Sample viewer

vx.netlux.org/Virus.DOS.Fis.736

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:06:37.970409028Z 78 PC: 12aab | Find first file
2018-12-17T22:06:37.977206616Z 47 PC: 12c56 | Get disk transfer address
2018-12-17T22:06:37.990368002Z 79 PC: 12abb | Find next file
2018-12-17T22:06:37.992752502Z 47 PC: 12c56 | Get disk transfer address
2018-12-17T22:06:37.994318691Z 79 PC: 12abb | Find next file
2018-12-17T22:06:37.997445268Z 47 PC: 12c56 | Get disk transfer address
2018-12-17T22:06:37.998628337Z 79 PC: 12abb | Find next file
2018-12-17T22:06:38.003423317Z 47 PC: 12c56 | Get disk transfer address
2018-12-17T22:06:38.004907506Z 79 PC: 12abb | Find next file
2018-12-17T22:06:38.007594136Z 47 PC: 12c56 | Get disk transfer address
2018-12-17T22:06:38.009266259Z 79 PC: 12abb | Find next file
2018-12-17T22:06:38.012717064Z 47 PC: 12c56 | Get disk transfer address
2018-12-17T22:06:38.014102752Z 79 PC: 12abb | Find next file
2018-12-17T22:06:38.016766183Z 47 PC: 12c56 | Get disk transfer address
2018-12-17T22:06:38.019205989Z 79 PC: 12abb | Find next file
2018-12-17T22:06:38.02188108Z 47 PC: 12c56 | Get disk transfer address
2018-12-17T22:06:38.023326441Z 61 PC: 12b07 | Open file (Filename = 'TEST.COM')
2018-12-17T22:06:38.030829642Z 87 PC: 12b17 | Get or set file date and time
2018-12-17T22:06:38.032432176Z 63 PC: 12b32 | Read file or device (Read 2836 bytes on handle 5)
2018-12-17T22:06:38.039429086Z 66 PC: 12b6a | Move file pointer
2018-12-17T22:06:38.041219343Z 44 PC: 12b75 | Get time 0x12b75: pop cx
0x12b76: ror dl, cl
0x12b78: mov byte ptr [si], dl
0x12b7a: inc si
0x12b7b: loop 0x12b70
0x12b7d: mov ah, 0x2c
0x12b7f: int 0x21
0x12b81: or dh, 1
0x12b84: mov byte ptr [0x10f], dh
0x12b88: mov ah, 0x2c
0x12b8a: int 0x21
0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
2018-12-17T22:06:38.04345593Z 44 PC: 12b75 | Get time 0x12b75: pop cx
0x12b76: ror dl, cl
0x12b78: mov byte ptr [si], dl
0x12b7a: inc si
0x12b7b: loop 0x12b70
0x12b7d: mov ah, 0x2c
0x12b7f: int 0x21
0x12b81: or dh, 1
0x12b84: mov byte ptr [0x10f], dh
0x12b88: mov ah, 0x2c
0x12b8a: int 0x21
0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
2018-12-17T22:06:38.046110572Z 44 PC: 12b75 | Get time 0x12b75: pop cx
0x12b76: ror dl, cl
0x12b78: mov byte ptr [si], dl
0x12b7a: inc si
0x12b7b: loop 0x12b70
0x12b7d: mov ah, 0x2c
0x12b7f: int 0x21
0x12b81: or dh, 1
0x12b84: mov byte ptr [0x10f], dh
0x12b88: mov ah, 0x2c
0x12b8a: int 0x21
0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
2018-12-17T22:06:38.048370439Z 44 PC: 12b75 | Get time 0x12b75: pop cx
0x12b76: ror dl, cl
0x12b78: mov byte ptr [si], dl
0x12b7a: inc si
0x12b7b: loop 0x12b70
0x12b7d: mov ah, 0x2c
0x12b7f: int 0x21
0x12b81: or dh, 1
0x12b84: mov byte ptr [0x10f], dh
0x12b88: mov ah, 0x2c
0x12b8a: int 0x21
0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
2018-12-17T22:06:38.050452045Z 44 PC: 12b75 | Get time 0x12b75: pop cx
0x12b76: ror dl, cl
0x12b78: mov byte ptr [si], dl
0x12b7a: inc si
0x12b7b: loop 0x12b70
0x12b7d: mov ah, 0x2c
0x12b7f: int 0x21
0x12b81: or dh, 1
0x12b84: mov byte ptr [0x10f], dh
0x12b88: mov ah, 0x2c
0x12b8a: int 0x21
0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
2018-12-17T22:06:38.05243567Z 44 PC: 12b75 | Get time 0x12b75: pop cx
0x12b76: ror dl, cl
0x12b78: mov byte ptr [si], dl
0x12b7a: inc si
0x12b7b: loop 0x12b70
0x12b7d: mov ah, 0x2c
0x12b7f: int 0x21
0x12b81: or dh, 1
0x12b84: mov byte ptr [0x10f], dh
0x12b88: mov ah, 0x2c
0x12b8a: int 0x21
0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
2018-12-17T22:06:38.054655568Z 44 PC: 12b75 | Get time 0x12b75: pop cx
0x12b76: ror dl, cl
0x12b78: mov byte ptr [si], dl
0x12b7a: inc si
0x12b7b: loop 0x12b70
