Sample viewer

vx.netlux.org/Virus.DOS.Ash.266

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:28:34.545265262Z	26	PC: 12e49 \| Set disk transfer address
2018-12-17T22:28:34.547444101Z	78	PC: 12e9a \| Find first file
2018-12-17T22:28:34.554310606Z	61	PC: 12eac \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:28:34.561561333Z	63	PC: 12ebb \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:28:34.568517196Z	66	PC: 12edc \| Move file pointer
2018-12-17T22:28:34.570331719Z	64	PC: 12ef0 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:28:34.573973928Z	64	PC: 12efb \| Write file or device (Write 262 bytes on handle 5)
2018-12-17T22:28:34.588930465Z	66	PC: 12f03 \| Move file pointer
2018-12-17T22:28:34.591397834Z	64	PC: 12f21 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:28:34.598867997Z	87	PC: 12e89 \| Get or set file date and time
2018-12-17T22:28:34.601407579Z	62	PC: 12e8d \| Close file
2018-12-17T22:28:34.617269185Z	79	PC: 12e9a \| Find next file
2018-12-17T22:28:34.62015513Z	61	PC: 12eac \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:28:34.627205775Z	63	PC: 12ebb \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:28:34.634920053Z	87	PC: 12e89 \| Get or set file date and time
2018-12-17T22:28:34.636609922Z	62	PC: 12e8d \| Close file
2018-12-17T22:28:34.644927754Z	79	PC: 12e9a \| Find next file
2018-12-17T22:28:34.64809327Z	61	PC: 12eac \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:28:34.65542788Z	63	PC: 12ebb \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:28:34.662421933Z	87	PC: 12e89 \| Get or set file date and time
2018-12-17T22:28:34.66421881Z	62	PC: 12e8d \| Close file
2018-12-17T22:28:34.669066296Z	79	PC: 12e9a \| Find next file
2018-12-17T22:28:34.671950718Z	61	PC: 12eac \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:28:34.679069354Z	63	PC: 12ebb \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:28:34.686490839Z	87	PC: 12e89 \| Get or set file date and time
2018-12-17T22:28:34.688044288Z	62	PC: 12e8d \| Close file
2018-12-17T22:28:34.695883307Z	79	PC: 12e9a \| Find next file
2018-12-17T22:28:34.699545121Z	61	PC: 12eac \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:28:34.713549826Z	63	PC: 12ebb \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:28:34.720941684Z	87	PC: 12e89 \| Get or set file date and time
2018-12-17T22:28:34.72337342Z	62	PC: 12e8d \| Close file
2018-12-17T22:28:34.728540083Z	79	PC: 12e9a \| Find next file
2018-12-17T22:28:34.731045559Z	61	PC: 12eac \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:28:34.736117153Z	63	PC: 12ebb \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:28:34.74346024Z	66	PC: 12edc \| Move file pointer
2018-12-17T22:28:34.745123486Z	64	PC: 12ef0 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:28:34.748588605Z	64	PC: 12efb \| Write file or device (Write 262 bytes on handle 5)
2018-12-17T22:28:34.758177621Z	66	PC: 12f03 \| Move file pointer
2018-12-17T22:28:34.760258703Z	64	PC: 12f21 \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:28:34.768728458Z	87	PC: 12e89 \| Get or set file date and time
2018-12-17T22:28:34.771009722Z	62	PC: 12e8d \| Close file
2018-12-17T22:28:34.78134905Z	79	PC: 12e9a \| Find next file
2018-12-17T22:28:34.785308082Z	61	PC: 12eac \| Open file (Filename = 'PAH.COM')
2018-12-17T22:28:34.793147735Z	63	PC: 12ebb \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:28:34.800338233Z	87	PC: 12e89 \| Get or set file date and time
2018-12-17T22:28:34.802061999Z	62	PC: 12e8d \| Close file
2018-12-17T22:28:34.81011277Z	79	PC: 12e9a \| Find next file
2018-12-17T22:28:34.81296474Z	61	PC: 12eac \| Open file (Filename = 'TEST.COM')
2018-12-17T22:28:34.834732044Z	63	PC: 12ebb \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:28:34.844565144Z	87	PC: 12e89 \| Get or set file date and time
2018-12-17T22:28:34.846354879Z	62	PC: 12e8d \| Close file
2018-12-17T22:28:34.854836743Z	79	PC: 12e9a \| Find next file
2018-12-17T22:28:34.858856481Z	26	PC: 12e62 \| Set disk transfer address
2018-12-17T22:28:34.860235153Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=000003E8h/0000001000d bytes. ')
2018-12-17T22:28:34.865251167Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')