Sample viewer

vx.netlux.org/Virus.DOS.V.887

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:06:57.705576681Z	71	PC: 12be3 \| Get current directory
2018-12-17T23:06:57.708924305Z	47	PC: 12bec \| Get disk transfer address
2018-12-17T23:06:57.711257451Z	78	PC: 12af6 \| Find first file
2018-12-17T23:06:57.717622667Z	67	PC: 12c99 \| Get or set file attributes
2018-12-17T23:06:57.732037937Z	67	PC: 12cad \| Get or set file attributes
2018-12-17T23:06:57.750256235Z	61	PC: 12b0b \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:06:57.765416707Z	67	PC: 12cc9 \| Get or set file attributes
2018-12-17T23:06:57.778783655Z	87	PC: 12cd8 \| Get or set file date and time
2018-12-17T23:06:57.782032944Z	63	PC: 12b2a \| Read file or device (Read 887 bytes on handle 5)
2018-12-17T23:06:57.795036028Z	66	PC: 12b53 \| Move file pointer
2018-12-17T23:06:57.797097984Z	59	PC: 12d13 \| Change current directory
2018-12-17T23:06:57.803327115Z	64	PC: 12b3f \| Write file or device (Write 887 bytes on handle 5)
2018-12-17T23:06:57.81311246Z	66	PC: 12b53 \| Move file pointer
2018-12-17T23:06:57.81509088Z	64	PC: 12b3f \| Write file or device (Write 407 bytes on handle 5)
2018-12-17T23:06:57.824983267Z	87	PC: 12d5d \| Get or set file date and time
2018-12-17T23:06:57.82716077Z	62	PC: 12b19 \| Close file
2018-12-17T23:06:57.836626485Z	67	PC: 12d6f \| Get or set file attributes
2018-12-17T23:06:57.849122337Z	53	PC: 12b65 \| Get interrupt vector (Interrupt = '21' AKA 'Sequential write')
2018-12-17T23:06:57.852197147Z	72	PC: 12b78 \| Allocate memory
2018-12-17T23:06:57.855104803Z	74	PC: 12b92 \| Reallocate memory
2018-12-17T23:06:57.858868629Z	72	PC: 12b78 \| Allocate memory
2018-12-17T23:06:57.867458647Z	37	PC: 12bbc \| Set interrupt vector (Interrupt = '21' AKA 'Sequential write')
2018-12-17T23:06:57.869584834Z	9	PC: 12a85 \| Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T23:06:57.875309987Z	0	PC: 12a89 \| Program terminate