Sample viewer

vx.netlux.org/Virus.DOS.Zamol.2153

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:39:51.328915166Z 73 PC: 12a58 | Release memory
2018-12-17T22:39:51.331032657Z 72 PC: 12a5f | Allocate memory
2018-12-17T22:39:51.333626484Z 74 PC: 12a6c | Reallocate memory
2018-12-17T22:39:51.335705352Z 74 PC: 12a7a | Reallocate memory
2018-12-17T22:39:51.338298588Z 204 PC: 9f411 | UNKNOWN!
2018-12-17T22:39:51.339589104Z 42 PC: 9f455 | Get date 0x9f455: cmp dl, 3
0x9f458: jne 0x9f463
0x9f45a: mov byte ptr cs:[0x7a0], 1
0x9f460: jmp 0x9f469
0x9f462: nop
0x9f463: mov byte ptr cs:[0x7a0], 0
0x9f469: mov word ptr cs:[0x7a1], 0
0x9f470: mov word ptr cs:[0x78c], 0
0x9f477: mov word ptr [0x20], 0x6ab
0x9f47d: mov word ptr [0x22], cs
0x9f481: cmp al, 5
0x9f483: jne 0x9f48f
0x9f485: mov word ptr [0x24], 0x610
0x9f48b: mov word ptr [0x26], cs
0x9f48f: mov ds, word ptr cs:[0x7b3]
0x9f494: push ds
0x9f495: pop es
0x9f496: cmp byte ptr cs:[0x7d0], 0
0x9f49c: jne 0x9f4be
0x9f49e: mov ds, word ptr cs:[0x7b5]
2018-12-17T22:39:51.342885652Z 9 PC: 12a47 | Display string (String= 'GOAT File Generator 1.40 � (c) 1994-98 by ROSE, Ralph Roth! (17.07.1998) File: ROSE025.COM - 2.000 (07D0h) bytes length! Researcher: Brian Burdick Contact: [email protected] DO NOT DISTRIBUTE THESE SAMPLES')

{"DateBased":true,"Day":3,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6849,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:21.621698666Z 73 PC: 12a58 | Release memory
2018-12-25T12:00:21.623832056Z 72 PC: 12a5f | Allocate memory
2018-12-25T12:00:21.626031016Z 74 PC: 12a6c | Reallocate memory
2018-12-25T12:00:21.627981043Z 74 PC: 12a7a | Reallocate memory
2018-12-25T12:00:21.634067455Z 204 PC: 9f411 | UNKNOWN!
2018-12-25T12:00:21.635020321Z 42 PC: 9f455 | Get date 0x9f455: cmp dl, 3
0x9f458: jne 0x9f463
0x9f45a: mov byte ptr cs:[0x7a0], 1
0x9f460: jmp 0x9f469
0x9f462: nop
0x9f463: mov byte ptr cs:[0x7a0], 0
0x9f469: mov word ptr cs:[0x7a1], 0
0x9f470: mov word ptr cs:[0x78c], 0
0x9f477: mov word ptr [0x20], 0x6ab
0x9f47d: mov word ptr [0x22], cs
0x9f481: cmp al, 5
0x9f483: jne 0x9f48f
0x9f485: mov word ptr [0x24], 0x610
0x9f48b: mov word ptr [0x26], cs
0x9f48f: mov ds, word ptr cs:[0x7b3]
0x9f494: push ds
0x9f495: pop es
0x9f496: cmp byte ptr cs:[0x7d0], 0
0x9f49c: jne 0x9f4be
0x9f49e: mov ds, word ptr cs:[0x7b5]
2018-12-25T12:00:21.637740757Z 9 PC: 12a47 | Display string (String= 'GOAT File Generator 1.40 � (c) 1994-98 by ROSE, Ralph Roth! (17.07.1998) File: ROSE025.COM - 2.000 (07D0h) bytes length! Researcher: Brian Burdick Contact: [email protected] DO NOT DISTRIBUTE THESE SAMPLES')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":6849,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:00:22.326933418Z 73 PC: 12a58 | Release memory
2018-12-25T12:00:22.329391636Z 72 PC: 12a5f | Allocate memory
2018-12-25T12:00:22.331270396Z 74 PC: 12a6c | Reallocate memory
2018-12-25T12:00:22.332803288Z 74 PC: 12a7a | Reallocate memory
2018-12-25T12:00:22.337055366Z 204 PC: 9f411 | UNKNOWN!
2018-12-25T12:00:22.352928003Z 42 PC: 9f455 | Get date 0x9f455: cmp dl, 3
0x9f458: jne 0x9f463
0x9f45a: mov byte ptr cs:[0x7a0], 1
0x9f460: jmp 0x9f469
0x9f462: nop
0x9f463: mov byte ptr cs:[0x7a0], 0
0x9f469: mov word ptr cs:[0x7a1], 0
0x9f470: mov word ptr cs:[0x78c], 0
0x9f477: mov word ptr [0x20], 0x6ab
0x9f47d: mov word ptr [0x22], cs
0x9f481: cmp al, 5
0x9f483: jne 0x9f48f
0x9f485: mov word ptr [0x24], 0x610
0x9f48b: mov word ptr [0x26], cs
0x9f48f: mov ds, word ptr cs:[0x7b3]
0x9f494: push ds
0x9f495: pop es
0x9f496: cmp byte ptr cs:[0x7d0], 0
0x9f49c: jne 0x9f4be
0x9f49e: mov ds, word ptr cs:[0x7b5]
2018-12-25T12:00:22.356436232Z 9 PC: 12a47 | Display string (String= 'GOAT File Generator 1.40 � (c) 1994-98 by ROSE, Ralph Roth! (17.07.1998) File: ROSE025.COM - 2.000 (07D0h) bytes length! Researcher: Brian Burdick Contact: [email protected] DO NOT DISTRIBUTE THESE SAMPLES')