Sample viewer

vx.netlux.org/Virus.DOS.Ntit.1578

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:12:08.150212501Z	26	PC: 12fdb \| Set disk transfer address
2018-12-17T23:12:08.151877291Z	78	PC: 12fe5 \| Find first file
2018-12-17T23:12:08.159417901Z	61	PC: 12ff1 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:12:08.167076003Z	66	PC: 13008 \| Move file pointer
2018-12-17T23:12:08.171415182Z	63	PC: 13019 \| Read file or device (Read 20 bytes on handle 5)
2018-12-17T23:12:08.185963991Z	62	PC: 13024 \| Close file
2018-12-17T23:12:08.1884785Z	67	PC: 12e01 \| Get or set file attributes
2018-12-17T23:12:08.272027704Z	23	PC: 12e41 \| Rename file
2018-12-17T23:12:08.285184345Z	61	PC: 12e4b \| Open file (Filename = 'xxxxxxxx.vir')
2018-12-17T23:12:08.293730767Z	66	PC: 12e64 \| Move file pointer
2018-12-17T23:12:08.295973755Z	66	PC: 12e80 \| Move file pointer
2018-12-17T23:12:08.298516226Z	63	PC: 12e92 \| Read file or device (Read 407 bytes on handle 5)
2018-12-17T23:12:08.302872598Z	66	PC: 12ea7 \| Move file pointer
2018-12-17T23:12:08.305088545Z	64	PC: 12eb4 \| Write file or device (Write 407 bytes on handle 5)
2018-12-17T23:12:08.309994361Z	66	PC: 12f60 \| Move file pointer
2018-12-17T23:12:08.313293424Z	64	PC: 12f6e \| Write file or device (Write 500 bytes on handle 5)
2018-12-17T23:12:08.316998662Z	66	PC: 12f60 \| Move file pointer
2018-12-17T23:12:08.319231521Z	64	PC: 12f6e \| Write file or device (Write 500 bytes on handle 5)
2018-12-17T23:12:08.329974794Z	66	PC: 12f60 \| Move file pointer
2018-12-17T23:12:08.33226511Z	64	PC: 12f6e \| Write file or device (Write 500 bytes on handle 5)
2018-12-17T23:12:08.341330819Z	66	PC: 12f36 \| Move file pointer
2018-12-17T23:12:08.344278412Z	64	PC: 12f43 \| Write file or device (Write 78 bytes on handle 5)
2018-12-17T23:12:08.348304903Z	66	PC: 12f8a \| Move file pointer
2018-12-17T23:12:08.350367953Z	64	PC: 12f9b \| Write file or device (Write 2 bytes on handle 5)
2018-12-17T23:12:08.35972531Z	62	PC: 12fa6 \| Close file
2018-12-17T23:12:08.370175391Z	23	PC: 12fae \| Rename file
2018-12-17T23:12:08.382420437Z	67	PC: 12fbd \| Get or set file attributes
2018-12-17T23:12:08.393462813Z	87	PC: 12fd1 \| Get or set file date and time
2018-12-17T23:12:08.39599239Z	9	PC: 12a90 \| Display string (String= 'ATTENTION: This file had been infected by computer virus NTIT-2! ')
2018-12-17T23:12:08.404129161Z	76	PC: 12a94 \| Terminate with return code (Return code = '36')