Sample viewer

vx.netlux.org/Virus.DOS.Grog.903

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:11:49.199873338Z	53	PC: 12c6f \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:49.201314217Z	37	PC: 12c7c \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:49.20296938Z	26	PC: 12c84 \| Set disk transfer address
2018-12-17T23:11:49.204043059Z	78	PC: 12c92 \| Find first file
2018-12-17T23:11:49.208805456Z	61	PC: 12e1c \| Open file (Filename = 'SLEEP.COM')
2018-12-17T23:11:49.2149072Z	63	PC: 12e49 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:11:49.22415884Z	66	PC: 12e5e \| Move file pointer
2018-12-17T23:11:49.225721709Z	64	PC: 12e6a \| Write file or device (Write 903 bytes on handle 5)
2018-12-17T23:11:49.253896445Z	66	PC: 12e80 \| Move file pointer
2018-12-17T23:11:49.255883241Z	64	PC: 12e8b \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:49.263724106Z	62	PC: 12e8f \| Close file
2018-12-17T23:11:49.274273295Z	79	PC: 12c92 \| Find next file
2018-12-17T23:11:49.277203877Z	61	PC: 12e1c \| Open file (Filename = 'PRINT.COM')
2018-12-17T23:11:49.284517201Z	63	PC: 12e49 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:11:49.291473602Z	66	PC: 12e5e \| Move file pointer
2018-12-17T23:11:49.293904204Z	64	PC: 12e6a \| Write file or device (Write 903 bytes on handle 5)
2018-12-17T23:11:49.30322371Z	66	PC: 12e80 \| Move file pointer
2018-12-17T23:11:49.304939316Z	64	PC: 12e8b \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:49.313104552Z	62	PC: 12e8f \| Close file
2018-12-17T23:11:49.322252977Z	79	PC: 12c92 \| Find next file
2018-12-17T23:11:49.325240054Z	61	PC: 12e1c \| Open file (Filename = 'HELLO.COM')
2018-12-17T23:11:49.333830519Z	63	PC: 12e49 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:11:49.3568497Z	66	PC: 12e5e \| Move file pointer
2018-12-17T23:11:49.358879607Z	64	PC: 12e6a \| Write file or device (Write 903 bytes on handle 5)
2018-12-17T23:11:49.36931362Z	66	PC: 12e80 \| Move file pointer
2018-12-17T23:11:49.371626059Z	64	PC: 12e8b \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:49.379158794Z	62	PC: 12e8f \| Close file
2018-12-17T23:11:49.389247718Z	79	PC: 12c92 \| Find next file
2018-12-17T23:11:49.393232461Z	61	PC: 12e1c \| Open file (Filename = 'PHANG.COM')
2018-12-17T23:11:49.401312688Z	63	PC: 12e49 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:11:49.41430419Z	66	PC: 12e5e \| Move file pointer
2018-12-17T23:11:49.417421041Z	64	PC: 12e6a \| Write file or device (Write 903 bytes on handle 5)
2018-12-17T23:11:49.426808195Z	66	PC: 12e80 \| Move file pointer
2018-12-17T23:11:49.428865273Z	64	PC: 12e8b \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:49.438700109Z	62	PC: 12e8f \| Close file
2018-12-17T23:11:49.458220379Z	79	PC: 12c92 \| Find next file
2018-12-17T23:11:49.46148585Z	61	PC: 12e1c \| Open file (Filename = 'PRINTA~1.COM')
2018-12-17T23:11:49.469803903Z	63	PC: 12e49 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:11:49.47748562Z	66	PC: 12e5e \| Move file pointer
2018-12-17T23:11:49.479412213Z	64	PC: 12e6a \| Write file or device (Write 903 bytes on handle 5)
2018-12-17T23:11:49.488920995Z	66	PC: 12e80 \| Move file pointer
