Sample viewer

vx.netlux.org/Virus.DOS.Goma.1524

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:03:01.103681585Z 26 PC: 12a54 | Set disk transfer address
2018-12-17T23:03:01.111140747Z 250 PC: 12c25 | UNKNOWN!
2018-12-17T23:03:01.112631479Z 42 PC: 12c25 | Get date 0x12c25: ret
0x12c26: pop bx
0x12c27: push sp
0x12c28: inc sp
0x12c29: inc di
0x12c2a: daa
0x12c2b: cmp word ptr [bx + di], di
0x12c2d: pop bp
0x12c2e: or ax, 0x200a
0x12c31: and byte ptr [bx + si], ah
0x12c33: and byte ptr [bx + si], ah
0x12c35: and byte ptr [bx + si], ah
0x12c37: inc di
0x12c38: outsw dx, word ptr [si]
0x12c39: insw word ptr es:[di], dx
0x12c3a: popaw
0x12c3b: pop di
0x12c3c: inc bp
0x12c3d: pop ax
0x12c3e: inc bp
2018-12-17T23:03:01.115034489Z 71 PC: 12ae2 | Get current directory
2018-12-17T23:03:01.118666014Z 78 PC: 12b0f | Find first file
2018-12-17T23:03:01.125099645Z 67 PC: 12b2c | Get or set file attributes
2018-12-17T23:03:01.138460549Z 67 PC: 12b7b | Get or set file attributes
2018-12-17T23:03:01.158237785Z 61 PC: 12b39 | Open file (Filename = 'TEST.EXE')
2018-12-17T23:03:01.168873006Z 87 PC: 12b41 | Get or set file date and time
2018-12-17T23:03:01.17071915Z 63 PC: 12b4e | Read file or device (Read 28 bytes on handle 5)
2018-12-17T23:03:01.177438512Z 66 PC: 12bc4 | Move file pointer
2018-12-17T23:03:01.180126848Z 64 PC: 12c0c | Write file or device (Write 1524 bytes on handle 5)
2018-12-17T23:03:01.189189766Z 66 PC: 12c14 | Move file pointer
2018-12-17T23:03:01.190851285Z 64 PC: 12c20 | Write file or device (Write 28 bytes on handle 5)
2018-12-17T23:03:01.194238551Z 87 PC: 12b68 | Get or set file date and time
2018-12-17T23:03:01.195807429Z 67 PC: 12b7b | Get or set file attributes
2018-12-17T23:03:01.20858178Z 62 PC: 12b72 | Close file
2018-12-17T23:03:01.216254185Z 79 PC: 12b20 | Find next file
2018-12-17T23:03:01.218671549Z 59 PC: 12af3 | Change current directory
2018-12-17T23:03:01.22339927Z 59 PC: 12b01 | Change current directory
2018-12-17T23:03:01.228083844Z 26 PC: 12a8a | Set disk transfer address