502946Z	66	PC: 13aad \| Move file pointer
2018-12-17T23:06:23.207006157Z	63	PC: 13abd \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:06:23.209734174Z	66	PC: 13ae6 \| Move file pointer
2018-12-17T23:06:23.211421217Z	64	PC: 13af7 \| Write file or device (Write 543 bytes on handle 5)
2018-12-17T23:06:23.219993051Z	66	PC: 13b06 \| Move file pointer
2018-12-17T23:06:23.222788044Z	64	PC: 13b16 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:06:23.229443255Z	62	PC: 13a29 \| Close file
2018-12-17T23:06:23.238026339Z	79	PC: 13a33 \| Find next file
2018-12-17T23:06:23.241024588Z	61	PC: 13a52 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:06:23.247380011Z	63	PC: 13a66 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:06:23.253844813Z	66	PC: 13a78 \| Move file pointer
2018-12-17T23:06:23.256837052Z	66	PC: 13aad \| Move file pointer
2018-12-17T23:06:23.258308518Z	63	PC: 13abd \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:06:23.260822573Z	66	PC: 13ae6 \| Move file pointer
2018-12-17T23:06:23.262754215Z	64	PC: 13af7 \| Write file or device (Write 543 bytes on handle 5)
2018-12-17T23:06:23.272242099Z	66	PC: 13b06 \| Move file pointer
2018-12-17T23:06:23.273854835Z	64	PC: 13b16 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:06:23.28162624Z	62	PC: 13a29 \| Close file
2018-12-17T23:06:23.493086931Z	79	PC: 13a33 \| Find next file
2018-12-17T23:06:23.496277803Z	61	PC: 13a52 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:06:23.504294422Z	63	PC: 13a66 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:06:23.525665299Z	66	PC: 13a78 \| Move file pointer
2018-12-17T23:06:23.526688586Z	66	PC: 13aad \| Move file pointer
2018-12-17T23:06:23.528206152Z	63	PC: 13abd \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:06:23.530135724Z	66	PC: 13ae6 \| Move file pointer
2018-12-17T23:06:23.53128638Z	64	PC: 13af7 \| Write file or device (Write 543 bytes on handle 5)
2018-12-17T23:06:23.619436381Z	66	PC: 13b06 \| Move file pointer
2018-12-17T23:06:23.620875302Z	64	PC: 13b16 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:06:23.623632918Z	62	PC: 13a29 \| Close file
2018-12-17T23:06:23.632695514Z	79	PC: 13a33 \| Find next file
2018-12-17T23:06:23.634678599Z	61	PC: 13a52 \| Open file (Filename = 'PAH.COM')
2018-12-17T23:06:23.638728323Z	63	PC: 13a66 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:06:23.64356927Z	66	PC: 13a78 \| Move file pointer
2018-12-17T23:06:23.644768756Z	66	PC: 13aad \| Move file pointer
2018-12-17T23:06:23.645891915Z	63	PC: 13abd \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:06:23.648271141Z	66	PC: 13ae6 \| Move file pointer
2018-12-17T23:06:23.649458598Z	64	PC: 13af7 \| Write file or device (Write 543 bytes on handle 5)
2018-12-17T23:06:23.654677392Z	66	PC: 13b06 \| Move file pointer
2018-12-17T23:06:23.656026495Z	64	PC: 13b16 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:06:23.660613549Z	62	PC: 13a29 \| Close file
2018-12-17T23:06:23.666048197Z	79	PC: 13a33 \| Find next file
2018-12-17T23:06:23.668192071Z	61	PC: 13a52 \| Open file (Filename = 'TEST.COM')
2018-12-17T23:06:23.672786493Z	63	PC: 13a66 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:06:23.674683329Z	66	PC: 13a78 \| Move file pointer
2018-12-17T23:06:23.67611199Z	66	PC: 13aad \| Move file pointer
2018-12-17T23:06:23.677635037Z	63	PC: 13abd \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T23:06:23.679314212Z	62	PC: 13a29 \| Close file
2018-12-17T23:06:23.680648967Z	79	PC: 13a33 \| Find next file
2018-12-17T23:06:23.682809132Z	62	PC: 13b2d \| Close file
2018-12-17T23:06:23.683938907Z	9	PC: 12a47 \| Display string (String= 'This is research file by Duke/SMF')
2018-12-17T23:06:23.685546595Z	76	PC: 12a4b \| Terminate with return code (Return code = '36')