Sample viewer

vx.netlux.org/Virus.DOS.Goma.625

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:42:03.696183024Z	26	PC: 12a54 \| Set disk transfer address
2018-12-17T22:42:03.699056317Z	250	PC: 12c40 \| UNKNOWN!
2018-12-17T22:42:03.70030962Z	42	PC: 12c40 \| Get date 0x12c40: ret 0x12c41: call 0x12c44 0x12c44: pop bp 0x12c45: sub bp, 0x304 0x12c49: int3 0x12c4a: ret 0x12c4b: mov ah, 0x2a 0x12c4d: call 0x22c3e 0x12c50: cmp dh, 0xa 0x12c53: jne 0x12cb2 0x12c55: cmp dl, 0x16 0x12c58: jne 0x12cb2 0x12c5a: call 0x12c77 0x12c5d: ret 0x12c5e: mov ax, 0xca00 0x12c61: mov bx, 0x5442 0x12c64: int 0x2f 0x12c66: cmp al, 0 0x12c68: jne 0x12c6b 0x12c6a: ret
2018-12-17T22:42:03.702850782Z	71	PC: 12aea \| Get current directory
2018-12-17T22:42:03.706051789Z	78	PC: 12b18 \| Find first file
2018-12-17T22:42:03.713706238Z	67	PC: 12b36 \| Get or set file attributes
2018-12-17T22:42:03.719991885Z	67	PC: 12b86 \| Get or set file attributes
2018-12-17T22:42:03.737255171Z	61	PC: 12b43 \| Open file (Filename = 'TEST.EXE')
2018-12-17T22:42:03.745642346Z	87	PC: 12b4b \| Get or set file date and time
2018-12-17T22:42:03.747635491Z	63	PC: 12b58 \| Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:42:03.750790887Z	66	PC: 12bd9 \| Move file pointer
2018-12-17T22:42:03.753618991Z	64	PC: 12c27 \| Write file or device (Write 625 bytes on handle 5)
2018-12-17T22:42:03.762492508Z	66	PC: 12c2f \| Move file pointer
2018-12-17T22:42:03.764250028Z	64	PC: 12c3b \| Write file or device (Write 28 bytes on handle 5)
2018-12-17T22:42:03.767722278Z	87	PC: 12b73 \| Get or set file date and time
2018-12-17T22:42:03.769998319Z	67	PC: 12b86 \| Get or set file attributes
2018-12-17T22:42:03.783042674Z	62	PC: 12b7d \| Close file
2018-12-17T22:42:03.790955538Z	79	PC: 12b2a \| Find next file
2018-12-17T22:42:03.794192907Z	59	PC: 12afb \| Change current directory
2018-12-17T22:42:03.798577855Z	59	PC: 12b09 \| Change current directory
2018-12-17T22:42:03.803077226Z	26	PC: 12a92 \| Set disk transfer address