Sample viewer

vx.netlux.org/Virus.DOS.Emas.2456

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:12:32.354537592Z	149	PC: 13b39 \| UNKNOWN!
2018-12-17T22:12:32.35528653Z	98	PC: 13bcc \| Get current PSP
2018-12-17T22:12:32.356610428Z	74	PC: 13bdd \| Reallocate memory
2018-12-17T22:12:32.358170539Z	74	PC: 13bf5 \| Reallocate memory
2018-12-17T22:12:32.360074658Z	53	PC: 13c20 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:12:32.362000536Z	37	PC: 13c31 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:12:32.363238447Z	48	PC: 13c35 \| Get DOS version
2018-12-17T22:12:32.364635637Z	82	PC: 13c43 \| Get DOS internal pointers (SYSVARS)
2018-12-17T22:12:32.368082418Z	9	PC: 12a82 \| Display string (String= 'Goat file (EXE). Size=000011A0h/0000004512d bytes. ')
2018-12-17T22:12:32.372127596Z	76	PC: 12a86 \| Terminate with return code (Return code = '36')
2018-12-17T22:12:32.375075629Z	37	PC: 9f2bc \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:12:32.376618378Z	74	PC: 9f2c3 \| Reallocate memory
2018-12-17T22:12:32.378677682Z	74	PC: 9f2da \| Reallocate memory
2018-12-17T22:12:32.380867062Z	37	PC: 9f2f0 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:12:32.382864428Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:12:32.384346401Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:12:32.386122789Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:12:32.388305602Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:12:32.389618917Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:12:32.390848705Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:12:32.392512449Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.3944846Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.396505143Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.398399185Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.401698832Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.404481445Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.406071286Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.407894565Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.409422965Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.410832931Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.412879604Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.414438984Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.416200499Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.426244448Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.430396526Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.432051421Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.44584776Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.447342642Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.449587377Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.451900466Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.453465123Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.454839307Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.456932317Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.45842201Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.459993579Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.46198013Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.463589938Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.465300473Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.467415732Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:32.46883054Z	62	PC: 122ab \| Close file
2018-12-17T22:12:32.471840147Z	99	PC: 9a5d7 \| Get DBCS lead byte table pointer
2018-12-17T22:12:32.480832925Z	56	PC: 94df9 \| Get or set country info
2018-12-17T22:12:32.483483149Z	64	PC: 9a848 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:12:32.487992115Z	25	PC: 94e62 \| Get default drive
2018-12-17T22:12:32.504715903Z	71	PC: 970dd \| Get current directory
2018-12-17T22:12:32.509316449Z	64	PC: 9a848 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:12:32.513936522Z	2	PC: 970b2 \| Character output (Char = '3e')
2018-12-17T22:12:32.517588133Z	93	PC: 94f20 \| File sharing functions
2018-12-17T22:12:32.519306797Z	93	PC: 94f27 \| File sharing functions
2018-12-17T22:12:32.520994755Z	10	PC: 94f39 \| Buffered keyboard input
2018-12-17T22:12:47.348711222Z	0	PC: 0 \| Program terminate
2018-12-17T22:12:48.703084618Z	0	PC: 0 \| Program terminate
2018-12-17T22:12:48.807095956Z	64	PC: 9a848 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:12:48.813022872Z	41	PC: 94fae \| Parse filename
2018-12-17T22:12:48.815121514Z	41	PC: 9502f \| Parse filename
2018-12-17T22:12:48.818042001Z	41	PC: 9504c \| Parse filename
2018-12-17T22:12:48.821508079Z	26	PC: 984f7 \| Set disk transfer address
