Sample viewer

vx.netlux.org/Virus.DOS.Rikki.1787

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:09:43.336741762Z	47	PC: 12e0d \| Get disk transfer address
2018-12-17T22:09:43.338960444Z	26	PC: 12e1c \| Set disk transfer address
2018-12-17T22:09:43.340388385Z	78	PC: 12e59 \| Find first file
2018-12-17T22:09:43.346375596Z	26	PC: 12fbb \| Set disk transfer address
2018-12-17T22:09:43.348348446Z	25	PC: 12fbf \| Get default drive
2018-12-17T22:09:43.353723051Z	71	PC: 13004 \| Get current directory
2018-12-17T22:09:43.367365592Z	13	PC: 130a3 \| Disk reset
2018-12-17T22:09:43.377997024Z	67	PC: 12e7b \| Get or set file attributes
2018-12-17T22:09:43.386878253Z	67	PC: 12e83 \| Get or set file attributes
2018-12-17T22:09:43.396999107Z	61	PC: 12e88 \| Open file (Filename = 'SLEEP.CO�')
2018-12-17T22:09:43.409144298Z	66	PC: 12e93 \| Move file pointer
2018-12-17T22:09:43.410528502Z	66	PC: 12e9d \| Move file pointer
2018-12-17T22:09:43.412578977Z	63	PC: 12ea8 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:09:43.418688619Z	66	PC: 12ebc \| Move file pointer
2018-12-17T22:09:43.420761922Z	63	PC: 12ed3 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:09:43.423910562Z	66	PC: 12edc \| Move file pointer
2018-12-17T22:09:43.425338761Z	66	PC: 12ef9 \| Move file pointer
2018-12-17T22:09:43.428545943Z	64	PC: 12f07 \| Write file or device (Write 1787 bytes on handle 5)
2018-12-17T22:09:43.437378839Z	66	PC: 12f10 \| Move file pointer
2018-12-17T22:09:43.438651785Z	64	PC: 12f28 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:09:43.446355574Z	62	PC: 12f2c \| Close file
2018-12-17T22:09:43.454571948Z	13	PC: 12f30 \| Disk reset
2018-12-17T22:09:43.456418371Z	9	PC: 12f5c \| Display string (String= ' Demo virus #3 by Rikki Cate 21/9/90 File infected: ')
2018-12-17T22:09:43.463696205Z	9	PC: 12f63 \| Display string (String= 'SLEEP.COM')
2018-12-17T22:09:43.467245952Z	9	PC: 12f69 \| Display string (String= ' Press key to continue ')