Sample viewer

vx.netlux.org/Virus.DOS.Grog.480

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:05:22.372638367Z	25	PC: 12a5b \| Get default drive
2018-12-17T23:05:22.376232816Z	37	PC: 12a68 \| Set interrupt vector (Interrupt = '64' AKA 'Write file or device')
2018-12-17T23:05:22.377429468Z	26	PC: 12a6f \| Set disk transfer address
2018-12-17T23:05:22.378523101Z	78	PC: 12a77 \| Find first file
2018-12-17T23:05:22.393318283Z	61	PC: 12af4 \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:05:22.399753027Z	63	PC: 12beb \| Read file or device (Read 512 bytes on handle 5)
2018-12-17T23:05:22.406199861Z	62	PC: 12a80 \| Close file
2018-12-17T23:05:22.408234212Z	79	PC: 12a77 \| Find next file
2018-12-17T23:05:22.411288356Z	61	PC: 12af4 \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:05:22.418249965Z	63	PC: 12beb \| Read file or device (Read 512 bytes on handle 5)
2018-12-17T23:05:22.424852841Z	62	PC: 12a80 \| Close file
2018-12-17T23:05:22.427816405Z	79	PC: 12a77 \| Find next file
2018-12-17T23:05:22.430754071Z	61	PC: 12af4 \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:05:22.437460877Z	63	PC: 12beb \| Read file or device (Read 512 bytes on handle 5)
2018-12-17T23:05:22.456492572Z	62	PC: 12a80 \| Close file
2018-12-17T23:05:22.458601161Z	79	PC: 12a77 \| Find next file
2018-12-17T23:05:22.46153835Z	61	PC: 12af4 \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:05:22.469350262Z	63	PC: 12beb \| Read file or device (Read 512 bytes on handle 5)
2018-12-17T23:05:22.476345239Z	62	PC: 12a80 \| Close file
2018-12-17T23:05:22.478480652Z	79	PC: 12a77 \| Find next file
2018-12-17T23:05:22.482615471Z	61	PC: 12af4 \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:05:22.489409068Z	63	PC: 12beb \| Read file or device (Read 512 bytes on handle 5)
2018-12-17T23:05:22.496177771Z	62	PC: 12a80 \| Close file
2018-12-17T23:05:22.49880415Z	79	PC: 12a77 \| Find next file
2018-12-17T23:05:22.503047932Z	61	PC: 12af4 \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:05:22.509765099Z	63	PC: 12beb \| Read file or device (Read 512 bytes on handle 5)
2018-12-17T23:05:22.516507282Z	62	PC: 12a80 \| Close file
2018-12-17T23:05:22.518677056Z	79	PC: 12a77 \| Find next file
2018-12-17T23:05:22.521170309Z	61	PC: 12af4 \| Open file (Filename = 'PAH.COM')
2018-12-17T23:05:22.528495439Z	63	PC: 12beb \| Read file or device (Read 512 bytes on handle 5)
2018-12-17T23:05:22.547700222Z	62	PC: 12a80 \| Close file
2018-12-17T23:05:22.549734643Z	79	PC: 12a77 \| Find next file
2018-12-17T23:05:22.552716028Z	61	PC: 12af4 \| Open file (Filename = 'TEST.COM')
2018-12-17T23:05:22.560644898Z	63	PC: 12beb \| Read file or device (Read 512 bytes on handle 5)
2018-12-17T23:05:22.563581843Z	62	PC: 12a80 \| Close file
2018-12-17T23:05:22.565716412Z	79	PC: 12a77 \| Find next file
2018-12-17T23:05:22.570314054Z	26	PC: 12a8b \| Set disk transfer address
2018-12-17T23:05:22.571829951Z	37	PC: 12a98 \| Set interrupt vector (Interrupt = '64' AKA 'Write file or device')