Sample viewer

vx.netlux.org/Virus.DOS.Tunnel.811

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:41:06.675292699Z	48	PC: 12b94 \| Get DOS version
2018-12-17T22:41:06.678182302Z	26	PC: 12bd4 \| Set disk transfer address
2018-12-17T22:41:06.694107063Z	78	PC: 12beb \| Find first file
2018-12-17T22:41:06.70228957Z	61	PC: 12c00 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:41:06.715392239Z	63	PC: 12c3c \| Read file or device (Read 25 bytes on handle 5)
2018-12-17T22:41:06.723121122Z	66	PC: 12e1e \| Move file pointer
2018-12-17T22:41:06.725248428Z	64	PC: 12c7f \| Write file or device (Write 811 bytes on handle 5)
2018-12-17T22:41:06.7426849Z	66	PC: 12e1e \| Move file pointer
2018-12-17T22:41:06.745782436Z	64	PC: 12ca9 \| Write file or device (Write 25 bytes on handle 5)
2018-12-17T22:41:06.752074354Z	87	PC: 12cb0 \| Get or set file date and time
2018-12-17T22:41:06.753699935Z	62	PC: 12c23 \| Close file
2018-12-17T22:41:06.760488867Z	79	PC: 12beb \| Find next file
2018-12-17T22:41:06.773012507Z	61	PC: 12c00 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:41:06.779834684Z	62	PC: 12c23 \| Close file
2018-12-17T22:41:06.801656017Z	79	PC: 12beb \| Find next file
2018-12-17T22:41:06.804798951Z	79	PC: 12beb \| Find next file
2018-12-17T22:41:06.808001322Z	61	PC: 12c00 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:41:06.815873685Z	62	PC: 12c23 \| Close file
2018-12-17T22:41:06.817539657Z	79	PC: 12beb \| Find next file
2018-12-17T22:41:06.820079748Z	61	PC: 12c00 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:41:06.827458854Z	62	PC: 12c23 \| Close file
2018-12-17T22:41:06.842068564Z	79	PC: 12beb \| Find next file
2018-12-17T22:41:06.845737901Z	61	PC: 12c00 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:41:06.853285834Z	63	PC: 12c3c \| Read file or device (Read 25 bytes on handle 5)
2018-12-17T22:41:06.872213269Z	66	PC: 12e1e \| Move file pointer
2018-12-17T22:41:06.874056491Z	64	PC: 12c7f \| Write file or device (Write 811 bytes on handle 5)
2018-12-17T22:41:06.901278683Z	66	PC: 12e1e \| Move file pointer
2018-12-17T22:41:06.902966707Z	64	PC: 12ca9 \| Write file or device (Write 25 bytes on handle 5)
2018-12-17T22:41:06.909234358Z	87	PC: 12cb0 \| Get or set file date and time
2018-12-17T22:41:06.912122852Z	62	PC: 12c23 \| Close file
2018-12-17T22:41:06.92067485Z	79	PC: 12beb \| Find next file
2018-12-17T22:41:06.928295499Z	61	PC: 12c00 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:41:06.935438683Z	62	PC: 12c23 \| Close file
2018-12-17T22:41:06.93829716Z	79	PC: 12beb \| Find next file
2018-12-17T22:41:06.941430956Z	79	PC: 12beb \| Find next file
2018-12-17T22:41:06.944448825Z	26	PC: 12e17 \| Set disk transfer address
2018-12-17T22:41:06.945954115Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-17T22:41:06.950472564Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')