Sample viewer

vx.netlux.org/Virus.DOS.Nomad.1354

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T21:52:40.302418148Z	25	PC: 12b7b \| Get default drive
2018-12-17T21:52:40.303680811Z	71	PC: 12b8e \| Get current directory
2018-12-17T21:52:40.30695136Z	26	PC: 12b96 \| Set disk transfer address
2018-12-17T21:52:40.308211296Z	78	PC: 12bd4 \| Find first file
2018-12-17T21:52:40.314026089Z	61	PC: 12bf4 \| Open file (Filename = 'TEST.EXE')
2018-12-17T21:52:40.322219712Z	63	PC: 12c03 \| Read file or device (Read 2 bytes on handle 5)
2018-12-17T21:52:40.324665834Z	62	PC: 12c07 \| Close file
2018-12-17T21:52:40.326359021Z	67	PC: 12c1e \| Get or set file attributes
2018-12-17T21:52:40.341916935Z	61	PC: 12c2c \| Open file (Filename = 'TEST.EXE')
2018-12-17T21:52:40.353140879Z	63	PC: 12c3c \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T21:52:40.359290432Z	66	PC: 12c6c \| Move file pointer
2018-12-17T21:52:40.361556383Z	64	PC: 12c78 \| Write file or device (Write 1354 bytes on handle 5)
2018-12-17T21:52:40.371328985Z	66	PC: 12cc1 \| Move file pointer
2018-12-17T21:52:40.373195204Z	66	PC: 12cd9 \| Move file pointer
2018-12-17T21:52:40.374824528Z	64	PC: 12ce4 \| Write file or device (Write 28 bytes on handle 5)
2018-12-17T21:52:40.377394345Z	87	PC: 12cfa \| Get or set file date and time
2018-12-17T21:52:40.378687035Z	62	PC: 12cfe \| Close file
2018-12-17T21:52:40.386377134Z	67	PC: 12d0e \| Get or set file attributes
2018-12-17T21:52:40.395959085Z	59	PC: 12d6c \| Change current directory
2018-12-17T21:52:40.400048686Z	78	PC: 12bd4 \| Find first file
2018-12-17T21:52:40.406391053Z	79	PC: 12bdd \| Find next file
2018-12-17T21:52:40.408620581Z	59	PC: 12d6c \| Change current directory
2018-12-17T21:52:40.417653473Z	78	PC: 12bd4 \| Find first file
2018-12-17T21:52:40.428739508Z	79	PC: 12bdd \| Find next file
2018-12-17T21:52:40.43132133Z	59	PC: 12d6c \| Change current directory
2018-12-17T21:52:40.433391362Z	78	PC: 12bd4 \| Find first file
2018-12-17T21:52:40.440052533Z	79	PC: 12bdd \| Find next file
2018-12-17T21:52:40.442838212Z	59	PC: 12d6c \| Change current directory
2018-12-17T21:52:40.444894673Z	78	PC: 12bd4 \| Find first file
2018-12-17T21:52:40.451154812Z	79	PC: 12bdd \| Find next file
2018-12-17T21:52:40.454222592Z	9	PC: 12d67 \| Display string (String= ' ******************************************************* * yO!!! I could have made some mischief to you but I * * lEfT it out. I'm the #Nomad Virus# - Mikee's World * ******************************************************* ')
2018-12-17T21:52:40.466310918Z	59	PC: 12d42 \| Change current directory
2018-12-17T21:52:40.47058403Z	26	PC: 12d52 \| Set disk transfer address
2018-12-17T21:52:40.472479277Z	9	PC: 12ac8 \| Display string (Could not find end pointer)
2018-12-17T21:52:40.486210461Z	76	PC: 12acc \| Terminate with return code (Return code = '36')