Sample viewer

vx.netlux.org/Virus.DOS.AntiFort.1499

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:57:42.330071562Z 84 PC: 14331 | Get verify flag
2018-12-17T22:57:42.333095206Z 82 PC: 1433a | Get DOS internal pointers (SYSVARS)
2018-12-17T22:57:42.336504665Z 53 PC: 142d4 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:57:42.338111576Z 37 PC: 142e7 | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:57:42.340483825Z 48 PC: 12a63 | Get DOS version
2018-12-17T22:57:42.34374195Z 9 PC: 12a7a | Display string (String= ' --=[ Selfchecking AntiStealth Goat COM/EXE file, 01/06/01 ]=------------------ (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware ')
2018-12-17T22:57:42.356670784Z 61 PC: 12cb7 | Open file (Filename = '')
2018-12-17T22:57:42.365063912Z 9 PC: 12a88 | Display string (String= 'Self test: ')
2018-12-17T22:57:42.368863504Z 93 PC: 12b24 | File sharing functions
2018-12-17T22:57:42.371385585Z 9 PC: 12b03 | Display string (String= 'Size change=+05E6h/01510d. Virus might be activ? ')
2018-12-17T22:57:42.377501522Z 76 PC: 12b09 | Terminate with return code (Return code = '1')