Sample viewer

vx.netlux.org/Virus.DOS.RedArc.327

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:44:50.802281044Z 26 PC: 13e5e | Set disk transfer address
2018-12-17T22:44:50.804519809Z 78 PC: 13e6c | Find first file
2018-12-17T22:44:50.81186258Z 67 PC: 13e8a | Get or set file attributes
2018-12-17T22:44:50.831670743Z 61 PC: 13e8f | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:44:50.838317497Z 63 PC: 13e9e | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:44:50.858590903Z 66 PC: 13edf | Move file pointer
2018-12-17T22:44:50.861037117Z 64 PC: 13efa | Write file or device (Write 327 bytes on handle 5)
2018-12-17T22:44:50.873746768Z 66 PC: 13f03 | Move file pointer
2018-12-17T22:44:50.876465354Z 64 PC: 13f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:44:50.884086067Z 87 PC: 13ec0 | Get or set file date and time
2018-12-17T22:44:50.886450848Z 62 PC: 13ec4 | Close file
2018-12-17T22:44:50.913707661Z 79 PC: 13e6c | Find next file
2018-12-17T22:44:50.918085863Z 67 PC: 13e8a | Get or set file attributes
2018-12-17T22:44:50.929495943Z 61 PC: 13e8f | Open file (Filename = 'PRINT.COM')
2018-12-17T22:44:50.95254346Z 63 PC: 13e9e | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:44:50.963148087Z 66 PC: 13edf | Move file pointer
2018-12-17T22:44:50.966290088Z 64 PC: 13efa | Write file or device (Write 327 bytes on handle 5)
2018-12-17T22:44:50.973864584Z 66 PC: 13f03 | Move file pointer
2018-12-17T22:44:50.977214906Z 64 PC: 13f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:44:50.982780219Z 87 PC: 13ec0 | Get or set file date and time
2018-12-17T22:44:50.986062243Z 62 PC: 13ec4 | Close file
2018-12-17T22:44:51.002959198Z 79 PC: 13e6c | Find next file
2018-12-17T22:44:51.006380875Z 67 PC: 13e8a | Get or set file attributes
2018-12-17T22:44:51.024704419Z 61 PC: 13e8f | Open file (Filename = 'HELLO.COM')
2018-12-17T22:44:51.03851607Z 63 PC: 13e9e | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:44:51.053929809Z 66 PC: 13edf | Move file pointer
2018-12-17T22:44:51.055965663Z 64 PC: 13efa | Write file or device (Write 327 bytes on handle 5)
2018-12-17T22:44:51.061849213Z 66 PC: 13f03 | Move file pointer
2018-12-17T22:44:51.065996652Z 64 PC: 13f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:44:51.069281372Z 87 PC: 13ec0 | Get or set file date and time
2018-12-17T22:44:51.07278925Z 62 PC: 13ec4 | Close file
2018-12-17T22:44:51.081458382Z 79 PC: 13e6c | Find next file
2018-12-17T22:44:51.084879237Z 67 PC: 13e8a | Get or set file attributes
2018-12-17T22:44:51.097777572Z 61 PC: 13e8f | Open file (Filename = 'PHANG.COM')
2018-12-17T22:44:51.110300672Z 63 PC: 13e9e | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:44:51.117507197Z 66 PC: 13edf | Move file pointer
2018-12-17T22:44:51.119449465Z 64 PC: 13efa | Write file or device (Write 327 bytes on handle 5)
2018-12-17T22:44:51.121796282Z 66 PC: 13f03 | Move file pointer
2018-12-17T22:44:51.12307284Z 64 PC: 13f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:44:51.12586818Z 87 PC: 13ec0 | Get or set file date and time
2018-12-17T22:44:51.127237312Z 62 PC: 13ec4 | Close file
2018-12-17T22:44:51.133433298Z 79 PC: 13e6c | Find next file
2018-12-17T22:44:51.136087494Z 67 PC: 13e8a | Get or set file attributes
2018-12-17T22:44:51.146711256Z 61 PC: 13e8f | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:44:51.153602289Z 63 PC: 13e9e | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:44:51.161466309Z 66 PC: 13edf | Move file pointer
2018-12-17T22:44:51.163701677Z 64 PC: 13efa | Write file or device (Write 327 bytes on handle 5)
2018-12-17T22:44:51.167140596Z 66 PC: 13f03 | Move file pointer
2018-12-17T22:44:51.169948861Z 64 PC: 13f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:44:51.174012623Z 87 PC: 13ec0 | Get or set file date and time
2018-12-17T22:44:51.175729357Z 62 PC: 13ec4 | Close file
2018-12-17T22:44:51.183408409Z 79 PC: 13e6c | Find next file
2018-12-17T22:44:51.187754231Z 67 PC: 13e8a | Get or set file attributes
2018-12-17T22:44:51.197689762Z 61 PC: 13e8f | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:44:51.204361002Z 63 PC: 13e9e | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:44:51.210186062Z 66 PC: 13edf | Move file pointer
2018-12-17T22:44:51.211891194Z 64 PC: 13efa | Write file or device (Write 327 bytes on handle 5)
2018-12-17T22:44:51.219958947Z 66 PC: 13f03 | Move file pointer
2018-12-17T22:44:51.222284204Z 64 PC: 13f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:44:51.228432401Z 87 PC: 13ec0 | Get or set file date and time
2018-12-17T22:44:51.229891401Z 62 PC: 13ec4 | Close file
2018-12-17T22:44:51.238390705Z 79 PC: 13e6c | Find next file
2018-12-17T22:44:51.240966622Z 67 PC: 13e8a | Get or set file attributes
2018-12-17T22:44:51.251867055Z 61 PC: 13e8f | Open file (Filename = 'PAH.COM')
2018-12-17T22:44:51.258819453Z 63 PC: 13e9e | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:44:51.263949948Z 66 PC: 13edf | Move file pointer
2018-12-17T22:44:51.265290576Z 64 PC: 13efa | Write file or device (Write 327 bytes on handle 5)
2018-12-17T22:44:51.267818514Z 66 PC: 13f03 | Move file pointer
2018-12-17T22:44:51.269341695Z 64 PC: 13f10 | Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:44:51.271483808Z 87 PC: 13ec0 | Get or set file date and time
2018-12-17T22:44:51.273055721Z 62 PC: 13ec4 | Close file
2018-12-17T22:44:51.279897571Z 79 PC: 13e6c | Find next file
2018-12-17T22:44:51.283060852Z 67 PC: 13e8a | Get or set file attributes
2018-12-17T22:44:51.294935314Z 61 PC: 13e8f | Open file (Filename = 'TEST.COM')
2018-12-17T22:44:51.306586506Z 63 PC: 13e9e | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:44:51.310754695Z 87 PC: 13ec0 | Get or set file date and time
2018-12-17T22:44:51.312483823Z 62 PC: 13ec4 | Close file
2018-12-17T22:44:51.320727054Z 79 PC: 13e6c | Find next file
2018-12-17T22:44:51.323324533Z 26 PC: 13e7b | Set disk transfer address
2018-12-17T22:44:51.32486706Z 9 PC: 12a85 | Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:44:51.331665438Z 0 PC: 12a89 | Program terminate