Sample viewer

vx.netlux.org/Virus.DOS.Elsa.857

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:34:19.189734467Z	74	PC: 12a92 \| Reallocate memory
2018-12-17T22:34:19.191391541Z	61	PC: 12a9a \| Open file (Filename = 'A:\TEST.COM')
2018-12-17T22:34:19.199923625Z	62	PC: 12ad3 \| Close file
2018-12-17T22:34:19.614781771Z	61	PC: 12ba2 \| Open file (Filename = 'A:\SLEEP.TPV')
2018-12-17T22:34:19.627256634Z	72	PC: 12bb0 \| Allocate memory
2018-12-17T22:34:19.631819575Z	66	PC: 12bcc \| Move file pointer
2018-12-17T22:34:19.633969552Z	66	PC: 12bd5 \| Move file pointer
2018-12-17T22:34:19.635671637Z	63	PC: 12be1 \| Read file or device (Read 407 bytes on handle 5)
2018-12-17T22:34:19.644264597Z	66	PC: 12bed \| Move file pointer
2018-12-17T22:34:19.646098398Z	64	PC: 12c02 \| Write file or device (Write 1264 bytes on handle 5)
2018-12-17T22:34:19.655499731Z	73	PC: 12c18 \| Release memory
2018-12-17T22:34:19.657281867Z	62	PC: 12c1f \| Close file
2018-12-17T22:34:19.66910353Z	61	PC: 12ba2 \| Open file (Filename = 'A:\PRINT.TPV')
2018-12-17T22:34:19.680111543Z	72	PC: 12bb0 \| Allocate memory
2018-12-17T22:34:19.682371761Z	66	PC: 12bcc \| Move file pointer
2018-12-17T22:34:19.684898824Z	66	PC: 12bd5 \| Move file pointer
2018-12-17T22:34:19.687062217Z	63	PC: 12be1 \| Read file or device (Read 27 bytes on handle 5)
2018-12-17T22:34:19.694514272Z	66	PC: 12bed \| Move file pointer
2018-12-17T22:34:19.697707683Z	64	PC: 12c02 \| Write file or device (Write 884 bytes on handle 5)
2018-12-17T22:34:19.706887291Z	73	PC: 12c18 \| Release memory
2018-12-17T22:34:19.709724556Z	62	PC: 12c1f \| Close file
2018-12-17T22:34:19.721514976Z	61	PC: 12ba2 \| Open file (Filename = 'A:\HELLO.TPV')
2018-12-17T22:34:19.732807363Z	72	PC: 12bb0 \| Allocate memory
2018-12-17T22:34:19.735201569Z	66	PC: 12bcc \| Move file pointer
2018-12-17T22:34:19.738257188Z	66	PC: 12bd5 \| Move file pointer
2018-12-17T22:34:19.73992313Z	63	PC: 12be1 \| Read file or device (Read 92 bytes on handle 5)
2018-12-17T22:34:19.747556809Z	66	PC: 12bed \| Move file pointer
2018-12-17T22:34:19.749239099Z	64	PC: 12c02 \| Write file or device (Write 949 bytes on handle 5)
2018-12-17T22:34:19.759235888Z	73	PC: 12c18 \| Release memory
2018-12-17T22:34:19.761034284Z	62	PC: 12c1f \| Close file