Sample viewer

vx.netlux.org/Virus.DOS.Search.148

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:48:36.256758759Z	78	PC: 13e68 \| Find first file
2018-12-17T22:48:36.274984834Z	61	PC: 13e79 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T22:48:36.281960111Z	63	PC: 13e83 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:48:36.296431251Z	66	PC: 13e94 \| Move file pointer
2018-12-17T22:48:36.298629071Z	64	PC: 13eb4 \| Write file or device (Write 148 bytes on handle 5)
2018-12-17T22:48:36.314372963Z	66	PC: 13ebd \| Move file pointer
2018-12-17T22:48:36.316402295Z	64	PC: 13ec9 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:48:36.338277548Z	62	PC: 13ecd \| Close file
2018-12-17T22:48:36.348200252Z	79	PC: 13e6f \| Find next file
2018-12-17T22:48:36.351608677Z	61	PC: 13e79 \| Open file (Filename = 'PRINT.COM')
2018-12-17T22:48:36.369136471Z	63	PC: 13e83 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:48:36.387068203Z	66	PC: 13e94 \| Move file pointer
2018-12-17T22:48:36.388999261Z	64	PC: 13eb4 \| Write file or device (Write 148 bytes on handle 5)
2018-12-17T22:48:36.392738507Z	66	PC: 13ebd \| Move file pointer
2018-12-17T22:48:36.406084033Z	64	PC: 13ec9 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:48:36.409259059Z	62	PC: 13ecd \| Close file
2018-12-17T22:48:36.417915974Z	79	PC: 13e6f \| Find next file
2018-12-17T22:48:36.425780422Z	61	PC: 13e79 \| Open file (Filename = 'HELLO.COM')
2018-12-17T22:48:36.435984064Z	63	PC: 13e83 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:48:36.450524574Z	66	PC: 13e94 \| Move file pointer
2018-12-17T22:48:36.45295993Z	64	PC: 13eb4 \| Write file or device (Write 148 bytes on handle 5)
2018-12-17T22:48:36.456901917Z	66	PC: 13ebd \| Move file pointer
2018-12-17T22:48:36.458731384Z	64	PC: 13ec9 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:48:36.461590977Z	62	PC: 13ecd \| Close file
2018-12-17T22:48:36.4744668Z	79	PC: 13e6f \| Find next file
2018-12-17T22:48:36.477369164Z	61	PC: 13e79 \| Open file (Filename = 'PHANG.COM')
2018-12-17T22:48:36.484550427Z	63	PC: 13e83 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:48:36.498365525Z	66	PC: 13e94 \| Move file pointer
2018-12-17T22:48:36.500646521Z	64	PC: 13eb4 \| Write file or device (Write 148 bytes on handle 5)
2018-12-17T22:48:36.504141628Z	66	PC: 13ebd \| Move file pointer
2018-12-17T22:48:36.507153056Z	64	PC: 13ec9 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:48:36.514372952Z	62	PC: 13ecd \| Close file
2018-12-17T22:48:36.523303993Z	79	PC: 13e6f \| Find next file
2018-12-17T22:48:36.527237865Z	61	PC: 13e79 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:48:36.534570943Z	63	PC: 13e83 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:48:36.541764219Z	66	PC: 13e94 \| Move file pointer
2018-12-17T22:48:36.54444185Z	64	PC: 13eb4 \| Write file or device (Write 148 bytes on handle 5)
2018-12-17T22:48:36.547755496Z	66	PC: 13ebd \| Move file pointer
2018-12-17T22:48:36.549602928Z	64	PC: 13ec9 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:48:36.55479338Z	62	PC: 13ecd \| Close file
2018-12-17T22:48:36.564779564Z	79	PC: 13e6f \| Find next file
2018-12-17T22:48:36.568202264Z	61	PC: 13e79 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T22:48:36.575818094Z	63	PC: 13e83 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:48:36.583916571Z	66	PC: 13e94 \| Move file pointer
2018-12-17T22:48:36.585998012Z	64	PC: 13eb4 \| Write file or device (Write 148 bytes on handle 5)
2018-12-17T22:48:36.595238584Z	66	PC: 13ebd \| Move file pointer
2018-12-17T22:48:36.597963955Z	64	PC: 13ec9 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:48:36.605755666Z	62	PC: 13ecd \| Close file
2018-12-17T22:48:36.615505655Z	79	PC: 13e6f \| Find next file
2018-12-17T22:48:36.619773494Z	61	PC: 13e79 \| Open file (Filename = 'PAH.COM')
2018-12-17T22:48:36.627597575Z	63	PC: 13e83 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:48:36.635231379Z	66	PC: 13e94 \| Move file pointer
2018-12-17T22:48:36.638557619Z	64	PC: 13eb4 \| Write file or device (Write 148 bytes on handle 5)
2018-12-17T22:48:36.641679594Z	66	PC: 13ebd \| Move file pointer
2018-12-17T22:48:36.643282166Z	64	PC: 13ec9 \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:48:36.646186052Z	62	PC: 13ecd \| Close file
2018-12-17T22:48:36.655054545Z	79	PC: 13e6f \| Find next file
2018-12-17T22:48:36.658464192Z	61	PC: 13e79 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:48:36.66664854Z	63	PC: 13e83 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:48:36.670692929Z	62	PC: 13ecd \| Close file
2018-12-17T22:48:36.673383655Z	79	PC: 13e6f \| Find next file
2018-12-17T22:48:36.677758636Z	9	PC: 12a85 \| Display string (String= 'Sophos Ltd, Oxford sacrificial COM goat 1400H bytes long ')
2018-12-17T22:48:36.685658328Z	0	PC: 12a89 \| Program terminate