Sample viewer

vx.netlux.org/Virus.DOS.Goma.1002

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:59:25.881443858Z 26 PC: 140f8 | Set disk transfer address
2018-12-17T22:59:25.883399863Z 250 PC: 144ab | UNKNOWN!
2018-12-17T22:59:25.885258343Z 42 PC: 144ab | Get date 0x144ab: ret
0x144ac: int 0x13
0x144ae: ret
0x144af: inc cx
0x144b0: jne 0x14514
0x144b3: jb 0x14519
0x144b5: and byte ptr gs:[bx + di + 0x6c], ah
0x144b9: jne 0x1452a
0x144bc: jae 0x144de
0x144be: imul bp, word ptr [bp + 0x73], 0x6174
0x144c3: outsb dx, byte ptr [si]
0x144c4: je 0x1452b
0x144c6: jae 0x144e8
0x144c8: and al, 0xe9
0x144cd: movsw word ptr es:[di], word ptr [si]
0x144ce: push ss
0x144cf: add word ptr [si + 3], si
0x144d2: call 0x14d90
0x144d5: call 0x172a7
0x144d8: mov al, byte ptr es:[0x36e]
2018-12-17T22:59:25.888644881Z 78 PC: 14148 | Find first file
2018-12-17T22:59:25.895884777Z 67 PC: 1421a | Get or set file attributes
2018-12-17T22:59:25.90340195Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:25.922158391Z 61 PC: 14227 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:59:25.930959419Z 87 PC: 1422f | Get or set file date and time
2018-12-17T22:59:25.933061005Z 63 PC: 1423c | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:59:25.954683396Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:25.956786655Z 64 PC: 1426e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:25.96090918Z 64 PC: 142c1 | Write file or device (Write 999 bytes on handle 5)
2018-12-17T22:59:25.97044442Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:25.983154369Z 64 PC: 1427c | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:25.991945035Z 87 PC: 14285 | Get or set file date and time
2018-12-17T22:59:25.994634664Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.006825711Z 62 PC: 1428f | Close file
2018-12-17T22:59:26.015768586Z 79 PC: 14158 | Find next file
2018-12-17T22:59:26.019447517Z 67 PC: 1421a | Get or set file attributes
2018-12-17T22:59:26.026099828Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.037167219Z 61 PC: 14227 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:59:26.045926475Z 87 PC: 1422f | Get or set file date and time
2018-12-17T22:59:26.047789636Z 63 PC: 1423c | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:59:26.055204536Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:26.058277136Z 64 PC: 1426e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:26.062395367Z 64 PC: 142c1 | Write file or device (Write 999 bytes on handle 5)
2018-12-17T22:59:26.072057004Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:26.074733137Z 64 PC: 1427c | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:26.082178889Z 87 PC: 14285 | Get or set file date and time
2018-12-17T22:59:26.084018922Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.096749791Z 62 PC: 1428f | Close file
2018-12-17T22:59:26.104595049Z 79 PC: 14158 | Find next file
2018-12-17T22:59:26.10769878Z 67 PC: 1421a | Get or set file attributes
2018-12-17T22:59:26.115154061Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.127370427Z 61 PC: 14227 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:59:26.134861988Z 87 PC: 1422f | Get or set file date and time
2018-12-17T22:59:26.136705994Z 63 PC: 1423c | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:59:26.144668707Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:26.146366179Z 64 PC: 1426e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:26.149457059Z 64 PC: 142c1 | Write file or device (Write 999 bytes on handle 5)
2018-12-17T22:59:26.160121498Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:26.161531998Z 64 PC: 1427c | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:26.168876423Z 87 PC: 14285 | Get or set file date and time
2018-12-17T22:59:26.171256439Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.183523897Z 62 PC: 1428f | Close file
2018-12-17T22:59:26.192078279Z 79 PC: 14158 | Find next file
2018-12-17T22:59:26.196701336Z 67 PC: 1421a | Get or set file attributes
2018-12-17T22:59:26.203358413Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.214490851Z 61 PC: 14227 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:59:26.222831879Z 87 PC: 1422f | Get or set file date and time
2018-12-17T22:59:26.2245439Z 63 PC: 1423c | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:59:26.232059564Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:26.235051995Z 64 PC: 1426e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:26.238571884Z 64 PC: 142c1 | Write file or device (Write 999 bytes on handle 5)
2018-12-17T22:59:26.24846451Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:26.250636548Z 64 PC: 1427c | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:26.262975611Z 87 PC: 14285 | Get or set file date and time
