Sample viewer

vx.netlux.org/Virus.DOS.CmosDead.5154

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:30:24.178237963Z 77 PC: 18805 | Get program return code
2018-12-17T22:30:24.179673531Z 82 PC: 18810 | Get DOS internal pointers (SYSVARS)
2018-12-17T22:30:24.180805712Z 220 PC: 9f4d0 | UNKNOWN!
2018-12-17T22:30:24.181525751Z 42 PC: 9f703 | Get date 0x9f703: cmp bp, 0xef6
0x9f707: je 0x9f70c
0x9f709: jmp 0x9f554
0x9f70c: push cs
0x9f70d: pop es
0x9f70e: mov si, 0x385
0x9f711: mov cx, 0x1df
0x9f714: call 0xae94f
0x9f717: mov si, 0x1153
0x9f71a: mov cx, 0x49
0x9f71d: call 0xae94f
0x9f720: mov si, 3
0x9f723: inc sp
0x9f724: xchg ax, si
0x9f725: out dx, al
0x9f726: inc si
2018-12-17T22:30:24.183744856Z 53 PC: 9eb3b | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:30:24.184860852Z 9 PC: 12a47 | Display string (String= 'This GOAT file was generated by Andreas Marx. ROSEGOAT by RR! (16.08.1998) File: ROSE001.COM - 20.000 (4E20h) bytes length! ')