Sample viewer

vx.netlux.org/Virus.DOS.AVCS.275

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:47:39.463413178Z 26 PC: 14114 | Set disk transfer address
2018-12-17T22:47:39.4649577Z 78 PC: 14128 | Find first file
2018-12-17T22:47:39.469046156Z 61 PC: 1413e | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:47:39.476047566Z 63 PC: 1417a | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:47:39.487885616Z 66 PC: 141d6 | Move file pointer
2018-12-17T22:47:39.489670839Z 64 PC: 141ae | Write file or device (Write 275 bytes on handle 5)
2018-12-17T22:47:39.505430057Z 66 PC: 141d6 | Move file pointer
2018-12-17T22:47:39.508143629Z 64 PC: 141bf | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:39.515341526Z 87 PC: 141c6 | Get or set file date and time
2018-12-17T22:47:39.516965747Z 62 PC: 14161 | Close file
2018-12-17T22:47:39.525702708Z 79 PC: 14128 | Find next file
2018-12-17T22:47:39.528934628Z 61 PC: 1413e | Open file (Filename = 'PRINT.COM')
2018-12-17T22:47:39.5373643Z 62 PC: 14161 | Close file
2018-12-17T22:47:39.539558022Z 79 PC: 14128 | Find next file
2018-12-17T22:47:39.544344247Z 61 PC: 1413e | Open file (Filename = 'HELLO.COM')
2018-12-17T22:47:39.551721008Z 62 PC: 14161 | Close file
2018-12-17T22:47:39.553651804Z 79 PC: 14128 | Find next file
2018-12-17T22:47:39.557051946Z 61 PC: 1413e | Open file (Filename = 'PHANG.COM')
2018-12-17T22:47:39.564378245Z 62 PC: 14161 | Close file
2018-12-17T22:47:39.56625821Z 79 PC: 14128 | Find next file
2018-12-17T22:47:39.569530524Z 61 PC: 1413e | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:47:39.577195149Z 62 PC: 14161 | Close file
2018-12-17T22:47:39.579645514Z 79 PC: 14128 | Find next file
2018-12-17T22:47:39.58333511Z 61 PC: 1413e | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:47:39.590746493Z 63 PC: 1417a | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:47:39.59853258Z 66 PC: 141d6 | Move file pointer
2018-12-17T22:47:39.601001877Z 64 PC: 141ae | Write file or device (Write 275 bytes on handle 5)
2018-12-17T22:47:39.609905944Z 66 PC: 141d6 | Move file pointer
2018-12-17T22:47:39.611485564Z 64 PC: 141bf | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:39.620148442Z 87 PC: 141c6 | Get or set file date and time
2018-12-17T22:47:39.622155253Z 62 PC: 14161 | Close file
2018-12-17T22:47:39.630061229Z 79 PC: 14128 | Find next file
2018-12-17T22:47:39.632480876Z 61 PC: 1413e | Open file (Filename = 'PAH.COM')
2018-12-17T22:47:39.637265812Z 62 PC: 14161 | Close file
2018-12-17T22:47:39.638690659Z 79 PC: 14128 | Find next file
2018-12-17T22:47:39.641039452Z 61 PC: 1413e | Open file (Filename = 'TEST.COM')
2018-12-17T22:47:39.64607449Z 63 PC: 1417a | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:47:39.648398579Z 66 PC: 141d6 | Move file pointer
2018-12-17T22:47:39.650121321Z 64 PC: 141ae | Write file or device (Write 275 bytes on handle 5)
2018-12-17T22:47:39.656797078Z 66 PC: 141d6 | Move file pointer
2018-12-17T22:47:39.658154954Z 64 PC: 141bf | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:47:39.660685206Z 87 PC: 141c6 | Get or set file date and time
2018-12-17T22:47:39.662708453Z 62 PC: 14161 | Close file
2018-12-17T22:47:39.668314173Z 79 PC: 14128 | Find next file
2018-12-17T22:47:39.670355199Z 26 PC: 141cf | Set disk transfer address
2018-12-17T22:47:39.675175491Z 48 PC: 12a63 | Get DOS version
2018-12-17T22:47:39.67673129Z 9 PC: 12a7a | Display string (String= ' --=[ Selfchecking AntiStealth Goat COM/EXE file, 01/06/01 ]=------------------ (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware ')
2018-12-17T22:47:39.688891172Z 61 PC: 12cb7 | Open file (Filename = '')
2018-12-17T22:47:39.703937826Z 9 PC: 12a88 | Display string (String= 'Self test: ')
2018-12-17T22:47:39.706824061Z 93 PC: 12b24 | File sharing functions
2018-12-17T22:47:39.709228151Z 9 PC: 12b03 | Display string (String= 'Size change=+0226h/00550d. Virus might be activ? ')
2018-12-17T22:47:39.716153683Z 76 PC: 12b09 | Terminate with return code (Return code = '1')