Sample viewer

vx.netlux.org/Virus.DOS.Hellfire.1124.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:47:41.807332097Z	78	PC: 12a47 \| Find first file
2018-12-17T22:47:41.814081278Z	61	PC: 12a51 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:47:41.821399075Z	64	PC: 12a5c \| Write file or device (Write 64 bytes on handle 5)
2018-12-17T22:47:41.828609402Z	62	PC: 12a60 \| Close file
2018-12-17T22:47:41.844125772Z	79	PC: 12a64 \| Find next file
2018-12-17T22:47:41.848389623Z	61	PC: 12a51 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:47:41.85553161Z	64	PC: 12a5c \| Write file or device (Write 64 bytes on handle 5)
2018-12-17T22:47:41.863273766Z	62	PC: 12a60 \| Close file
2018-12-17T22:47:41.876883705Z	79	PC: 12a64 \| Find next file
2018-12-17T22:47:41.880009226Z	61	PC: 12a51 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:47:41.887883029Z	64	PC: 12a5c \| Write file or device (Write 64 bytes on handle 5)
2018-12-17T22:47:41.896019986Z	62	PC: 12a60 \| Close file
2018-12-17T22:47:41.904431168Z	79	PC: 12a64 \| Find next file
2018-12-17T22:47:41.907593429Z	61	PC: 12a51 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:47:41.915803393Z	64	PC: 12a5c \| Write file or device (Write 64 bytes on handle 5)
2018-12-17T22:47:41.922896218Z	62	PC: 12a60 \| Close file
2018-12-17T22:47:41.931434859Z	79	PC: 12a64 \| Find next file
2018-12-17T22:47:41.934687561Z	61	PC: 12a51 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:47:41.942134551Z	64	PC: 12a5c \| Write file or device (Write 64 bytes on handle 5)
2018-12-17T22:47:41.949354255Z	62	PC: 12a60 \| Close file
2018-12-17T22:47:41.957885663Z	79	PC: 12a64 \| Find next file
2018-12-17T22:47:41.961700981Z	61	PC: 12a51 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:47:41.969359769Z	64	PC: 12a5c \| Write file or device (Write 64 bytes on handle 5)
2018-12-17T22:47:41.976787835Z	62	PC: 12a60 \| Close file
2018-12-17T22:47:41.985904672Z	79	PC: 12a64 \| Find next file
2018-12-17T22:47:41.989117078Z	61	PC: 12a51 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:47:42.002833767Z	64	PC: 12a5c \| Write file or device (Write 64 bytes on handle 5)
2018-12-17T22:47:42.011364374Z	62	PC: 12a60 \| Close file
2018-12-17T22:47:42.019779713Z	79	PC: 12a64 \| Find next file
2018-12-17T22:47:42.023383314Z	61	PC: 12a51 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:47:42.031432595Z	64	PC: 12a5c \| Write file or device (Write 64 bytes on handle 5)
2018-12-17T22:47:42.040216628Z	62	PC: 12a60 \| Close file
2018-12-17T22:47:42.048903528Z	79	PC: 12a64 \| Find next file