Sample viewer

vx.netlux.org/Virus.DOS.7son.327

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:05:30.81431071Z 51 PC: 140fb | Get or set Ctrl-Break
2018-12-17T23:05:30.816568636Z 51 PC: 14103 | Get or set Ctrl-Break
2018-12-17T23:05:30.818500568Z 53 PC: 14108 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:30.820113049Z 37 PC: 14114 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:30.821754381Z 26 PC: 1411c | Set disk transfer address
2018-12-17T23:05:30.824835902Z 78 PC: 14147 | Find first file
2018-12-17T23:05:30.831846894Z 67 PC: 14170 | Get or set file attributes
2018-12-17T23:05:30.84351744Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:30.862326438Z 61 PC: 1417d | Open file (Filename = '----------- (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware $ -=[ registered: VSP-Kunden ]=- $')
2018-12-17T23:05:30.881948264Z 87 PC: 14185 | Get or set file date and time
2018-12-17T23:05:30.883978274Z 63 PC: 14192 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:05:30.892941778Z 66 PC: 141f7 | Move file pointer
2018-12-17T23:05:30.895186897Z 87 PC: 141da | Get or set file date and time
2018-12-17T23:05:30.897307246Z 62 PC: 141de | Close file
2018-12-17T23:05:30.906862518Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:30.918697629Z 79 PC: 14152 | Find next file
2018-12-17T23:05:30.922258649Z 67 PC: 14170 | Get or set file attributes
2018-12-17T23:05:30.930193284Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:30.942713388Z 61 PC: 1417d | Open file (Filename = '----------- (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware $ -=[ registered: VSP-Kunden ]=- $')
2018-12-17T23:05:30.962864964Z 87 PC: 14185 | Get or set file date and time
2018-12-17T23:05:30.965369288Z 63 PC: 14192 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:05:30.972828809Z 66 PC: 141f7 | Move file pointer
2018-12-17T23:05:30.974544893Z 87 PC: 141da | Get or set file date and time
2018-12-17T23:05:30.976270961Z 62 PC: 141de | Close file
2018-12-17T23:05:30.985255468Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:30.99653628Z 79 PC: 14152 | Find next file
2018-12-17T23:05:30.999876357Z 67 PC: 14170 | Get or set file attributes
2018-12-17T23:05:31.008373648Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:31.019615543Z 61 PC: 1417d | Open file (Filename = '----------- (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware $ -=[ registered: VSP-Kunden ]=- $')
2018-12-17T23:05:31.027611726Z 87 PC: 14185 | Get or set file date and time
2018-12-17T23:05:31.029893258Z 63 PC: 14192 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:05:31.037141611Z 66 PC: 141f7 | Move file pointer
2018-12-17T23:05:31.038894522Z 87 PC: 141da | Get or set file date and time
2018-12-17T23:05:31.041358187Z 62 PC: 141de | Close file
2018-12-17T23:05:31.049385607Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:31.0603042Z 79 PC: 14152 | Find next file
2018-12-17T23:05:31.063667227Z 67 PC: 14170 | Get or set file attributes
2018-12-17T23:05:31.071257205Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:31.082087765Z 61 PC: 1417d | Open file (Filename = '----------- (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware $ -=[ registered: VSP-Kunden ]=- $')
2018-12-17T23:05:31.090014526Z 87 PC: 14185 | Get or set file date and time
2018-12-17T23:05:31.091851463Z 63 PC: 14192 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:05:31.099560304Z 66 PC: 141f7 | Move file pointer
2018-12-17T23:05:31.10168153Z 87 PC: 141da | Get or set file date and time
2018-12-17T23:05:31.104211779Z 62 PC: 141de | Close file
2018-12-17T23:05:31.112536127Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:31.123604564Z 79 PC: 14152 | Find next file
2018-12-17T23:05:31.127985446Z 67 PC: 14170 | Get or set file attributes
