Sample viewer

vx.netlux.org/Virus.DOS.Goma.580

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:50:34.700221341Z	42	PC: 12dca \| Get date 0x12dca: ret 0x12dcb: int 0x13 0x12dcd: ret 0x12dce: jmp 0x12f1e 0x12dd1: call 0x132b4 0x12dd4: call 0x22a51 0x12dd7: jmp 0x12d6f 0x12dd9: cmp word ptr [0x2248], 0x21e0 0x12ddf: je 0x12e28 0x12de1: cmp word ptr [0x2248], 0x21d4 0x12de7: je 0x12e3d 0x12de9: cmp word ptr [0x2248], 0x21ec 0x12def: je 0x12e67 0x12df1: cmp word ptr [0x2248], 0x2211 0x12df7: jne 0x12dfc 0x12df9: jmp 0x12e88 0x12dfc: cmp word ptr [0x2248], 0x2237 0x12e02: je 0x12e80 0x12e04: cmp word ptr [0x2248], 0x21f8 0x12e0a: jne 0x12e0f
2018-12-17T22:50:34.703474956Z	78	PC: 12bf0 \| Find first file
2018-12-17T22:50:34.707769581Z	26	PC: 12bb3 \| Set disk transfer address
2018-12-17T22:50:34.709451505Z	42	PC: 12dca \| Get date 0x12dca: ret 0x12dcb: int 0x13 0x12dcd: ret 0x12dce: jmp 0x12f1e 0x12dd1: call 0x132b4 0x12dd4: call 0x22a51 0x12dd7: jmp 0x12d6f 0x12dd9: cmp word ptr [0x2248], 0x21e0 0x12ddf: je 0x12e28 0x12de1: cmp word ptr [0x2248], 0x21d4 0x12de7: je 0x12e3d 0x12de9: cmp word ptr [0x2248], 0x21ec 0x12def: je 0x12e67 0x12df1: cmp word ptr [0x2248], 0x2211 0x12df7: jne 0x12dfc 0x12df9: jmp 0x12e88 0x12dfc: cmp word ptr [0x2248], 0x2237 0x12e02: je 0x12e80 0x12e04: cmp word ptr [0x2248], 0x21f8 0x12e0a: jne 0x12e0f
2018-12-17T22:50:34.712215941Z	78	PC: 12bf0 \| Find first file
2018-12-17T22:50:34.717077307Z	26	PC: 12bb3 \| Set disk transfer address
2018-12-17T22:50:34.718752696Z	42	PC: 12dca \| Get date 0x12dca: ret 0x12dcb: int 0x13 0x12dcd: ret 0x12dce: jmp 0x12f1e 0x12dd1: call 0x132b4 0x12dd4: call 0x22a51 0x12dd7: jmp 0x12d6f 0x12dd9: cmp word ptr [0x2248], 0x21e0 0x12ddf: je 0x12e28 0x12de1: cmp word ptr [0x2248], 0x21d4 0x12de7: je 0x12e3d 0x12de9: cmp word ptr [0x2248], 0x21ec 0x12def: je 0x12e67 0x12df1: cmp word ptr [0x2248], 0x2211 0x12df7: jne 0x12dfc 0x12df9: jmp 0x12e88 0x12dfc: cmp word ptr [0x2248], 0x2237 0x12e02: je 0x12e80 0x12e04: cmp word ptr [0x2248], 0x21f8 0x12e0a: jne 0x12e0f
2018-12-17T22:50:34.721146163Z	78	PC: 12bf0 \| Find first file
2018-12-17T22:50:34.725906052Z	26	PC: 273 \| Set disk transfer address
2018-12-17T22:50:34.727529546Z	42	PC: 12dca \| Get date 0x12dca: ret 0x12dcb: int 0x13 0x12dcd: ret 0x12dce: jmp 0x12f1e 0x12dd1: call 0x132b4 0x12dd4: call 0x22a51 0x12dd7: jmp 0x12d6f 0x12dd9: cmp word ptr [0x2248], 0x21e0 0x12ddf: je 0x12e28 0x12de1: cmp word ptr [0x2248], 0x21d4 0x12de7: je 0x12e3d 0x12de9: cmp word ptr [0x2248], 0x21ec 0x12def: je 0x12e67 0x12df1: cmp word ptr [0x2248], 0x2211 0x12df7: jne 0x12dfc 0x12df9: jmp 0x12e88 0x12dfc: cmp word ptr [0x2248], 0x2237 0x12e02: je 0x12e80 0x12e04: cmp word ptr [0x2248], 0x21f8 0x12e0a: jne 0x12e0f