2018-12-17T22:59:26.264735763Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.277917639Z 62 PC: 1428f | Close file
2018-12-17T22:59:26.286096794Z 79 PC: 14158 | Find next file
2018-12-17T22:59:26.289466786Z 67 PC: 1421a | Get or set file attributes
2018-12-17T22:59:26.296296817Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.308486195Z 61 PC: 14227 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:59:26.322579307Z 87 PC: 1422f | Get or set file date and time
2018-12-17T22:59:26.324560114Z 63 PC: 1423c | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:59:26.332767946Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:26.334916399Z 64 PC: 1426e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:26.338300575Z 64 PC: 142c1 | Write file or device (Write 999 bytes on handle 5)
2018-12-17T22:59:26.348352542Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:26.350433071Z 64 PC: 1427c | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:26.358065806Z 87 PC: 14285 | Get or set file date and time
2018-12-17T22:59:26.360079324Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.377082161Z 62 PC: 1428f | Close file
2018-12-17T22:59:26.385564591Z 79 PC: 14158 | Find next file
2018-12-17T22:59:26.388764624Z 67 PC: 1421a | Get or set file attributes
2018-12-17T22:59:26.39555585Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.40660649Z 61 PC: 14227 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:59:26.414063246Z 87 PC: 1422f | Get or set file date and time
2018-12-17T22:59:26.416659343Z 63 PC: 1423c | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:59:26.424055989Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:26.426034451Z 64 PC: 1426e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:26.430056621Z 64 PC: 142c1 | Write file or device (Write 999 bytes on handle 5)
2018-12-17T22:59:26.440584Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:26.442530909Z 64 PC: 1427c | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:26.450870731Z 87 PC: 14285 | Get or set file date and time
2018-12-17T22:59:26.453450439Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.465635779Z 62 PC: 1428f | Close file
2018-12-17T22:59:26.473737933Z 79 PC: 14158 | Find next file
2018-12-17T22:59:26.47728805Z 67 PC: 1421a | Get or set file attributes
2018-12-17T22:59:26.483914088Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.495123589Z 61 PC: 14227 | Open file (Filename = 'PAH.COM')
2018-12-17T22:59:26.504024284Z 87 PC: 1422f | Get or set file date and time
2018-12-17T22:59:26.505990658Z 63 PC: 1423c | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:59:26.513576571Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:26.517727711Z 64 PC: 1426e | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:26.521446281Z 64 PC: 142c1 | Write file or device (Write 999 bytes on handle 5)
2018-12-17T22:59:26.531049974Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:26.532802954Z 64 PC: 1427c | Write file or device (Write 3 bytes on handle 5)
2018-12-17T22:59:26.537199644Z 87 PC: 14285 | Get or set file date and time
2018-12-17T22:59:26.538510071Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.5466068Z 62 PC: 1428f | Close file
2018-12-17T22:59:26.553488752Z 79 PC: 14158 | Find next file
2018-12-17T22:59:26.556981527Z 67 PC: 1421a | Get or set file attributes
2018-12-17T22:59:26.562516355Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.572196822Z 61 PC: 14227 | Open file (Filename = 'TEST.COM')
2018-12-17T22:59:26.583016467Z 87 PC: 1422f | Get or set file date and time
2018-12-17T22:59:26.584503871Z 63 PC: 1423c | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:59:26.590861041Z 66 PC: 142cd | Move file pointer
2018-12-17T22:59:26.592294868Z 67 PC: 142b4 | Get or set file attributes
2018-12-17T22:59:26.602114449Z 62 PC: 1428f | Close file
2018-12-17T22:59:26.604407587Z 79 PC: 14158 | Find next file
2018-12-17T22:59:26.606943379Z 26 PC: 1410b | Set disk transfer address
2018-12-17T22:59:26.608531458Z 48 PC: 12a63 | Get DOS version
2018-12-17T22:59:26.610388908Z 9 PC: 12a7a | Display string (String= ' --=[ Selfchecking AntiStealth Goat COM/EXE file, 01/06/01 ]=------------------ (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware ')
2018-12-17T22:59:26.619218895Z 61 PC: 12cb7 | Open file (Filename = '')
2018-12-17T22:59:26.6251291Z 9 PC: 12a88 | Display string (String= 'Self test: ')
2018-12-17T22:59:26.627692548Z 93 PC: 12b24 | File sharing functions
2018-12-17T22:59:26.629452937Z 9 PC: 12b03 | Display string (String= 'Size change=+03EAh/01002d. Virus might be activ? ')
2018-12-17T22:59:26.634488479Z 76 PC: 12b09 | Terminate with return code (Return code = '1')