Sample viewer

vx.netlux.org/Virus.DOS.Freud.2000

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:45:48.317287438Z 48 PC: 13a19 | Get DOS version
2018-12-17T22:45:48.319226951Z 44 PC: 13a0f | Get time 0x13a0f: cmp dl, 0
0x13a12: je 0x13a0b
0x13a14: ret
0x13a15: mov ah, 0x30
0x13a17: int 0x21
0x13a19: ret
0x13a1a: dec sp
0x13a1b: call 0x13a1e
0x13a1e: pop bx
0x13a1f: sub bx, 4
0x13a22: mov dl, byte ptr [bx]
0x13a24: sub bx, 0x79d
0x13a28: cmp dl, 0
0x13a2b: je 0x13a43
0x13a2d: jmp 0x13a34
0x13a2f: nop
0x13a30: lea bx, word ptr [bp + 0x10c]
0x13a34: mov dh, dl
0x13a36: mov cx, 0x78d
0x13a39: xor byte ptr [bx], dl
2018-12-17T22:45:48.322164371Z 48 PC: 13a19 | Get DOS version
2018-12-17T22:45:48.328869428Z 25 PC: 133a5 | Get default drive
2018-12-17T22:45:48.330689196Z 9 PC: 12a86 | Display string (String= 'Goat file (COM/....). Size=00000834h/0000002100d bytes. ')
2018-12-17T22:45:48.345883846Z 48 PC: 12a8f | Get DOS version
2018-12-17T22:45:48.347338988Z 61 PC: 12b5c | Open file (Filename = '')
2018-12-17T22:45:48.354453107Z 93 PC: 12afe | File sharing functions
2018-12-17T22:45:48.356736571Z 9 PC: 12a86 | Display string (String= 'Size change=07D0h/02000d. ')
2018-12-17T22:45:48.35946168Z 76 PC: 12ae3 | Terminate with return code (Return code = '1')