Sample viewer

vx.netlux.org/Virus.DOS.V.376.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:12:15.44025899Z 171 PC: 1327f | UNKNOWN!
2018-12-17T23:12:15.441477682Z 73 PC: 1328f | Release memory
2018-12-17T23:12:15.445287877Z 88 PC: 13299 | case 0xGet or set allocation strateg:
2018-12-17T23:12:15.447154687Z 72 PC: 132a0 | Allocate memory
2018-12-17T23:12:15.449438993Z 53 PC: 132b2 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:12:15.452208491Z 37 PC: 132cd | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:12:15.454222408Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/....). Size=00000834h/0000002100d bytes. ')
2018-12-17T23:12:15.460620169Z 48 PC: 12a8f | Get DOS version
2018-12-17T23:12:15.463896029Z 53 PC: 9f876 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:12:15.465815439Z 37 PC: 9f876 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:12:15.467151641Z 67 PC: 9f876 | Get or set file attributes
2018-12-17T23:12:15.484744844Z 108 PC: 9f876 | Extended open/create file
2018-12-17T23:12:15.492258133Z 87 PC: 9f876 | Get or set file date and time
2018-12-17T23:12:15.494006751Z 66 PC: 9f876 | Move file pointer
2018-12-17T23:12:15.496305894Z 66 PC: 9f876 | Move file pointer
2018-12-17T23:12:15.497937352Z 66 PC: 9f876 | Move file pointer
2018-12-17T23:12:15.499592324Z 63 PC: 9f876 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:12:15.502873414Z 66 PC: 9f876 | Move file pointer
2018-12-17T23:12:15.504834502Z 64 PC: 9f876 | Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:12:15.507954018Z 66 PC: 9f876 | Move file pointer
2018-12-17T23:12:15.511148175Z 64 PC: 9f876 | Write file or device (Write 376 bytes on handle 5)
2018-12-17T23:12:15.520618023Z 87 PC: 9f876 | Get or set file date and time
2018-12-17T23:12:15.522609457Z 62 PC: 9f876 | Close file
2018-12-17T23:12:15.531201053Z 37 PC: 9f876 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')