Sample viewer

vx.netlux.org/Virus.DOS.Leo.293

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:30:03.984061281Z	78	PC: 12bb9 \| Find first file
2018-12-17T22:30:03.991602637Z	61	PC: 12bd3 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:30:03.999222633Z	63	PC: 12be6 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:30:04.006274978Z	66	PC: 12bf4 \| Move file pointer
2018-12-17T22:30:04.007976237Z	66	PC: 12c10 \| Move file pointer
2018-12-17T22:30:04.009935614Z	63	PC: 12c21 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:30:04.012739372Z	66	PC: 12c45 \| Move file pointer
2018-12-17T22:30:04.014420795Z	64	PC: 12c55 \| Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:30:04.597883013Z	66	PC: 12c60 \| Move file pointer
2018-12-17T22:30:04.599795385Z	64	PC: 12c6e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:30:04.611065532Z	62	PC: 12c74 \| Close file
2018-12-17T22:30:04.623002917Z	62	PC: 12bc2 \| Close file
2018-12-17T22:30:04.625401428Z	79	PC: 12bc6 \| Find next file
2018-12-17T22:30:04.629442429Z	61	PC: 12bd3 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:30:04.637419695Z	63	PC: 12be6 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:30:04.645159216Z	66	PC: 12bf4 \| Move file pointer
2018-12-17T22:30:04.647143665Z	66	PC: 12c10 \| Move file pointer
2018-12-17T22:30:04.649005379Z	63	PC: 12c21 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:30:04.666566002Z	66	PC: 12c45 \| Move file pointer
2018-12-17T22:30:04.668626372Z	64	PC: 12c55 \| Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:30:04.67209482Z	66	PC: 12c60 \| Move file pointer
2018-12-17T22:30:04.675205569Z	64	PC: 12c6e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:30:04.679472544Z	62	PC: 12c74 \| Close file
2018-12-17T22:30:04.688624402Z	62	PC: 12bc2 \| Close file
2018-12-17T22:30:04.691234309Z	79	PC: 12bc6 \| Find next file
2018-12-17T22:30:04.694821895Z	61	PC: 12bd3 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:30:04.703293008Z	63	PC: 12be6 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:30:04.711484119Z	66	PC: 12bf4 \| Move file pointer
2018-12-17T22:30:04.713562662Z	66	PC: 12c10 \| Move file pointer
2018-12-17T22:30:04.715518975Z	63	PC: 12c21 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:30:04.718724248Z	66	PC: 12c45 \| Move file pointer
2018-12-17T22:30:04.721891787Z	64	PC: 12c55 \| Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:30:04.724961384Z	66	PC: 12c60 \| Move file pointer
2018-12-17T22:30:04.726639736Z	64	PC: 12c6e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:30:04.730571249Z	62	PC: 12c74 \| Close file
2018-12-17T22:30:04.739628784Z	62	PC: 12bc2 \| Close file
2018-12-17T22:30:04.741766381Z	79	PC: 12bc6 \| Find next file
2018-12-17T22:30:04.746261467Z	61	PC: 12bd3 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:30:04.753940059Z	63	PC: 12be6 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:30:04.762050034Z	66	PC: 12bf4 \| Move file pointer
2018-12-17T22:30:04.764955096Z	66	PC: 12c10 \| Move file pointer
2018-12-17T22:30:04.76734678Z	63	PC: 12c21 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:30:04.771312191Z	66	PC: 12c45 \| Move file pointer
2018-12-17T22:30:04.773516344Z	64	PC: 12c55 \| Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:30:04.777749781Z	66	PC: 12c60 \| Move file pointer
2018-12-17T22:30:04.779716854Z	64	PC: 12c6e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:30:04.783057236Z	62	PC: 12c74 \| Close file
2018-12-17T22:30:04.79302228Z	62	PC: 12bc2 \| Close file
2018-12-17T22:30:04.795175327Z	79	PC: 12bc6 \| Find next file
2018-12-17T22:30:04.798542402Z	61	PC: 12bd3 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:30:04.807436051Z	63	PC: 12be6 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:30:04.815405115Z	66	PC: 12bf4 \| Move file pointer
2018-12-17T22:30:04.817511144Z	66	PC: 12c10 \| Move file pointer
2018-12-17T22:30:04.820417542Z	63	PC: 12c21 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:30:04.823995712Z	66	PC: 12c45 \| Move file pointer
2018-12-17T22:30:04.826076524Z	64	PC: 12c55 \| Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:30:04.829784337Z	66	PC: 12c60 \| Move file pointer
2018-12-17T22:30:04.83173926Z	64	PC: 12c6e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:30:04.83495387Z	62	PC: 12c74 \| Close file
2018-12-17T22:30:05.141609554Z	62	PC: 12bc2 \| Close file
2018-12-17T22:30:05.144554019Z	79	PC: 12bc6 \| Find next file
2018-12-17T22:30:05.147932096Z	61	PC: 12bd3 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:30:05.155700763Z	63	PC: 12be6 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:30:05.163775748Z	66	PC: 12bf4 \| Move file pointer
2018-12-17T22:30:05.165705225Z	66	PC: 12c10 \| Move file pointer
2018-12-17T22:30:05.16756235Z	63	PC: 12c21 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:30:05.171672146Z	66	PC: 12c45 \| Move file pointer
2018-12-17T22:30:05.173566375Z	64	PC: 12c55 \| Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:30:05.511536386Z	66	PC: 12c60 \| Move file pointer
2018-12-17T22:30:05.514567918Z	64	PC: 12c6e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:30:05.523282424Z	62	PC: 12c74 \| Close file
2018-12-17T22:30:05.541908811Z	62	PC: 12bc2 \| Close file
2018-12-17T22:30:05.544937696Z	79	PC: 12bc6 \| Find next file
2018-12-17T22:30:05.548734293Z	61	PC: 12bd3 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:30:05.557474188Z	63	PC: 12be6 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:30:05.577266817Z	66	PC: 12bf4 \| Move file pointer
2018-12-17T22:30:05.579011074Z	66	PC: 12c10 \| Move file pointer
2018-12-17T22:30:05.580569816Z	63	PC: 12c21 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:30:05.58335797Z	66	PC: 12c45 \| Move file pointer
2018-12-17T22:30:05.586083357Z	64	PC: 12c55 \| Write file or device (Write 293 bytes on handle 5)
2018-12-17T22:30:05.589337791Z	66	PC: 12c60 \| Move file pointer
2018-12-17T22:30:05.591277155Z	64	PC: 12c6e \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:30:05.595423678Z	62	PC: 12c74 \| Close file
2018-12-17T22:30:05.604450971Z	62	PC: 12bc2 \| Close file
2018-12-17T22:30:05.606577963Z	79	PC: 12bc6 \| Find next file
2018-12-17T22:30:05.610775005Z	61	PC: 12bd3 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:30:05.619791869Z	63	PC: 12be6 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:30:05.623138505Z	66	PC: 12bf4 \| Move file pointer
2018-12-17T22:30:05.625955786Z	66	PC: 12c10 \| Move file pointer
2018-12-17T22:30:05.627730784Z	63	PC: 12c21 \| Read file or device (Read 1 bytes on handle 5)
2018-12-17T22:30:05.631365547Z	62	PC: 12bc2 \| Close file
2018-12-17T22:30:05.63375861Z	79	PC: 12bc6 \| Find next file
2018-12-17T22:30:05.638124486Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-17T22:30:05.643289128Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')