2018-12-17T23:11:49.490693108Z	64	PC: 12e8b \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:49.4989364Z	62	PC: 12e8f \| Close file
2018-12-17T23:11:49.509294289Z	79	PC: 12c92 \| Find next file
2018-12-17T23:11:49.5128099Z	61	PC: 12e1c \| Open file (Filename = 'MANDEL.COM')
2018-12-17T23:11:49.520803163Z	63	PC: 12e49 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:11:49.528306283Z	66	PC: 12e5e \| Move file pointer
2018-12-17T23:11:49.534846553Z	64	PC: 12e6a \| Write file or device (Write 903 bytes on handle 5)
2018-12-17T23:11:49.544582192Z	66	PC: 12e80 \| Move file pointer
2018-12-17T23:11:49.546335209Z	64	PC: 12e8b \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:49.556394085Z	62	PC: 12e8f \| Close file
2018-12-17T23:11:49.565888211Z	79	PC: 12c92 \| Find next file
2018-12-17T23:11:49.568805657Z	61	PC: 12e1c \| Open file (Filename = 'PAH.COM')
2018-12-17T23:11:49.577284793Z	63	PC: 12e49 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:11:49.58502565Z	66	PC: 12e5e \| Move file pointer
2018-12-17T23:11:49.586903983Z	64	PC: 12e6a \| Write file or device (Write 903 bytes on handle 5)
2018-12-17T23:11:49.596897707Z	66	PC: 12e80 \| Move file pointer
2018-12-17T23:11:49.599175691Z	64	PC: 12e8b \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:49.60681595Z	62	PC: 12e8f \| Close file
2018-12-17T23:11:49.616239261Z	79	PC: 12c92 \| Find next file
2018-12-17T23:11:49.620359751Z	61	PC: 12e1c \| Open file (Filename = 'TEST.COM')
2018-12-17T23:11:49.628035425Z	63	PC: 12e49 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:11:49.632024517Z	62	PC: 12e8f \| Close file
2018-12-17T23:11:49.635187656Z	79	PC: 12c92 \| Find next file
2018-12-17T23:11:49.638129148Z	78	PC: 12ca9 \| Find first file
2018-12-17T23:11:49.644717868Z	26	PC: 12cb9 \| Set disk transfer address
2018-12-17T23:11:49.646872701Z	37	PC: 12cc0 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:49.64816443Z	25	PC: 12bd0 \| Get default drive
2018-12-17T23:11:49.649383293Z	14	PC: 12bdb \| Set default drive (Drive = 'C')
2018-12-17T23:11:49.651928439Z	53	PC: 12c6f \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:49.653611985Z	37	PC: 12c7c \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:49.655194752Z	26	PC: 12c84 \| Set disk transfer address
2018-12-17T23:11:49.657580999Z	78	PC: 12c92 \| Find first file
2018-12-17T23:11:49.66465368Z	61	PC: 12e1c \| Open file (Filename = 'COMMAND.COM')
2018-12-17T23:11:49.671682439Z	63	PC: 12e49 \| Read file or device (Read 3 bytes on handle 5)
2018-12-17T23:11:49.675659718Z	66	PC: 12e5e \| Move file pointer
2018-12-17T23:11:49.677878451Z	64	PC: 12e6a \| Write file or device (Write 903 bytes on handle 5)
2018-12-17T23:11:50.019801757Z	66	PC: 12e80 \| Move file pointer
2018-12-17T23:11:50.021676052Z	64	PC: 12e8b \| Write file or device (Write 3 bytes on handle 5)
2018-12-17T23:11:50.026197264Z	62	PC: 12e8f \| Close file
2018-12-17T23:11:50.035145081Z	79	PC: 12c92 \| Find next file
2018-12-17T23:11:50.039493218Z	78	PC: 12ca9 \| Find first file
2018-12-17T23:11:50.047155589Z	26	PC: 12cb9 \| Set disk transfer address
2018-12-17T23:11:50.048518933Z	37	PC: 12cc0 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:11:50.050169587Z	14	PC: 12be3 \| Set default drive (Drive = 'A')