Sample viewer

vx.netlux.org/Virus.DOS.Companion.Baby.268

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:41:46.261904745Z 74 PC: 12a4f | Reallocate memory
2018-12-17T22:41:46.263536544Z 75 PC: 12a6d | Execute program
2018-12-17T22:41:46.267211233Z 26 PC: 12a84 | Set disk transfer address
2018-12-17T22:41:46.268313189Z 78 PC: 12a9b | Find first file
2018-12-17T22:41:46.286174369Z 61 PC: 12aa5 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:41:46.294364715Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:41:46.308496979Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:46.310534919Z 90 PC: 12afe | Create unique file
2018-12-17T22:41:46.327759783Z 65 PC: 12b03 | Delete file (Filename = '.\AADDAKEC')
2018-12-17T22:41:46.344862465Z 67 PC: 12b10 | Get or set file attributes
2018-12-17T22:41:46.354896164Z 86 PC: 12b17 | Rename file
2018-12-17T22:41:46.3685938Z 60 PC: 12b1f | Create or truncate file
2018-12-17T22:41:46.379694343Z 64 PC: 12b2a | Write file or device (Write 268 bytes on handle 6)
2018-12-17T22:41:46.383597615Z 62 PC: 12b2e | Close file
2018-12-17T22:41:46.391541061Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:46.395049222Z 61 PC: 12aa5 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:41:46.401609666Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 6)
2018-12-17T22:41:46.408000775Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:46.410865831Z 90 PC: 12afe | Create unique file
2018-12-17T22:41:46.421624381Z 65 PC: 12b03 | Delete file (Filename = '.\AADDAKEH')
2018-12-17T22:41:46.431563784Z 67 PC: 12b10 | Get or set file attributes
2018-12-17T22:41:46.441765585Z 86 PC: 12b17 | Rename file
2018-12-17T22:41:46.452769083Z 60 PC: 12b1f | Create or truncate file
2018-12-17T22:41:46.463486219Z 64 PC: 12b2a | Write file or device (Write 268 bytes on handle 7)
2018-12-17T22:41:46.467865716Z 62 PC: 12b2e | Close file
2018-12-17T22:41:46.476173507Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:46.478923095Z 61 PC: 12aa5 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:41:46.491220862Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 7)
2018-12-17T22:41:46.49746801Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:46.499384574Z 90 PC: 12afe | Create unique file
2018-12-17T22:41:46.519114473Z 65 PC: 12b03 | Delete file (Filename = '.\AADDAKFC')
2018-12-17T22:41:46.529497949Z 67 PC: 12b10 | Get or set file attributes
2018-12-17T22:41:46.548728003Z 86 PC: 12b17 | Rename file
2018-12-17T22:41:46.560483712Z 60 PC: 12b1f | Create or truncate file
2018-12-17T22:41:46.572019059Z 64 PC: 12b2a | Write file or device (Write 268 bytes on handle 8)
2018-12-17T22:41:46.576070333Z 62 PC: 12b2e | Close file
2018-12-17T22:41:46.584442232Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:46.588214712Z 61 PC: 12aa5 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:41:46.594600788Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 8)
2018-12-17T22:41:46.60111368Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:46.606153207Z 90 PC: 12afe | Create unique file
2018-12-17T22:41:46.617757835Z 65 PC: 12b03 | Delete file (Filename = '.\AADDAKFI')
2018-12-17T22:41:46.628660923Z 67 PC: 12b10 | Get or set file attributes
2018-12-17T22:41:46.639549814Z 86 PC: 12b17 | Rename file
2018-12-17T22:41:46.650903211Z 60 PC: 12b1f | Create or truncate file
2018-12-17T22:41:46.664207425Z 64 PC: 12b2a | Write file or device (Write 268 bytes on handle 9)
2018-12-17T22:41:46.669285829Z 62 PC: 12b2e | Close file
2018-12-17T22:41:46.678287749Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:46.681235465Z 61 PC: 12aa5 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:41:46.688530541Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 9)
2018-12-17T22:41:46.695076092Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:46.697125466Z 90 PC: 12afe | Create unique file
2018-12-17T22:41:46.708617225Z 65 PC: 12b03 | Delete file (Filename = '.\AADDAKGD')
2018-12-17T22:41:46.719385155Z 67 PC: 12b10 | Get or set file attributes
2018-12-17T22:41:46.72997952Z 86 PC: 12b17 | Rename file
2018-12-17T22:41:46.748197254Z 60 PC: 12b1f | Create or truncate file
2018-12-17T22:41:46.760192364Z 64 PC: 12b2a | Write file or device (Write 268 bytes on handle 10)
