Sample viewer

vx.netlux.org/Virus.DOS.Chapa.447

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:12:06.303718175Z 53 PC: 12b97 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:12:06.308383068Z 37 PC: 12bb9 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:12:06.310178574Z 53 PC: 12bbe | Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T23:12:06.311636886Z 37 PC: 12bce | Set interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T23:12:06.314277001Z 48 PC: 12a63 | Get DOS version
2018-12-17T23:12:06.315956399Z 9 PC: 12a7a | Display string (String= ' --=[ Selfchecking AntiStealth Goat COM/EXE file, 01/06/01 ]=------------------ (c) 1995-2001 by ROSE SWE, Dipl.-Ing. Ralph Roth - Version 1.18 - Freeware ')
2018-12-17T23:12:06.326084415Z 61 PC: 12cb7 | Open file (Filename = '')
2018-12-17T23:12:06.333797289Z 9 PC: 12a88 | Display string (String= 'Self test: ')
2018-12-17T23:12:06.337958685Z 93 PC: 12b24 | File sharing functions
2018-12-17T23:12:06.340465038Z 9 PC: 12b03 | Display string (String= 'Size change=+01BFh/00447d. Virus might be activ? ')
2018-12-17T23:12:06.347317604Z 76 PC: 12b09 | Terminate with return code (Return code = '1')