Sample viewer

vx.netlux.org/Virus.DOS.Nygus.295

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:46:11.81028454Z	26	PC: 12ca6 \| Set disk transfer address
2018-12-17T22:46:11.812243925Z	78	PC: 12ca6 \| Find first file
2018-12-17T22:46:11.818132345Z	67	PC: 12bed \| Get or set file attributes
2018-12-17T22:46:11.823431016Z	61	PC: 12ca6 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:46:11.83467175Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.836028748Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.837174307Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:11.843644494Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.845166861Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:11.847437319Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.848645456Z	64	PC: 12c46 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:46:11.851142298Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.852355265Z	64	PC: 12ca6 \| Write file or device (Write 295 bytes on handle 5)
2018-12-17T22:46:11.866684739Z	62	PC: 12c5a \| Close file
2018-12-17T22:46:11.87612515Z	79	PC: 12ca6 \| Find next file
2018-12-17T22:46:11.878602509Z	67	PC: 12bed \| Get or set file attributes
2018-12-17T22:46:11.884020598Z	61	PC: 12ca6 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:46:11.890672364Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.891967393Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.893188945Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:11.900053408Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.901419796Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:11.903799077Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.913874879Z	64	PC: 12c46 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:46:11.916499983Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.917841364Z	64	PC: 12ca6 \| Write file or device (Write 295 bytes on handle 5)
2018-12-17T22:46:11.920918159Z	62	PC: 12c5a \| Close file
2018-12-17T22:46:11.929550234Z	79	PC: 12ca6 \| Find next file
2018-12-17T22:46:11.932594715Z	67	PC: 12bed \| Get or set file attributes
2018-12-17T22:46:11.939037043Z	61	PC: 12ca6 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:46:11.946333741Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.948377856Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.950908022Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:11.957216012Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.958651895Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:11.965365878Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.966698253Z	64	PC: 12c46 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:46:11.969436225Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:11.971778562Z	64	PC: 12ca6 \| Write file or device (Write 295 bytes on handle 5)
2018-12-17T22:46:11.974583568Z	62	PC: 12c5a \| Close file
2018-12-17T22:46:11.982401237Z	79	PC: 12ca6 \| Find next file
2018-12-17T22:46:11.986004331Z	67	PC: 12bed \| Get or set file attributes
2018-12-17T22:46:11.992060436Z	61	PC: 12ca6 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:46:12.003728515Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.006311374Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.007899194Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:12.014334233Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.01617765Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:12.019866816Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.021585488Z	64	PC: 12c46 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:46:12.024964488Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.027711861Z	64	PC: 12ca6 \| Write file or device (Write 295 bytes on handle 5)
2018-12-17T22:46:12.030905019Z	62	PC: 12c5a \| Close file
2018-12-17T22:46:12.039102645Z	79	PC: 12ca6 \| Find next file
2018-12-17T22:46:12.042668065Z	67	PC: 12bed \| Get or set file attributes
2018-12-17T22:46:12.048531589Z	61	PC: 12ca6 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:46:12.055244216Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.057571984Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.059196951Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:12.06534651Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.06740135Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:12.069747188Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.071095051Z	64	PC: 12c46 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:46:12.075431056Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.076725405Z	64	PC: 12ca6 \| Write file or device (Write 295 bytes on handle 5)
2018-12-17T22:46:12.079252238Z	62	PC: 12c5a \| Close file
2018-12-17T22:46:12.087698176Z	79	PC: 12ca6 \| Find next file
2018-12-17T22:46:12.090224448Z	67	PC: 12bed \| Get or set file attributes
2018-12-17T22:46:12.095756784Z	61	PC: 12ca6 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:46:12.10276393Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.104434749Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.106163016Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:12.113377058Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.11474123Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:12.117127059Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.119190359Z	64	PC: 12c46 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:46:12.12176215Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.123091583Z	64	PC: 12ca6 \| Write file or device (Write 295 bytes on handle 5)
2018-12-17T22:46:12.131953961Z	62	PC: 12c5a \| Close file
2018-12-17T22:46:12.139739053Z	79	PC: 12ca6 \| Find next file
2018-12-17T22:46:12.142167371Z	67	PC: 12bed \| Get or set file attributes
2018-12-17T22:46:12.148368405Z	61	PC: 12ca6 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:46:12.15472633Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.15597509Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.157380651Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:12.163767116Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.165051643Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:12.167894775Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.169691072Z	64	PC: 12c46 \| Write file or device (Write 5 bytes on handle 5)
2018-12-17T22:46:12.17220512Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.173757285Z	64	PC: 12ca6 \| Write file or device (Write 295 bytes on handle 5)
2018-12-17T22:46:12.177068439Z	62	PC: 12c5a \| Close file
2018-12-17T22:46:12.184654656Z	79	PC: 12ca6 \| Find next file
2018-12-17T22:46:12.187183369Z	67	PC: 12bed \| Get or set file attributes
2018-12-17T22:46:12.194226276Z	61	PC: 12ca6 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:46:12.200556506Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.201923709Z	66	PC: 12c94 \| Move file pointer
2018-12-17T22:46:12.204201903Z	63	PC: 12ca6 \| Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:46:12.210415478Z	62	PC: 12c5a \| Close file
2018-12-17T22:46:12.212229441Z	79	PC: 12ca6 \| Find next file
2018-12-17T22:46:12.216746255Z	9	PC: 12a82 \| Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-17T22:46:12.220958205Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')