Sample viewer

vx.netlux.org/Virus.DOS.Nygus.163

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:27:35.784280339Z	26	PC: 12c24 \| Set disk transfer address
2018-12-17T22:27:35.786436928Z	78	PC: 12c24 \| Find first file
2018-12-17T22:27:35.793944753Z	61	PC: 12c24 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:27:35.801339499Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:35.80316828Z	63	PC: 12c24 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:35.818585283Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:35.820439276Z	64	PC: 12be7 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:35.823753462Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:35.82599626Z	64	PC: 12c24 \| Write file or device (Write 163 bytes on handle 5)
2018-12-17T22:27:36.017115681Z	62	PC: 12bfa \| Close file
2018-12-17T22:27:36.026675095Z	79	PC: 12c24 \| Find next file
2018-12-17T22:27:36.031048359Z	61	PC: 12c24 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:27:36.039193421Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.041408383Z	63	PC: 12c24 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:36.050836451Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.052758219Z	64	PC: 12be7 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:36.056081791Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.059174542Z	64	PC: 12c24 \| Write file or device (Write 163 bytes on handle 5)
2018-12-17T22:27:36.062925075Z	62	PC: 12bfa \| Close file
2018-12-17T22:27:36.071987673Z	79	PC: 12c24 \| Find next file
2018-12-17T22:27:36.076119379Z	61	PC: 12c24 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:27:36.089188409Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.09111526Z	63	PC: 12c24 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:36.098599256Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.101114638Z	64	PC: 12be7 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:36.104700314Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.106396325Z	64	PC: 12c24 \| Write file or device (Write 163 bytes on handle 5)
2018-12-17T22:27:36.110824633Z	62	PC: 12bfa \| Close file
2018-12-17T22:27:36.120740889Z	79	PC: 12c24 \| Find next file
2018-12-17T22:27:36.124087112Z	61	PC: 12c24 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:27:36.132288039Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.134220106Z	63	PC: 12c24 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:36.141616357Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.143938934Z	64	PC: 12be7 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:36.14727069Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.149206145Z	64	PC: 12c24 \| Write file or device (Write 163 bytes on handle 5)
2018-12-17T22:27:36.153270767Z	62	PC: 12bfa \| Close file
2018-12-17T22:27:36.166517915Z	79	PC: 12c24 \| Find next file
2018-12-17T22:27:36.1695382Z	61	PC: 12c24 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:27:36.177093888Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.17954207Z	63	PC: 12c24 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:36.187551877Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.189568832Z	64	PC: 12be7 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:36.193346522Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.195420403Z	64	PC: 12c24 \| Write file or device (Write 163 bytes on handle 5)
2018-12-17T22:27:36.198853498Z	62	PC: 12bfa \| Close file
2018-12-17T22:27:36.208777859Z	79	PC: 12c24 \| Find next file
2018-12-17T22:27:36.212101823Z	61	PC: 12c24 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:27:36.21982204Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.222428289Z	63	PC: 12c24 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:36.229924263Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.231882204Z	64	PC: 12be7 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:36.236039416Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.238252793Z	64	PC: 12c24 \| Write file or device (Write 163 bytes on handle 5)
2018-12-17T22:27:36.247534197Z	62	PC: 12bfa \| Close file
2018-12-17T22:27:36.25764277Z	79	PC: 12c24 \| Find next file
2018-12-17T22:27:36.261768496Z	61	PC: 12c24 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:27:36.269476999Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.271445693Z	63	PC: 12c24 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:36.279710073Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.281322276Z	64	PC: 12be7 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:27:36.284570268Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.286872102Z	64	PC: 12c24 \| Write file or device (Write 163 bytes on handle 5)
2018-12-17T22:27:36.290212236Z	62	PC: 12bfa \| Close file
2018-12-17T22:27:36.299137933Z	79	PC: 12c24 \| Find next file
2018-12-17T22:27:36.303321938Z	61	PC: 12c24 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:27:36.311200984Z	66	PC: 12c1f \| Move file pointer
2018-12-17T22:27:36.313097052Z	63	PC: 12c24 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:27:36.317023338Z	62	PC: 12bfa \| Close file
2018-12-17T22:27:36.319472023Z	79	PC: 12c24 \| Find next file
2018-12-17T22:27:36.322713003Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-17T22:27:36.329742815Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')