Sample viewer

vx.netlux.org/Virus.DOS.Rycho.1536.a

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:43:05.571668793Z	78	PC: 12e4a \| Find first file
2018-12-17T22:43:05.576473172Z	47	PC: 12e53 \| Get disk transfer address
2018-12-17T22:43:05.577516326Z	61	PC: 12e61 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:43:05.583784675Z	87	PC: 12e6f \| Get or set file date and time
2018-12-17T22:43:05.585491904Z	66	PC: 12e94 \| Move file pointer
2018-12-17T22:43:05.586732412Z	66	PC: 12ea4 \| Move file pointer
2018-12-17T22:43:05.587930145Z	63	PC: 12eb3 \| Read file or device (Read 32 bytes on handle 5)
2018-12-17T22:43:05.591307925Z	66	PC: 12f1e \| Move file pointer
2018-12-17T22:43:05.592521449Z	64	PC: 12f29 \| Write file or device (Write 32 bytes on handle 5)
2018-12-17T22:43:05.59490572Z	66	PC: 12f32 \| Move file pointer
2018-12-17T22:43:05.596546225Z	64	PC: 12f51 \| Write file or device (Write 16 bytes on handle 5)
2018-12-17T22:43:05.599474227Z	66	PC: 12f5a \| Move file pointer
2018-12-17T22:43:05.600686509Z	64	PC: 12f70 \| Write file or device (Write 1536 bytes on handle 5)
2018-12-17T22:43:05.615488045Z	87	PC: 12f7d \| Get or set file date and time
2018-12-17T22:43:05.616886314Z	62	PC: 12f81 \| Close file
2018-12-17T22:43:05.624779292Z	71	PC: 12ac5 \| Get current directory
2018-12-17T22:43:05.628284604Z	59	PC: 12ad0 \| Change current directory
2018-12-17T22:43:05.632276085Z	78	PC: 12e4a \| Find first file
2018-12-17T22:43:05.638929204Z	47	PC: 12e53 \| Get disk transfer address
2018-12-17T22:43:05.640436471Z	61	PC: 12e61 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:43:05.647181244Z	87	PC: 12e6f \| Get or set file date and time
2018-12-17T22:43:05.648505395Z	62	PC: 12e78 \| Close file
2018-12-17T22:43:05.65020098Z	79	PC: 12e7c \| Find next file
2018-12-17T22:43:05.652639818Z	59	PC: 12ade \| Change current directory
2018-12-17T22:43:05.66125369Z	78	PC: 12e4a \| Find first file
2018-12-17T22:43:05.671651059Z	47	PC: 12e53 \| Get disk transfer address
2018-12-17T22:43:05.673598323Z	61	PC: 12e61 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:43:05.685894513Z	87	PC: 12e6f \| Get or set file date and time
2018-12-17T22:43:05.687716698Z	62	PC: 12e78 \| Close file
2018-12-17T22:43:05.690975841Z	79	PC: 12e7c \| Find next file
2018-12-17T22:43:05.693648728Z	59	PC: 12aec \| Change current directory
2018-12-17T22:43:05.699513077Z	78	PC: 12e4a \| Find first file
2018-12-17T22:43:05.707139962Z	47	PC: 12e53 \| Get disk transfer address
2018-12-17T22:43:05.708400668Z	61	PC: 12e61 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:43:05.715055024Z	87	PC: 12e6f \| Get or set file date and time
2018-12-17T22:43:05.717322386Z	62	PC: 12e78 \| Close file
2018-12-17T22:43:05.719175571Z	79	PC: 12e7c \| Find next file
2018-12-17T22:43:05.721457106Z	59	PC: 12afa \| Change current directory
2018-12-17T22:43:05.7279276Z	78	PC: 12e4a \| Find first file
2018-12-17T22:43:05.733905261Z	47	PC: 12e53 \| Get disk transfer address
2018-12-17T22:43:05.735064849Z	61	PC: 12e61 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:43:05.742002703Z	87	PC: 12e6f \| Get or set file date and time
2018-12-17T22:43:05.744115023Z	62	PC: 12e78 \| Close file
2018-12-17T22:43:05.746204337Z	79	PC: 12e7c \| Find next file
2018-12-17T22:43:05.749288809Z	59	PC: 12b08 \| Change current directory
2018-12-17T22:43:05.754879387Z	78	PC: 12e4a \| Find first file
2018-12-17T22:43:05.763523129Z	47	PC: 12e53 \| Get disk transfer address
2018-12-17T22:43:05.765558201Z	61	PC: 12e61 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:43:05.772603937Z	87	PC: 12e6f \| Get or set file date and time
2018-12-17T22:43:05.774252315Z	62	PC: 12e78 \| Close file
2018-12-17T22:43:05.776505527Z	79	PC: 12e7c \| Find next file
2018-12-17T22:43:05.779700948Z	59	PC: 12b16 \| Change current directory
2018-12-17T22:43:05.785554739Z	78	PC: 12e4a \| Find first file
2018-12-17T22:43:05.791519713Z	47	PC: 12e53 \| Get disk transfer address
2018-12-17T22:43:05.793629311Z	61	PC: 12e61 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:43:05.800337873Z	87	PC: 12e6f \| Get or set file date and time
2018-12-17T22:43:05.802019175Z	62	PC: 12e78 \| Close file
2018-12-17T22:43:05.805251168Z	79	PC: 12e7c \| Find next file
2018-12-17T22:43:05.807805676Z	59	PC: 12b24 \| Change current directory
2018-12-17T22:43:05.813562948Z	78	PC: 12e4a \| Find first file
2018-12-17T22:43:05.821329349Z	47	PC: 12e53 \| Get disk transfer address
2018-12-17T22:43:05.822706084Z	61	PC: 12e61 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:43:05.829955247Z	87	PC: 12e6f \| Get or set file date and time
2018-12-17T22:43:05.832450744Z	62	PC: 12e78 \| Close file
2018-12-17T22:43:05.834978308Z	79	PC: 12e7c \| Find next file
2018-12-17T22:43:05.837536092Z	59	PC: 12b32 \| Change current directory
2018-12-17T22:43:05.843974136Z	78	PC: 12e4a \| Find first file
2018-12-17T22:43:05.850175502Z	47	PC: 12e53 \| Get disk transfer address
2018-12-17T22:43:05.851529614Z	61	PC: 12e61 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:43:05.858868806Z	87	PC: 12e6f \| Get or set file date and time
2018-12-17T22:43:05.860953773Z	62	PC: 12e78 \| Close file
2018-12-17T22:43:05.862655834Z	79	PC: 12e7c \| Find next file
2018-12-17T22:43:05.865032736Z	59	PC: 12b40 \| Change current directory
2018-12-17T22:43:05.870035311Z	78	PC: 12e4a \| Find first file
2018-12-17T22:43:05.875849131Z	47	PC: 12e53 \| Get disk transfer address
2018-12-17T22:43:05.876873982Z	61	PC: 12e61 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:43:05.883966651Z	87	PC: 12e6f \| Get or set file date and time
2018-12-17T22:43:05.885623714Z	62	PC: 12e78 \| Close file
2018-12-17T22:43:05.887608195Z	79	PC: 12e7c \| Find next file
2018-12-17T22:43:05.891078629Z	59	PC: 12b4e \| Change current directory