Sample viewer

vx.netlux.org/Virus.DOS.RedArc.328

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:42:36.176489469Z 26 PC: 13e5e | Set disk transfer address
2018-12-17T22:42:36.178471868Z 78 PC: 13e6c | Find first file
2018-12-17T22:42:36.18512874Z 67 PC: 13e8b | Get or set file attributes
2018-12-17T22:42:36.20236405Z 61 PC: 13e90 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:42:36.209756249Z 63 PC: 13e9f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:42:36.217665425Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:42:36.219257559Z 64 PC: 13efb | Write file or device (Write 328 bytes on handle 5)
2018-12-17T22:42:36.227944922Z 66 PC: 13f04 | Move file pointer
2018-12-17T22:42:36.230136392Z 64 PC: 13f11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:42:36.238461568Z 87 PC: 13ec1 | Get or set file date and time
2018-12-17T22:42:36.240312342Z 62 PC: 13ec5 | Close file
2018-12-17T22:42:36.250107376Z 79 PC: 13e6c | Find next file
2018-12-17T22:42:36.253340825Z 67 PC: 13e8b | Get or set file attributes
2018-12-17T22:42:36.265228125Z 61 PC: 13e90 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:42:36.273671616Z 63 PC: 13e9f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:42:36.280988395Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:42:36.283043289Z 64 PC: 13efb | Write file or device (Write 328 bytes on handle 5)
2018-12-17T22:42:36.287351527Z 66 PC: 13f04 | Move file pointer
2018-12-17T22:42:36.289044167Z 64 PC: 13f11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:42:36.292163824Z 87 PC: 13ec1 | Get or set file date and time
2018-12-17T22:42:36.293946249Z 62 PC: 13ec5 | Close file
2018-12-17T22:42:36.30344377Z 79 PC: 13e6c | Find next file
2018-12-17T22:42:36.30679962Z 67 PC: 13e8b | Get or set file attributes
2018-12-17T22:42:36.317832316Z 61 PC: 13e90 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:42:36.325954329Z 63 PC: 13e9f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:42:36.330287777Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:42:36.331461461Z 64 PC: 13efb | Write file or device (Write 328 bytes on handle 5)
2018-12-17T22:42:36.334185108Z 66 PC: 13f04 | Move file pointer
2018-12-17T22:42:36.335224582Z 64 PC: 13f11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:42:36.336980335Z 87 PC: 13ec1 | Get or set file date and time
2018-12-17T22:42:36.338670935Z 62 PC: 13ec5 | Close file
2018-12-17T22:42:36.346976277Z 79 PC: 13e6c | Find next file
2018-12-17T22:42:36.350310486Z 67 PC: 13e8b | Get or set file attributes
2018-12-17T22:42:36.361552694Z 61 PC: 13e90 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:42:36.370122199Z 63 PC: 13e9f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:42:36.377300479Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:42:36.379069283Z 64 PC: 13efb | Write file or device (Write 328 bytes on handle 5)
2018-12-17T22:42:36.382332344Z 66 PC: 13f04 | Move file pointer
2018-12-17T22:42:36.383758574Z 64 PC: 13f11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:42:36.38706896Z 87 PC: 13ec1 | Get or set file date and time
2018-12-17T22:42:36.389105684Z 62 PC: 13ec5 | Close file
2018-12-17T22:42:36.397386473Z 79 PC: 13e6c | Find next file
2018-12-17T22:42:36.400283577Z 67 PC: 13e8b | Get or set file attributes
2018-12-17T22:42:36.411269246Z 61 PC: 13e90 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:42:36.418556345Z 63 PC: 13e9f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:42:36.425513435Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:42:36.428021882Z 64 PC: 13efb | Write file or device (Write 328 bytes on handle 5)
2018-12-17T22:42:36.432040971Z 66 PC: 13f04 | Move file pointer
2018-12-17T22:42:36.433705341Z 64 PC: 13f11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:42:36.437728436Z 87 PC: 13ec1 | Get or set file date and time
2018-12-17T22:42:36.439694569Z 62 PC: 13ec5 | Close file
2018-12-17T22:42:36.447823942Z 79 PC: 13e6c | Find next file
2018-12-17T22:42:36.451483834Z 67 PC: 13e8b | Get or set file attributes
2018-12-17T22:42:36.472586792Z 61 PC: 13e90 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:42:36.480247691Z 63 PC: 13e9f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:42:36.488805302Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:42:36.490991483Z 64 PC: 13efb | Write file or device (Write 328 bytes on handle 5)
2018-12-17T22:42:36.500556874Z 66 PC: 13f04 | Move file pointer
2018-12-17T22:42:36.503051916Z 64 PC: 13f11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:42:36.510401863Z 87 PC: 13ec1 | Get or set file date and time
2018-12-17T22:42:36.512028867Z 62 PC: 13ec5 | Close file
2018-12-17T22:42:36.522018588Z 79 PC: 13e6c | Find next file
2018-12-17T22:42:36.52511052Z 67 PC: 13e8b | Get or set file attributes
2018-12-17T22:42:36.536000336Z 61 PC: 13e90 | Open file (Filename = 'PAH.COM')
2018-12-17T22:42:36.543503706Z 63 PC: 13e9f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:42:36.551965968Z 66 PC: 13ee0 | Move file pointer
2018-12-17T22:42:36.553566857Z 64 PC: 13efb | Write file or device (Write 328 bytes on handle 5)
2018-12-17T22:42:36.556652216Z 66 PC: 13f04 | Move file pointer
2018-12-17T22:42:36.559463449Z 64 PC: 13f11 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:42:36.564596165Z 87 PC: 13ec1 | Get or set file date and time
2018-12-17T22:42:36.566922631Z 62 PC: 13ec5 | Close file
2018-12-17T22:42:36.577084333Z 79 PC: 13e6c | Find next file
2018-12-17T22:42:36.582125611Z 67 PC: 13e8b | Get or set file attributes
2018-12-17T22:42:36.593508044Z 61 PC: 13e90 | Open file (Filename = 'TEST.COM')
2018-12-17T22:42:36.602551419Z 63 PC: 13e9f | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:42:36.605910483Z 87 PC: 13ec1 | Get or set file date and time
2018-12-17T22:42:36.607683487Z 62 PC: 13ec5 | Close file
2018-12-17T22:42:36.616734799Z 79 PC: 13e6c | Find next file
2018-12-17T22:42:36.620547932Z 26 PC: 13e7c | Set disk transfer address
2018-12-17T22:42:36.62178703Z 9 PC: 12a85 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:42:36.627895913Z 0 PC: 12a89 | Program terminate