Sample viewer

vx.netlux.org/Virus.DOS.Ash.280.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:20:35.441561135Z 26 PC: 141d7 | Set disk transfer address
2018-12-17T22:20:35.448763817Z 78 PC: 14215 | Find first file
2018-12-17T22:20:35.454835145Z 61 PC: 14221 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:20:35.459947815Z 63 PC: 14230 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:20:35.465543619Z 66 PC: 14249 | Move file pointer
2018-12-17T22:20:35.466505733Z 64 PC: 1425e | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.468122762Z 64 PC: 14269 | Write file or device (Write 276 bytes on handle 5)
2018-12-17T22:20:35.480801942Z 66 PC: 14272 | Move file pointer
2018-12-17T22:20:35.482028306Z 64 PC: 14294 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.488167608Z 62 PC: 14209 | Close file
2018-12-17T22:20:35.505446774Z 79 PC: 14215 | Find next file
2018-12-17T22:20:35.508029701Z 61 PC: 14221 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:20:35.514462423Z 63 PC: 14230 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:20:35.521135872Z 66 PC: 14249 | Move file pointer
2018-12-17T22:20:35.522442695Z 64 PC: 1425e | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.524958995Z 64 PC: 14269 | Write file or device (Write 276 bytes on handle 5)
2018-12-17T22:20:35.52794122Z 66 PC: 14272 | Move file pointer
2018-12-17T22:20:35.529300203Z 64 PC: 14294 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.531822699Z 62 PC: 14209 | Close file
2018-12-17T22:20:35.540031068Z 79 PC: 14215 | Find next file
2018-12-17T22:20:35.542949882Z 61 PC: 14221 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:20:35.550043613Z 63 PC: 14230 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:20:35.556888966Z 66 PC: 14249 | Move file pointer
2018-12-17T22:20:35.558298036Z 64 PC: 1425e | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.560780134Z 64 PC: 14269 | Write file or device (Write 276 bytes on handle 5)
2018-12-17T22:20:35.563944607Z 66 PC: 14272 | Move file pointer
2018-12-17T22:20:35.565243943Z 64 PC: 14294 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.56768142Z 62 PC: 14209 | Close file
2018-12-17T22:20:35.575513503Z 79 PC: 14215 | Find next file
2018-12-17T22:20:35.578627382Z 61 PC: 14221 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:20:35.584887003Z 63 PC: 14230 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:20:35.591034712Z 66 PC: 14249 | Move file pointer
2018-12-17T22:20:35.592513733Z 64 PC: 1425e | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.595315959Z 64 PC: 14269 | Write file or device (Write 276 bytes on handle 5)
2018-12-17T22:20:35.59787541Z 66 PC: 14272 | Move file pointer
2018-12-17T22:20:35.599756709Z 64 PC: 14294 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.602933425Z 62 PC: 14209 | Close file
2018-12-17T22:20:35.610506763Z 79 PC: 14215 | Find next file
2018-12-17T22:20:35.612703296Z 61 PC: 14221 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:20:35.616695093Z 63 PC: 14230 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:20:35.622833259Z 66 PC: 14249 | Move file pointer
2018-12-17T22:20:35.624596633Z 64 PC: 1425e | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.627084496Z 64 PC: 14269 | Write file or device (Write 276 bytes on handle 5)
2018-12-17T22:20:35.629585283Z 66 PC: 14272 | Move file pointer
2018-12-17T22:20:35.631259417Z 64 PC: 14294 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.633676479Z 62 PC: 14209 | Close file
2018-12-17T22:20:35.640986202Z 79 PC: 14215 | Find next file
2018-12-17T22:20:35.643904796Z 61 PC: 14221 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:20:35.650123896Z 63 PC: 14230 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:20:35.656189538Z 66 PC: 14249 | Move file pointer
2018-12-17T22:20:35.65787754Z 64 PC: 1425e | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.660277185Z 64 PC: 14269 | Write file or device (Write 276 bytes on handle 5)
2018-12-17T22:20:35.668228742Z 66 PC: 14272 | Move file pointer
2018-12-17T22:20:35.670135485Z 64 PC: 14294 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.676395917Z 62 PC: 14209 | Close file
2018-12-17T22:20:35.684519321Z 79 PC: 14215 | Find next file
2018-12-17T22:20:35.687765259Z 61 PC: 14221 | Open file (Filename = 'PAH.COM')
2018-12-17T22:20:35.694405408Z 63 PC: 14230 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:20:35.700959421Z 66 PC: 14249 | Move file pointer
2018-12-17T22:20:35.702913568Z 64 PC: 1425e | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.705555379Z 64 PC: 14269 | Write file or device (Write 276 bytes on handle 5)
2018-12-17T22:20:35.708015442Z 66 PC: 14272 | Move file pointer
2018-12-17T22:20:35.709931104Z 64 PC: 14294 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:20:35.712654641Z 62 PC: 14209 | Close file
2018-12-17T22:20:35.720639508Z 79 PC: 14215 | Find next file
2018-12-17T22:20:35.724339929Z 61 PC: 14221 | Open file (Filename = 'TEST.COM')
2018-12-17T22:20:35.732596102Z 63 PC: 14230 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:20:35.736084362Z 62 PC: 14209 | Close file
2018-12-17T22:20:35.738420646Z 79 PC: 14215 | Find next file
2018-12-17T22:20:35.740861902Z 26 PC: 141eb | Set disk transfer address
2018-12-17T22:20:35.742027981Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/k...). Size=00001770h/0000006000d bytes. ')
2018-12-17T22:20:35.748213597Z 48 PC: 12a8f | Get DOS version
2018-12-17T22:20:35.749491073Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-17T22:20:35.75601536Z 93 PC: 12afe | File sharing functions
2018-12-17T22:20:35.758685232Z 9 PC: 12a86 | Display string (String= 'Size change=0118h/00280d. ')
2018-12-17T22:20:35.762891458Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')