Sample viewer

vx.netlux.org/Virus.DOS.Frost.656

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:39:09.273724258Z	47	PC: 13e67 \| Get disk transfer address
2018-12-17T22:39:09.276767305Z	26	PC: 13e77 \| Set disk transfer address
2018-12-17T22:39:09.278710798Z	78	PC: 13e82 \| Find first file
2018-12-17T22:39:09.285954074Z	61	PC: 13e90 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:39:09.295035248Z	63	PC: 13ea2 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:09.316605291Z	66	PC: 13ed8 \| Move file pointer
2018-12-17T22:39:09.32775851Z	62	PC: 13f2d \| Close file
2018-12-17T22:39:09.346410897Z	79	PC: 13f31 \| Find next file
2018-12-17T22:39:09.352307421Z	61	PC: 13e90 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:39:09.359914469Z	63	PC: 13ea2 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:09.367697216Z	66	PC: 13ed8 \| Move file pointer
2018-12-17T22:39:09.370761544Z	62	PC: 13f2d \| Close file
2018-12-17T22:39:09.373106798Z	79	PC: 13f31 \| Find next file
2018-12-17T22:39:09.376305477Z	61	PC: 13e90 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:39:09.383879732Z	63	PC: 13ea2 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:09.391148858Z	66	PC: 13ed8 \| Move file pointer
2018-12-17T22:39:09.392876419Z	62	PC: 13f2d \| Close file
2018-12-17T22:39:09.396012885Z	79	PC: 13f31 \| Find next file
2018-12-17T22:39:09.399481142Z	61	PC: 13e90 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:39:09.406814971Z	63	PC: 13ea2 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:09.414407819Z	66	PC: 13ed8 \| Move file pointer
2018-12-17T22:39:09.416325105Z	62	PC: 13f2d \| Close file
2018-12-17T22:39:09.418454702Z	79	PC: 13f31 \| Find next file
2018-12-17T22:39:09.421650747Z	61	PC: 13e90 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:39:09.430059802Z	63	PC: 13ea2 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:09.438103465Z	66	PC: 13ed8 \| Move file pointer
2018-12-17T22:39:09.4402318Z	62	PC: 13f2d \| Close file
2018-12-17T22:39:09.443071218Z	79	PC: 13f31 \| Find next file
2018-12-17T22:39:09.446517926Z	61	PC: 13e90 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:39:09.454727591Z	63	PC: 13ea2 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:09.462973176Z	66	PC: 13ed8 \| Move file pointer
2018-12-17T22:39:09.464376823Z	62	PC: 13f2d \| Close file
2018-12-17T22:39:09.466790838Z	79	PC: 13f31 \| Find next file
2018-12-17T22:39:09.47057644Z	61	PC: 13e90 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:39:09.478096411Z	63	PC: 13ea2 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:09.485387198Z	66	PC: 13ed8 \| Move file pointer
2018-12-17T22:39:09.488501178Z	62	PC: 13f2d \| Close file
2018-12-17T22:39:09.49566038Z	79	PC: 13f31 \| Find next file
2018-12-17T22:39:09.498799332Z	61	PC: 13e90 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:39:09.506831418Z	63	PC: 13ea2 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:39:09.511101046Z	62	PC: 13f2d \| Close file
2018-12-17T22:39:09.513211476Z	79	PC: 13f31 \| Find next file
2018-12-17T22:39:09.516042906Z	26	PC: 13f42 \| Set disk transfer address
2018-12-17T22:39:09.517921396Z	9	PC: 12a85 \| Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:39:09.523096755Z	0	PC: 12a89 \| Program terminate