2018-12-17T22:12:48.823473971Z	71	PC: 986f3 \| Get current directory
2018-12-17T22:12:48.833072563Z	47	PC: 131ea \| Get disk transfer address
2018-12-17T22:12:48.834743817Z	78	PC: 131ea \| Find first file
2018-12-17T22:12:48.844158755Z	71	PC: 9856c \| Get current directory
2018-12-17T22:12:48.84833515Z	73	PC: 97c09 \| Release memory
2018-12-17T22:12:48.85026823Z	108	PC: 131ea \| Extended open/create file
2018-12-17T22:12:48.85730336Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:48.860129192Z	62	PC: 131ea \| Close file
2018-12-17T22:12:48.866080237Z	53	PC: 131ea \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:12:48.868408725Z	37	PC: 131ea \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:12:48.871389989Z	67	PC: 131ea \| Get or set file attributes
2018-12-17T22:12:48.877833797Z	67	PC: 131ea \| Get or set file attributes
2018-12-17T22:12:48.913603968Z	108	PC: 131ea \| Extended open/create file
2018-12-17T22:12:48.921074033Z	63	PC: 131ea \| Read file or device (Read 26 bytes on handle 5)
2018-12-17T22:12:48.928261567Z	66	PC: 131ea \| Move file pointer
2018-12-17T22:12:48.93022586Z	62	PC: 131ea \| Close file
2018-12-17T22:12:48.933909003Z	67	PC: 131ea \| Get or set file attributes
2018-12-17T22:12:48.943825367Z	37	PC: 131ea \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:12:48.945126787Z	75	PC: 11821 \| Execute program
2018-12-17T22:12:48.956714552Z	9	PC: 13547 \| Display string (String= 'Hello, World! ')
2018-12-17T22:12:48.961943693Z	76	PC: 1354b \| Terminate with return code (Return code = '36')
2018-12-17T22:12:48.96604939Z	77	PC: 11fe0 \| Get program return code
2018-12-17T22:12:48.967653492Z	72	PC: 12174 \| Allocate memory
2018-12-17T22:12:48.970745189Z	72	PC: 1218d \| Allocate memory
2018-12-17T22:12:48.972979057Z	37	PC: 123c4 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:12:48.974650899Z	37	PC: 123cb \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:12:48.977508145Z	37	PC: 123d2 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:12:48.981801631Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:48.983664753Z	62	PC: 122ab \| Close file
2018-12-17T22:12:48.98664855Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:48.988210203Z	62	PC: 122ab \| Close file
2018-12-17T22:12:48.989807478Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:48.991674416Z	62	PC: 122ab \| Close file
2018-12-17T22:12:48.993259617Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:48.994716886Z	62	PC: 122ab \| Close file
2018-12-17T22:12:48.996803982Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:48.998225486Z	62	PC: 122ab \| Close file
2018-12-17T22:12:48.999708175Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:49.002271196Z	62	PC: 122ab \| Close file
2018-12-17T22:12:49.004179007Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:49.005640951Z	62	PC: 122ab \| Close file
2018-12-17T22:12:49.007813424Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:49.009274368Z	62	PC: 122ab \| Close file
2018-12-17T22:12:49.01085432Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:49.012888409Z	62	PC: 122ab \| Close file
2018-12-17T22:12:49.014769965Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:49.016635545Z	62	PC: 122ab \| Close file
2018-12-17T22:12:49.018904587Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:49.020815955Z	62	PC: 122ab \| Close file
2018-12-17T22:12:49.022871258Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:49.025006005Z	62	PC: 122ab \| Close file
2018-12-17T22:12:49.027325484Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:49.02926329Z	62	PC: 122ab \| Close file
2018-12-17T22:12:49.032001065Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:49.033560424Z	62	PC: 122ab \| Close file
2018-12-17T22:12:49.035440281Z	87	PC: 131ea \| Get or set file date and time
2018-12-17T22:12:49.037803956Z	62	PC: 122ab \| Close file
2018-12-17T22:12:49.041327071Z	99	PC: 9a5d7 \| Get DBCS lead byte table pointer
2018-12-17T22:12:49.042625522Z	56	PC: 94df9 \| Get or set country info
2018-12-17T22:12:49.045209734Z	64	PC: 9a848 \| Write file or device (Write 2 bytes on handle 1)
2018-12-17T22:12:49.049667461Z	25	PC: 94e62 \| Get default drive
2018-12-17T22:12:49.051117844Z	71	PC: 970dd \| Get current directory
2018-12-17T22:12:49.055662244Z	64	PC: 9a848 \| Write file or device (Write 3 bytes on handle 1)
2018-12-17T22:12:49.059470719Z	2	PC: 970b2 \| Character output (Char = '3e')
2018-12-17T22:12:49.061670227Z	93	PC: 94f20 \| File sharing functions
2018-12-17T22:12:49.065513292Z	93	PC: 94f27 \| File sharing functions
2018-12-17T22:12:49.067289881Z	10	PC: 94f39 \| Buffered keyboard input