Sample viewer

vx.netlux.org/Virus.DOS.Andreas.1126

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:07:42.291493659Z 42 PC: 12f63 | Get date 0x12f63: push dx
0x12f64: xor ax, ax
0x12f66: mov ds, ax
0x12f68: cli
0x12f69: mov ax, word ptr [0x84]
0x12f6c: mov word ptr cs:[bp + 0x23], ax
0x12f70: mov ax, word ptr [0x86]
0x12f73: mov word ptr cs:[bp + 0x25], ax
0x12f77: mov word ptr [0x84], 0x130
0x12f7d: mov word ptr [0x86], es
0x12f81: pop dx
0x12f82: cmp dl, 0x13
0x12f85: jne 0x12f9f
0x12f87: mov ax, word ptr [0x24]
0x12f8a: mov word ptr cs:[bp + 0x27], ax
0x12f8e: mov ax, word ptr [0x26]
0x12f91: mov word ptr cs:[bp + 0x29], ax
0x12f95: mov word ptr [0x24], 0x162
0x12f9b: mov word ptr [0x26], es
0x12f9f: sti
2018-12-17T23:07:42.294449315Z 9 PC: 12a82 | Display string (String= 'Goat file (COM). Size=0000014Dh/0000000333d bytes. ')
2018-12-17T23:07:42.317171695Z 76 PC: 12a86 | Terminate with return code (Return code = '36')