Sample viewer

vx.netlux.org/Virus.DOS.Grog.495

Time	Syscall Op	Syscall Name
2018-12-17T22:50:02.345019292Z	26	PC: 12b42 \| Set disk transfer address
2018-12-17T22:50:02.346712263Z	78	PC: 12b4c \| Find first file
2018-12-17T22:50:02.354619639Z	61	PC: 12b5a \| Open file (Filename = 'I尖ｸ精')
2018-12-17T22:50:02.362102818Z	63	PC: 12b6e \| Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:50:02.372651115Z	66	PC: 12ba4 \| Move file pointer
2018-12-17T22:50:02.37562892Z	64	PC: 12bb6 \| Write file or device (Write 902 bytes on handle 5)
2018-12-17T22:50:02.393820176Z	62	PC: 12bc0 \| Close file
2018-12-17T22:50:02.403211911Z	26	PC: 12bca \| Set disk transfer address
2018-12-17T22:50:02.406379712Z	42	PC: 12ac7 \| Get date 0x12ac7: cmp dl, 3 0x12aca: jne 0x12ac2 0x12acc: mov ah, 0x2c 0x12ace: int 0x21 0x12ad0: cmp ch, 0xc 0x12ad3: ja 0x12ac2 0x12ad5: xor cx, cx 0x12ad7: nop 0x12ad8: xor dx, dx 0x12ada: nop 0x12adb: mov ah, 0x2d 0x12add: nop 0x12ade: int 0x21 0x12ae0: push es 0x12ae1: push cs 0x12ae2: pop es 0x12ae3: nop 0x12ae4: in al, 0x40 0x12ae6: nop 0x12ae7: mov dl, al

Time	Syscall Op	Syscall Name
2018-12-25T12:27:10.865733254Z	26	PC: 12b42 \| Set disk transfer address
2018-12-25T12:27:10.868258478Z	78	PC: 12b4c \| Find first file
2018-12-25T12:27:10.875113956Z	61	PC: 12b5a \| Open file (Filename = 'I尖ｸ精')
2018-12-25T12:27:10.891748456Z	63	PC: 12b6e \| Read file or device (Read 65535 bytes on handle 5)
2018-12-25T12:27:10.899343904Z	66	PC: 12ba4 \| Move file pointer
2018-12-25T12:27:10.901684904Z	64	PC: 12bb6 \| Write file or device (Write 902 bytes on handle 5)
2018-12-25T12:27:10.928458246Z	62	PC: 12bc0 \| Close file
2018-12-25T12:27:10.93770887Z	26	PC: 12bca \| Set disk transfer address
2018-12-25T12:27:10.940825178Z	42	PC: 12ac7 \| Get date 0x12ac7: cmp dl, 3 0x12aca: jne 0x12ac2 0x12acc: mov ah, 0x2c 0x12ace: int 0x21 0x12ad0: cmp ch, 0xc 0x12ad3: ja 0x12ac2 0x12ad5: xor cx, cx 0x12ad7: nop 0x12ad8: xor dx, dx 0x12ada: nop 0x12adb: mov ah, 0x2d 0x12add: nop 0x12ade: int 0x21 0x12ae0: push es 0x12ae1: push cs 0x12ae2: pop es 0x12ae3: nop 0x12ae4: in al, 0x40 0x12ae6: nop 0x12ae7: mov dl, al

Time	Syscall Op	Syscall Name
2018-12-25T12:27:10.9938233Z	26	PC: 12b42 \| Set disk transfer address
2018-12-25T12:27:10.998321004Z	78	PC: 12b4c \| Find first file
2018-12-25T12:27:11.005776094Z	61	PC: 12b5a \| Open file (Filename = 'I尖ｸ精')
2018-12-25T12:27:11.013880749Z	63	PC: 12b6e \| Read file or device (Read 65535 bytes on handle 5)
2018-12-25T12:27:11.022750211Z	66	PC: 12ba4 \| Move file pointer
2018-12-25T12:27:11.037067425Z	64	PC: 12bb6 \| Write file or device (Write 902 bytes on handle 5)
2018-12-25T12:27:11.053358784Z	62	PC: 12bc0 \| Close file
2018-12-25T12:27:11.07069087Z	26	PC: 12bca \| Set disk transfer address
2018-12-25T12:27:11.072499695Z	42	PC: 12ac7 \| Get date 0x12ac7: cmp dl, 3 0x12aca: jne 0x12ac2 0x12acc: mov ah, 0x2c 0x12ace: int 0x21 0x12ad0: cmp ch, 0xc 0x12ad3: ja 0x12ac2 0x12ad5: xor cx, cx 0x12ad7: nop 0x12ad8: xor dx, dx 0x12ada: nop 0x12adb: mov ah, 0x2d 0x12add: nop 0x12ade: int 0x21 0x12ae0: push es 0x12ae1: push cs 0x12ae2: pop es 0x12ae3: nop 0x12ae4: in al, 0x40 0x12ae6: nop 0x12ae7: mov dl, al
2018-12-25T12:27:11.075571791Z	44	PC: 12ad0 \| Get time 0x12ad0: cmp ch, 0xc 0x12ad3: ja 0x12ac2 0x12ad5: xor cx, cx 0x12ad7: nop 0x12ad8: xor dx, dx 0x12ada: nop 0x12adb: mov ah, 0x2d 0x12add: nop 0x12ade: int 0x21 0x12ae0: push es 0x12ae1: push cs 0x12ae2: pop es 0x12ae3: nop 0x12ae4: in al, 0x40 0x12ae6: nop 0x12ae7: mov dl, al 0x12ae9: nop 0x12aea: mov dh, 0 0x12aec: nop 0x12aed: mov ax, 0x1100
2018-12-25T12:27:11.078598079Z	45	PC: 12ae0 \| Set time