2018-12-17T22:50:34.729918491Z	78	PC: 12bf0 \| Find first file
2018-12-17T22:50:34.735094814Z	26	PC: 12bb3 \| Set disk transfer address
2018-12-17T22:50:34.736645958Z	42	PC: 12dca \| Get date 0x12dca: ret 0x12dcb: int 0x13 0x12dcd: ret 0x12dce: jmp 0x12f1e 0x12dd1: call 0x132b4 0x12dd4: call 0x22a51 0x12dd7: jmp 0x12d6f 0x12dd9: cmp word ptr [0x2248], 0x21e0 0x12ddf: je 0x12e28 0x12de1: cmp word ptr [0x2248], 0x21d4 0x12de7: je 0x12e3d 0x12de9: cmp word ptr [0x2248], 0x21ec 0x12def: je 0x12e67 0x12df1: cmp word ptr [0x2248], 0x2211 0x12df7: jne 0x12dfc 0x12df9: jmp 0x12e88 0x12dfc: cmp word ptr [0x2248], 0x2237 0x12e02: je 0x12e80 0x12e04: cmp word ptr [0x2248], 0x21f8 0x12e0a: jne 0x12e0f
2018-12-17T22:50:34.73909273Z	78	PC: 12bf0 \| Find first file
2018-12-17T22:50:34.753422808Z	26	PC: 12bb3 \| Set disk transfer address
2018-12-17T22:50:34.75891083Z	42	PC: 12dca \| Get date 0x12dca: ret 0x12dcb: int 0x13 0x12dcd: ret 0x12dce: jmp 0x12f1e 0x12dd1: call 0x132b4 0x12dd4: call 0x22a51 0x12dd7: jmp 0x12d6f 0x12dd9: cmp word ptr [0x2248], 0x21e0 0x12ddf: je 0x12e28 0x12de1: cmp word ptr [0x2248], 0x21d4 0x12de7: je 0x12e3d 0x12de9: cmp word ptr [0x2248], 0x21ec 0x12def: je 0x12e67 0x12df1: cmp word ptr [0x2248], 0x2211 0x12df7: jne 0x12dfc 0x12df9: jmp 0x12e88 0x12dfc: cmp word ptr [0x2248], 0x2237 0x12e02: je 0x12e80 0x12e04: cmp word ptr [0x2248], 0x21f8 0x12e0a: jne 0x12e0f
2018-12-17T22:50:34.761043173Z	78	PC: 2b0 \| Find first file
2018-12-17T22:50:34.766180294Z	26	PC: 12bb3 \| Set disk transfer address
2018-12-17T22:50:34.767560588Z	42	PC: 48a \| Get date 0x48a: or byte ptr [bx + si], al 0x48c: add byte ptr [bx + si], al 0x48e: add byte ptr [bx], al 0x490: pop ss 0x491: add byte ptr [bx + si], al 0x493: add byte ptr [bx + di], al 0x495: add byte ptr [bx + si], dl 0x497: add byte ptr [bx + si], al 0x499: add byte ptr [bx + si], al 0x49b: add byte ptr [bx + si], al 0x49d: add byte ptr [bx + si], al 0x49f: add byte ptr [bx + si], al 0x4a1: add byte ptr [bx + si], al 0x4a3: add byte ptr [bx + si], al 0x4a5: add byte ptr [bx + si], al 0x4a7: add byte ptr [bx + si + 0x67], al 0x4aa: add al, al 0x4ac: add byte ptr [bx + si], al 0x4ae: add byte ptr [bx + si], al 0x4b0: add byte ptr [bx + si], al
2018-12-17T22:50:34.769658179Z	78	PC: 12bf0 \| Find first file
2018-12-17T22:50:34.774488568Z	26	PC: 12bb3 \| Set disk transfer address