Sample viewer

vx.netlux.org/Virus.DOS.Intruder.2336

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:06:57.979123437Z 47 PC: 133ec | Get disk transfer address
2018-12-17T23:06:57.980844576Z 26 PC: 13400 | Set disk transfer address
2018-12-17T23:06:57.98287392Z 71 PC: 130c0 | Get current directory
2018-12-17T23:06:57.986129416Z 26 PC: 1313f | Set disk transfer address
2018-12-17T23:06:57.987510083Z 78 PC: 13153 | Find first file
2018-12-17T23:06:57.994803577Z 61 PC: 131f9 | Open file (Filename = '\TEST.EXE')
2018-12-17T23:06:58.002071721Z 63 PC: 1320a | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:06:58.005007914Z 66 PC: 1323b | Move file pointer
2018-12-17T23:06:58.007175598Z 63 PC: 13249 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T23:06:58.01472032Z 79 PC: 1316e | Find next file
2018-12-17T23:06:58.017507756Z 26 PC: 13180 | Set disk transfer address
2018-12-17T23:06:58.019791186Z 78 PC: 1318a | Find first file
2018-12-17T23:06:58.026950748Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.029292805Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.033789301Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.035993941Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.03904963Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.040314574Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.043906167Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.046028503Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.049783354Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.052056138Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.055138643Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.056520765Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.060020899Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.062440667Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.065406968Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.067114217Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.069846587Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.070986501Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.073665724Z 26 PC: 1313f | Set disk transfer address
2018-12-17T23:06:58.075020192Z 78 PC: 13153 | Find first file
2018-12-17T23:06:58.081597878Z 61 PC: 131f9 | Open file (Filename = '\TEST.EXE')
2018-12-17T23:06:58.088968289Z 63 PC: 1320a | Read file or device (Read 28 bytes on handle 6)
2018-12-17T23:06:58.092196829Z 66 PC: 1323b | Move file pointer
2018-12-17T23:06:58.093467116Z 63 PC: 13249 | Read file or device (Read 2 bytes on handle 6)
2018-12-17T23:06:58.096623219Z 79 PC: 1316e | Find next file
2018-12-17T23:06:58.10019049Z 26 PC: 13180 | Set disk transfer address
2018-12-17T23:06:58.101642943Z 78 PC: 1318a | Find first file
2018-12-17T23:06:58.108396338Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.111816768Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.114624934Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.115772869Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.119306786Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.120718377Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.123754544Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.126253514Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.12949476Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.131085765Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.146004982Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.147574357Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.150715014Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.152234169Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.155531263Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.156558672Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.159131839Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.160654563Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.16526211Z 71 PC: 130c0 | Get current directory
2018-12-17T23:06:58.16821986Z 26 PC: 1313f | Set disk transfer address
2018-12-17T23:06:58.170412284Z 78 PC: 13153 | Find first file
2018-12-17T23:06:58.176670693Z 61 PC: 131f9 | Open file (Filename = '\TEST.EXE')
2018-12-17T23:06:58.184410677Z 63 PC: 1320a | Read file or device (Read 28 bytes on handle 7)
2018-12-17T23:06:58.188179029Z 66 PC: 1323b | Move file pointer
2018-12-17T23:06:58.18974972Z 63 PC: 13249 | Read file or device (Read 2 bytes on handle 7)
2018-12-17T23:06:58.193366121Z 79 PC: 1316e | Find next file
2018-12-17T23:06:58.19688971Z 26 PC: 13180 | Set disk transfer address
2018-12-17T23:06:58.199615527Z 78 PC: 1318a | Find first file
2018-12-17T23:06:58.206201279Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.207523568Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.211290844Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.212503305Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.216085005Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.218647389Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.221754434Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.222949004Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.22652537Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.227926549Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.230873027Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.232538383Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.235792558Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.236920463Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.240324415Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.241442675Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.244141826Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.245478919Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.248482641Z 26 PC: 1313f | Set disk transfer address
2018-12-17T23:06:58.250095444Z 78 PC: 13153 | Find first file
2018-12-17T23:06:58.256642093Z 61 PC: 131f9 | Open file (Filename = '\TEST.EXE')
2018-12-17T23:06:58.263907981Z 63 PC: 1320a | Read file or device (Read 28 bytes on handle 8)
2018-12-17T23:06:58.26685592Z 66 PC: 1323b | Move file pointer
2018-12-17T23:06:58.268275883Z 63 PC: 13249 | Read file or device (Read 2 bytes on handle 8)
2018-12-17T23:06:58.272854741Z 79 PC: 1316e | Find next file
2018-12-17T23:06:58.275566366Z 26 PC: 13180 | Set disk transfer address
2018-12-17T23:06:58.276716716Z 78 PC: 1318a | Find first file
2018-12-17T23:06:58.283603359Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.284796175Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.288065354Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.28975368Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.292519723Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.293620818Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.29735251Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.298561591Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.301352648Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.30308681Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.305829122Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.307044301Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.317904172Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.319126885Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.321874421Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.323491126Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.32636106Z 26 PC: 131a3 | Set disk transfer address
2018-12-17T23:06:58.328015884Z 79 PC: 131a7 | Find next file
2018-12-17T23:06:58.337678275Z 87 PC: 13468 | Get or set file date and time
2018-12-17T23:06:58.33956298Z 62 PC: 13470 | Close file
2018-12-17T23:06:58.355121184Z 67 PC: 1347f | Get or set file attributes
2018-12-17T23:06:58.360973924Z 26 PC: 1340e | Set disk transfer address
2018-12-17T23:06:58.362303524Z 65 PC: 12a58 | Delete file (Filename = '� ��')
2018-12-17T23:06:58.368603942Z 76 PC: 12a5e | Terminate with return code (Return code = '0')