Sample viewer

vx.netlux.org/Virus.DOS.Torm.279

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:45:58.118719879Z	78	PC: 13e64 \| Find first file
2018-12-17T22:45:58.126189626Z	61	PC: 13e6e \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:45:58.133585725Z	63	PC: 13e86 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:45:58.142877503Z	66	PC: 13ea3 \| Move file pointer
2018-12-17T22:45:58.145482388Z	64	PC: 13eb4 \| Write file or device (Write 279 bytes on handle 5)
2018-12-17T22:45:58.164682966Z	66	PC: 13ebf \| Move file pointer
2018-12-17T22:45:58.166909446Z	64	PC: 13ecb \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:45:58.189516654Z	62	PC: 13ed1 \| Close file
2018-12-17T22:45:58.199134596Z	79	PC: 13e64 \| Find next file
2018-12-17T22:45:58.214933632Z	61	PC: 13e6e \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:45:58.22317775Z	63	PC: 13e86 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:45:58.242073545Z	66	PC: 13ea3 \| Move file pointer
2018-12-17T22:45:58.243769689Z	64	PC: 13eb4 \| Write file or device (Write 279 bytes on handle 5)
2018-12-17T22:45:58.247293986Z	66	PC: 13ebf \| Move file pointer
2018-12-17T22:45:58.250142809Z	64	PC: 13ecb \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:45:58.262677345Z	62	PC: 13ed1 \| Close file
2018-12-17T22:45:58.27221946Z	79	PC: 13e64 \| Find next file
2018-12-17T22:45:58.281613651Z	61	PC: 13e6e \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:45:58.302688496Z	63	PC: 13e86 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:45:58.310010931Z	66	PC: 13ea3 \| Move file pointer
2018-12-17T22:45:58.312413149Z	64	PC: 13eb4 \| Write file or device (Write 279 bytes on handle 5)
2018-12-17T22:45:58.32017896Z	66	PC: 13ebf \| Move file pointer
2018-12-17T22:45:58.330496064Z	64	PC: 13ecb \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:45:58.346083884Z	62	PC: 13ed1 \| Close file
2018-12-17T22:45:58.364811657Z	79	PC: 13e64 \| Find next file
2018-12-17T22:45:58.368291832Z	61	PC: 13e6e \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:45:58.391091315Z	63	PC: 13e86 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:45:58.398973255Z	66	PC: 13ea3 \| Move file pointer
2018-12-17T22:45:58.401107285Z	64	PC: 13eb4 \| Write file or device (Write 279 bytes on handle 5)
2018-12-17T22:45:58.40825033Z	66	PC: 13ebf \| Move file pointer
2018-12-17T22:45:58.422595566Z	64	PC: 13ecb \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:45:58.425609654Z	62	PC: 13ed1 \| Close file
2018-12-17T22:45:58.448017891Z	79	PC: 13e64 \| Find next file
2018-12-17T22:45:58.45189447Z	61	PC: 13e6e \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:45:58.4595809Z	63	PC: 13e86 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:45:58.483683149Z	66	PC: 13ea3 \| Move file pointer
2018-12-17T22:45:58.486011963Z	64	PC: 13eb4 \| Write file or device (Write 279 bytes on handle 5)
2018-12-17T22:45:58.489181029Z	66	PC: 13ebf \| Move file pointer
2018-12-17T22:45:58.490848538Z	64	PC: 13ecb \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:45:58.507101434Z	62	PC: 13ed1 \| Close file
2018-12-17T22:45:58.5158982Z	79	PC: 13e64 \| Find next file
2018-12-17T22:45:58.519297843Z	61	PC: 13e6e \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:45:58.542401169Z	63	PC: 13e86 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:45:58.562610325Z	66	PC: 13ea3 \| Move file pointer
2018-12-17T22:45:58.564318892Z	64	PC: 13eb4 \| Write file or device (Write 279 bytes on handle 5)
2018-12-17T22:45:58.574461116Z	66	PC: 13ebf \| Move file pointer
2018-12-17T22:45:58.576719206Z	64	PC: 13ecb \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:45:58.597794003Z	62	PC: 13ed1 \| Close file
2018-12-17T22:45:58.623919518Z	79	PC: 13e64 \| Find next file
2018-12-17T22:45:58.627166959Z	61	PC: 13e6e \| Open file (Filename = 'PAH.COM')
2018-12-17T22:45:58.634918306Z	63	PC: 13e86 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:45:58.662951486Z	66	PC: 13ea3 \| Move file pointer
2018-12-17T22:45:58.66628797Z	64	PC: 13eb4 \| Write file or device (Write 279 bytes on handle 5)
2018-12-17T22:45:58.669786555Z	66	PC: 13ebf \| Move file pointer
2018-12-17T22:45:58.671812689Z	64	PC: 13ecb \| Write file or device (Write 4 bytes on handle 5)
2018-12-17T22:45:58.676115417Z	62	PC: 13ed1 \| Close file
2018-12-17T22:45:58.708039534Z	79	PC: 13e64 \| Find next file
2018-12-17T22:45:58.711021923Z	61	PC: 13e6e \| Open file (Filename = 'TEST.COM')
2018-12-17T22:45:58.719573174Z	63	PC: 13e86 \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:45:58.730343045Z	79	PC: 13e64 \| Find next file
2018-12-17T22:45:58.733460113Z	9	PC: 12a85 \| Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:45:58.742370911Z	0	PC: 12a89 \| Program terminate