0x12b7d: mov ah, 0x2c
0x12b7f: int 0x21
0x12b81: or dh, 1
0x12b84: mov byte ptr [0x10f], dh
0x12b88: mov ah, 0x2c
0x12b8a: int 0x21
0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
2018-12-17T22:06:38.056866903Z 44 PC: 12b75 | Get time 0x12b75: pop cx
0x12b76: ror dl, cl
0x12b78: mov byte ptr [si], dl
0x12b7a: inc si
0x12b7b: loop 0x12b70
0x12b7d: mov ah, 0x2c
0x12b7f: int 0x21
0x12b81: or dh, 1
0x12b84: mov byte ptr [0x10f], dh
0x12b88: mov ah, 0x2c
0x12b8a: int 0x21
0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
2018-12-17T22:06:38.058894654Z 44 PC: 12b75 | Get time 0x12b75: pop cx
0x12b76: ror dl, cl
0x12b78: mov byte ptr [si], dl
0x12b7a: inc si
0x12b7b: loop 0x12b70
0x12b7d: mov ah, 0x2c
0x12b7f: int 0x21
0x12b81: or dh, 1
0x12b84: mov byte ptr [0x10f], dh
0x12b88: mov ah, 0x2c
0x12b8a: int 0x21
0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
2018-12-17T22:06:38.061118268Z 44 PC: 12b75 | Get time 0x12b75: pop cx
0x12b76: ror dl, cl
0x12b78: mov byte ptr [si], dl
0x12b7a: inc si
0x12b7b: loop 0x12b70
0x12b7d: mov ah, 0x2c
0x12b7f: int 0x21
0x12b81: or dh, 1
0x12b84: mov byte ptr [0x10f], dh
0x12b88: mov ah, 0x2c
0x12b8a: int 0x21
0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
2018-12-17T22:06:38.063577618Z 44 PC: 12b75 | Get time 0x12b75: pop cx
0x12b76: ror dl, cl
0x12b78: mov byte ptr [si], dl
0x12b7a: inc si
0x12b7b: loop 0x12b70
0x12b7d: mov ah, 0x2c
0x12b7f: int 0x21
0x12b81: or dh, 1
0x12b84: mov byte ptr [0x10f], dh
0x12b88: mov ah, 0x2c
0x12b8a: int 0x21
0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
2018-12-17T22:06:38.065689026Z 44 PC: 12b75 | Get time 0x12b75: pop cx
0x12b76: ror dl, cl
0x12b78: mov byte ptr [si], dl
0x12b7a: inc si
0x12b7b: loop 0x12b70
0x12b7d: mov ah, 0x2c
0x12b7f: int 0x21
0x12b81: or dh, 1
0x12b84: mov byte ptr [0x10f], dh
0x12b88: mov ah, 0x2c
0x12b8a: int 0x21
0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
2018-12-17T22:06:38.067864981Z 44 PC: 12b81 | Get time 0x12b81: or dh, 1
0x12b84: mov byte ptr [0x10f], dh
0x12b88: mov ah, 0x2c
0x12b8a: int 0x21
0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
0x12b9e: mov di, 0xfbf4
0x12ba1: rep movsb byte ptr es:[di], byte ptr [si]
0x12ba3: pop es
0x12ba4: mov cx, 0x2e0
0x12ba7: sub cx, 0x50
0x12baa: mov si, 0xfbf4
0x12bad: add si, 0x50
2018-12-17T22:06:38.069978052Z 44 PC: 12b8c | Get time 0x12b8c: or dl, 1
0x12b8f: mov byte ptr [0x110], dh
0x12b93: push cs
0x12b94: pop ds
0x12b95: push es
0x12b96: mov cx, 0x2e0
0x12b99: mov si, 0x100
0x12b9c: push ds
0x12b9d: pop es
0x12b9e: mov di, 0xfbf4
0x12ba1: rep movsb byte ptr es:[di], byte ptr [si]
0x12ba3: pop es
0x12ba4: mov cx, 0x2e0
0x12ba7: sub cx, 0x50
0x12baa: mov si, 0xfbf4
0x12bad: add si, 0x50
0x12bb0: push cx
0x12bb1: mov cl, byte ptr [0x10f]
0x12bb5: mov al, byte ptr [si]
0x12bb7: ror al, cl
2018-12-17T22:06:38.072174528Z 64 PC: 12bf0 | Write file or device (Write 736 bytes on handle 5)
2018-12-17T22:06:38.085471036Z 66 PC: 12bff | Move file pointer
2018-12-17T22:06:38.086860926Z 64 PC: 12c12 | Write file or device (Write 2836 bytes on handle 5)
2018-12-17T22:06:38.094965076Z 87 PC: 12c29 | Get or set file date and time
2018-12-17T22:06:38.09627913Z 62 PC: 12c31 | Close file
2018-12-17T22:06:38.10514277Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/....). Size=00000834h/0000002100d bytes. ')
2018-12-17T22:06:38.11043207Z 48 PC: 12a8f | Get DOS version
2018-12-17T22:06:38.11173348Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-17T22:06:38.119593027Z 93 PC: 12afe | File sharing functions
2018-12-17T22:06:38.121429819Z 9 PC: 12a86 | Display string (String= 'Size change=05C0h/01472d. ')
2018-12-17T22:06:38.125288368Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')