2018-12-17T23:05:31.135286063Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:31.146183063Z 61 PC: 1417d | Open file (Filename = '----------- (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware $ -=[ registered: VSP-Kunden ]=- $')
2018-12-17T23:05:31.154335096Z 87 PC: 14185 | Get or set file date and time
2018-12-17T23:05:31.156161517Z 63 PC: 14192 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:05:31.163469568Z 66 PC: 141f7 | Move file pointer
2018-12-17T23:05:31.166488495Z 87 PC: 141da | Get or set file date and time
2018-12-17T23:05:31.168455419Z 62 PC: 141de | Close file
2018-12-17T23:05:31.17613171Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:31.18777826Z 79 PC: 14152 | Find next file
2018-12-17T23:05:31.190895074Z 67 PC: 14170 | Get or set file attributes
2018-12-17T23:05:31.19707813Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:31.208452681Z 61 PC: 1417d | Open file (Filename = '----------- (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware $ -=[ registered: VSP-Kunden ]=- $')
2018-12-17T23:05:31.217008833Z 87 PC: 14185 | Get or set file date and time
2018-12-17T23:05:31.21896653Z 63 PC: 14192 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:05:31.226222515Z 66 PC: 141f7 | Move file pointer
2018-12-17T23:05:31.229107394Z 87 PC: 141da | Get or set file date and time
2018-12-17T23:05:31.231128077Z 62 PC: 141de | Close file
2018-12-17T23:05:31.239018259Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:31.250797471Z 79 PC: 14152 | Find next file
2018-12-17T23:05:31.254389644Z 67 PC: 14170 | Get or set file attributes
2018-12-17T23:05:31.260913196Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:31.275642332Z 61 PC: 1417d | Open file (Filename = '----------- (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware $ -=[ registered: VSP-Kunden ]=- $')
2018-12-17T23:05:31.283297463Z 87 PC: 14185 | Get or set file date and time
2018-12-17T23:05:31.285123083Z 63 PC: 14192 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:05:31.29239602Z 66 PC: 141f7 | Move file pointer
2018-12-17T23:05:31.294788186Z 87 PC: 141da | Get or set file date and time
2018-12-17T23:05:31.296805051Z 62 PC: 141de | Close file
2018-12-17T23:05:31.304879493Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:31.316700429Z 79 PC: 14152 | Find next file
2018-12-17T23:05:31.319950023Z 67 PC: 14170 | Get or set file attributes
2018-12-17T23:05:31.326484397Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:31.338700124Z 61 PC: 1417d | Open file (Filename = '----------- (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware $ -=[ registered: VSP-Kunden ]=- $')
2018-12-17T23:05:31.346706077Z 87 PC: 14185 | Get or set file date and time
2018-12-17T23:05:31.348656386Z 63 PC: 14192 | Read file or device (Read 4 bytes on handle 5)
2018-12-17T23:05:31.356747374Z 87 PC: 141da | Get or set file date and time
2018-12-17T23:05:31.359135269Z 62 PC: 141de | Close file
2018-12-17T23:05:31.367227439Z 67 PC: 141e8 | Get or set file attributes
2018-12-17T23:05:31.378606956Z 79 PC: 14152 | Find next file
2018-12-17T23:05:31.382513658Z 37 PC: 1415b | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:05:31.384145006Z 51 PC: 14161 | Get or set Ctrl-Break
2018-12-17T23:05:31.385585049Z 48 PC: 12a63 | Get DOS version
2018-12-17T23:05:31.388271558Z 9 PC: 12a7a | Display string (String= ' --=[ Selfchecking AntiStealth Goat COM/EXE file, 01/06/01 ]=------------------ (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware ')
2018-12-17T23:05:31.400030101Z 61 PC: 12cb7 | Open file (Filename = '')
2018-12-17T23:05:31.407530641Z 9 PC: 12a88 | Display string (String= 'Self test: ')
2018-12-17T23:05:31.411204809Z 93 PC: 12b24 | File sharing functions
2018-12-17T23:05:31.414005598Z 9 PC: 12b03 | Display string (String= 'Size change=+0147h/00327d. Virus might be activ? ')
2018-12-17T23:05:31.420388409Z 76 PC: 12b09 | Terminate with return code (Return code = '1')