Sample viewer

vx.netlux.org/Virus.DOS.Mainman.465

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:29:36.171913932Z 26 PC: 13e6a | Set disk transfer address
2018-12-17T22:29:36.173840955Z 71 PC: 13f0a | Get current directory
2018-12-17T22:29:36.176038535Z 78 PC: 13e79 | Find first file
2018-12-17T22:29:36.179884015Z 61 PC: 13e8c | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:29:36.185021768Z 63 PC: 13e98 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:29:36.192199273Z 66 PC: 13eb8 | Move file pointer
2018-12-17T22:29:36.193674019Z 64 PC: 13ec5 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:29:36.197203553Z 66 PC: 13ed0 | Move file pointer
2018-12-17T22:29:36.19856158Z 64 PC: 13edd | Write file or device (Write 465 bytes on handle 5)
2018-12-17T22:29:36.212139896Z 62 PC: 13ee1 | Close file
2018-12-17T22:29:36.221904152Z 59 PC: 13ee9 | Change current directory
2018-12-17T22:29:36.232521691Z 65 PC: 13f16 | Delete file (Filename = 'c:\windows\win.com')
2018-12-17T22:29:36.576258178Z 59 PC: 13ef6 | Change current directory
2018-12-17T22:29:36.578309209Z 26 PC: 13eff | Set disk transfer address
2018-12-17T22:29:36.580891853Z 9 PC: 12a85 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:29:36.586456116Z 0 PC: 12a89 | Program terminate