2018-12-17T22:41:46.764274483Z 62 PC: 12b2e | Close file
2018-12-17T22:41:46.772397447Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:46.77600754Z 61 PC: 12aa5 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:41:46.782413951Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 10)
2018-12-17T22:41:46.788780799Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:46.791642945Z 90 PC: 12afe | Create unique file
2018-12-17T22:41:46.807257142Z 65 PC: 12b03 | Delete file (Filename = '.\AADDALAE')
2018-12-17T22:41:46.817553491Z 67 PC: 12b10 | Get or set file attributes
2018-12-17T22:41:46.828146324Z 86 PC: 12b17 | Rename file
2018-12-17T22:41:46.840311114Z 60 PC: 12b1f | Create or truncate file
2018-12-17T22:41:46.853437718Z 64 PC: 12b2a | Write file or device (Write 268 bytes on handle 11)
2018-12-17T22:41:46.858211121Z 62 PC: 12b2e | Close file
2018-12-17T22:41:46.867041599Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:46.869935972Z 61 PC: 12aa5 | Open file (Filename = 'PAH.COM')
2018-12-17T22:41:46.877318581Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 11)
2018-12-17T22:41:46.884051859Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:46.886192997Z 90 PC: 12afe | Create unique file
2018-12-17T22:41:46.898312279Z 65 PC: 12b03 | Delete file (Filename = '.\AADDALAP')
2018-12-17T22:41:46.908612213Z 67 PC: 12b10 | Get or set file attributes
2018-12-17T22:41:46.918637125Z 86 PC: 12b17 | Rename file
2018-12-17T22:41:46.929343623Z 60 PC: 12b1f | Create or truncate file
2018-12-17T22:41:46.937477809Z 64 PC: 12b2a | Write file or device (Write 268 bytes on handle 12)
2018-12-17T22:41:46.939935914Z 62 PC: 12b2e | Close file
2018-12-17T22:41:46.945454006Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:46.947814847Z 61 PC: 12aa5 | Open file (Filename = 'TEST.COM')
2018-12-17T22:41:46.952105832Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 12)
2018-12-17T22:41:46.956541387Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:46.958472161Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:46.960404802Z 61 PC: 12aa5 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:41:46.965224764Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 12)
2018-12-17T22:41:46.969970318Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:46.971517367Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:46.973636807Z 61 PC: 12aa5 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:41:46.979512661Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 12)
2018-12-17T22:41:46.985747448Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:46.988378932Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:46.990440455Z 61 PC: 12aa5 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:41:46.997816484Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 12)
2018-12-17T22:41:47.002357582Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:47.004258021Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:47.006271174Z 61 PC: 12aa5 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:41:47.011254151Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 12)
2018-12-17T22:41:47.015905575Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:47.017451705Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:47.019488412Z 61 PC: 12aa5 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:41:47.025843673Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 12)
2018-12-17T22:41:47.031772138Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:47.033092333Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:47.035296263Z 61 PC: 12aa5 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:41:47.039454229Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 12)
2018-12-17T22:41:47.043429648Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:47.045621749Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:47.047470075Z 61 PC: 12aa5 | Open file (Filename = 'PAH.COM')
2018-12-17T22:41:47.051800524Z 63 PC: 12ab0 | Read file or device (Read 26 bytes on handle 12)
2018-12-17T22:41:47.0563871Z 62 PC: 12ab4 | Close file
2018-12-17T22:41:47.057759298Z 79 PC: 12a9b | Find next file
2018-12-17T22:41:47.059442771Z 78 PC: 12a9b | Find first file
2018-12-17T22:41:47.066624836Z 76 PC: 12a95 | Terminate with return code (Return code = '2')