Sample viewer

vx.netlux.org/Virus.DOS.PZ.826

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:07:17.386213415Z	98	PC: 17ab0 \| Get current PSP
2018-12-17T23:07:17.387383934Z	53	PC: 17ac3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:07:17.388462954Z	37	PC: 17aff \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:07:17.389548964Z	42	PC: 178ce \| Get date 0x178ce: cmp al, 5 0x178d0: jne 0x178da 0x178d2: cmp dl, 0xd 0x178d5: jne 0x178da 0x178d7: call 0x178db 0x178da: ret 0x178db: mov ah, 8 0x178dd: mov dl, 0x80 0x178df: int 0x13 0x178e1: mov ax, cx 0x178e3: mov cl, 0xa 0x178e5: shr ax, cl 0x178e7: mov byte ptr cs:[bp + 0x169], al 0x178ec: xor ch, ch 0x178ee: mov cl, dh 0x178f0: inc cl 0x178f2: push cx 0x178f3: mov ah, 3 0x178f5: mov dl, 0x80 0x178f7: mov dh, cl
2018-12-17T23:07:17.392998807Z	9	PC: 12a47 \| Display string (String= 'This GOAT file was generated by Andreas Marx. ROSEGOAT by RR! (23.08.1998) File: ROSE001.COM - 20.000 (4E20h) bytes length! ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15814,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:34.113302788Z	98	PC: 17ab0 \| Get current PSP
2018-12-25T12:44:34.11539363Z	53	PC: 17ac3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:34.116933456Z	37	PC: 17aff \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:34.118793512Z	42	PC: 178ce \| Get date 0x178ce: cmp al, 5 0x178d0: jne 0x178da 0x178d2: cmp dl, 0xd 0x178d5: jne 0x178da 0x178d7: call 0x178db 0x178da: ret 0x178db: mov ah, 8 0x178dd: mov dl, 0x80 0x178df: int 0x13 0x178e1: mov ax, cx 0x178e3: mov cl, 0xa 0x178e5: shr ax, cl 0x178e7: mov byte ptr cs:[bp + 0x169], al 0x178ec: xor ch, ch 0x178ee: mov cl, dh 0x178f0: inc cl 0x178f2: push cx 0x178f3: mov ah, 3 0x178f5: mov dl, 0x80 0x178f7: mov dh, cl
2018-12-25T12:44:34.121815282Z	9	PC: 12a47 \| Display string (String= 'This GOAT file was generated by Andreas Marx. ROSEGOAT by RR! (23.08.1998) File: ROSE001.COM - 20.000 (4E20h) bytes length! ')

{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15814,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:34.177240545Z	98	PC: 17ab0 \| Get current PSP
2018-12-25T12:44:34.179383332Z	53	PC: 17ac3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:34.180787927Z	37	PC: 17aff \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:34.181966554Z	42	PC: 178ce \| Get date 0x178ce: cmp al, 5 0x178d0: jne 0x178da 0x178d2: cmp dl, 0xd 0x178d5: jne 0x178da 0x178d7: call 0x178db 0x178da: ret 0x178db: mov ah, 8 0x178dd: mov dl, 0x80 0x178df: int 0x13 0x178e1: mov ax, cx 0x178e3: mov cl, 0xa 0x178e5: shr ax, cl 0x178e7: mov byte ptr cs:[bp + 0x169], al 0x178ec: xor ch, ch 0x178ee: mov cl, dh 0x178f0: inc cl 0x178f2: push cx 0x178f3: mov ah, 3 0x178f5: mov dl, 0x80 0x178f7: mov dh, cl
2018-12-25T12:44:34.185082984Z	9	PC: 12a47 \| Display string (String= 'This GOAT file was generated by Andreas Marx. ROSEGOAT by RR! (23.08.1998) File: ROSE001.COM - 20.000 (4E20h) bytes length! ')

{"DateBased":true,"Day":13,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15814,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:35.828708747Z	98	PC: 17ab0 \| Get current PSP
2018-12-25T12:44:35.829959475Z	53	PC: 17ac3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:35.831129139Z	37	PC: 17aff \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:35.832194556Z	42	PC: 178ce \| Get date 0x178ce: cmp al, 5 0x178d0: jne 0x178da 0x178d2: cmp dl, 0xd 0x178d5: jne 0x178da 0x178d7: call 0x178db 0x178da: ret 0x178db: mov ah, 8 0x178dd: mov dl, 0x80 0x178df: int 0x13 0x178e1: mov ax, cx 0x178e3: mov cl, 0xa 0x178e5: shr ax, cl 0x178e7: mov byte ptr cs:[bp + 0x169], al 0x178ec: xor ch, ch 0x178ee: mov cl, dh 0x178f0: inc cl 0x178f2: push cx 0x178f3: mov ah, 3 0x178f5: mov dl, 0x80 0x178f7: mov dh, cl

{"DateBased":true,"Day":4,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15814,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:36.04922209Z	98	PC: 17ab0 \| Get current PSP
2018-12-25T12:44:36.051346171Z	53	PC: 17ac3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:36.052426072Z	37	PC: 17aff \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:36.053346068Z	42	PC: 178ce \| Get date 0x178ce: cmp al, 5 0x178d0: jne 0x178da 0x178d2: cmp dl, 0xd 0x178d5: jne 0x178da 0x178d7: call 0x178db 0x178da: ret 0x178db: mov ah, 8 0x178dd: mov dl, 0x80 0x178df: int 0x13 0x178e1: mov ax, cx 0x178e3: mov cl, 0xa 0x178e5: shr ax, cl 0x178e7: mov byte ptr cs:[bp + 0x169], al 0x178ec: xor ch, ch 0x178ee: mov cl, dh 0x178f0: inc cl 0x178f2: push cx 0x178f3: mov ah, 3 0x178f5: mov dl, 0x80 0x178f7: mov dh, cl
2018-12-25T12:44:36.055254031Z	9	PC: 12a47 \| Display string (String= 'This GOAT file was generated by Andreas Marx. ROSEGOAT by RR! (23.08.1998) File: ROSE001.COM - 20.000 (4E20h) bytes length! ')

{"DateBased":true,"Day":13,"Month":6,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15814,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:36.737308588Z	98	PC: 17ab0 \| Get current PSP
2018-12-25T12:44:36.738737365Z	53	PC: 17ac3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:36.740057627Z	37	PC: 17aff \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:36.741446833Z	42	PC: 178ce \| Get date 0x178ce: cmp al, 5 0x178d0: jne 0x178da 0x178d2: cmp dl, 0xd 0x178d5: jne 0x178da 0x178d7: call 0x178db 0x178da: ret 0x178db: mov ah, 8 0x178dd: mov dl, 0x80 0x178df: int 0x13 0x178e1: mov ax, cx 0x178e3: mov cl, 0xa 0x178e5: shr ax, cl 0x178e7: mov byte ptr cs:[bp + 0x169], al 0x178ec: xor ch, ch 0x178ee: mov cl, dh 0x178f0: inc cl 0x178f2: push cx 0x178f3: mov ah, 3 0x178f5: mov dl, 0x80 0x178f7: mov dh, cl

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":15814,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T12:44:36.961380821Z	98	PC: 17ab0 \| Get current PSP
2018-12-25T12:44:36.962962466Z	53	PC: 17ac3 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:36.964355302Z	37	PC: 17aff \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-25T12:44:36.965538983Z	42	PC: 178ce \| Get date 0x178ce: cmp al, 5 0x178d0: jne 0x178da 0x178d2: cmp dl, 0xd 0x178d5: jne 0x178da 0x178d7: call 0x178db 0x178da: ret 0x178db: mov ah, 8 0x178dd: mov dl, 0x80 0x178df: int 0x13 0x178e1: mov ax, cx 0x178e3: mov cl, 0xa 0x178e5: shr ax, cl 0x178e7: mov byte ptr cs:[bp + 0x169], al 0x178ec: xor ch, ch 0x178ee: mov cl, dh 0x178f0: inc cl 0x178f2: push cx 0x178f3: mov ah, 3 0x178f5: mov dl, 0x80 0x178f7: mov dh, cl
2018-12-25T12:44:36.967990764Z	9	PC: 12a47 \| Display string (String= 'This GOAT file was generated by Andreas Marx. ROSEGOAT by RR! (23.08.1998) File: ROSE001.COM - 20.000 (4E20h) bytes length! ')