Sample viewer

vx.netlux.org/Virus.DOS.Grog.902

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:24:12.072872085Z	42	PC: 13177 \| Get date 0x13177: cmp dl, 0x17 0x1317a: jne 0x1317f 0x1317c: jmp 0x13073 0x1317f: mov ax, 0x4b47 0x13182: int 0x21 0x13184: cmp al, 0x48 0x13186: jne 0x1318b 0x13188: jmp 0x1329a 0x1318b: pop si 0x1318c: push si 0x1318d: push si 0x1318e: pop di 0x1318f: xor ax, ax 0x13191: push ax 0x13192: pop ds 0x13193: les bx, ptr [0x84] 0x13197: mov word ptr cs:[di - 0x115], bx 0x1319c: mov word ptr cs:[di - 0x113], es 0x131a1: mov ax, word ptr [0x102] 0x131a4: cmp ax, 0xf000
2018-12-17T22:24:12.075386419Z	75	PC: 13184 \| Execute program
2018-12-17T22:24:12.077326423Z	98	PC: 1320a \| Get current PSP
2018-12-17T22:24:12.078215255Z	73	PC: 13210 \| Release memory
2018-12-17T22:24:12.079695326Z	72	PC: 13217 \| Allocate memory
2018-12-17T22:24:12.082390326Z	74	PC: 13225 \| Reallocate memory
2018-12-17T22:24:12.083812186Z	74	PC: 13235 \| Reallocate memory
2018-12-17T22:24:12.086171286Z	98	PC: 13276 \| Get current PSP

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4251,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:51:21.87886293Z	42	PC: 13177 \| Get date 0x13177: cmp dl, 0x17 0x1317a: jne 0x1317f 0x1317c: jmp 0x13073 0x1317f: mov ax, 0x4b47 0x13182: int 0x21 0x13184: cmp al, 0x48 0x13186: jne 0x1318b 0x13188: jmp 0x1329a 0x1318b: pop si 0x1318c: push si 0x1318d: push si 0x1318e: pop di 0x1318f: xor ax, ax 0x13191: push ax 0x13192: pop ds 0x13193: les bx, ptr [0x84] 0x13197: mov word ptr cs:[di - 0x115], bx 0x1319c: mov word ptr cs:[di - 0x113], es 0x131a1: mov ax, word ptr [0x102] 0x131a4: cmp ax, 0xf000
2018-12-25T11:51:21.881651759Z	75	PC: 13184 \| Execute program
2018-12-25T11:51:21.89115624Z	98	PC: 1320a \| Get current PSP
2018-12-25T11:51:21.892377822Z	73	PC: 13210 \| Release memory
2018-12-25T11:51:21.894359364Z	72	PC: 13217 \| Allocate memory
2018-12-25T11:51:21.896736464Z	74	PC: 13225 \| Reallocate memory
2018-12-25T11:51:21.899351623Z	74	PC: 13235 \| Reallocate memory
2018-12-25T11:51:21.901260274Z	98	PC: 13276 \| Get current PSP

{"DateBased":true,"Day":23,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4251,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:51:21.864224832Z	42	PC: 13177 \| Get date 0x13177: cmp dl, 0x17 0x1317a: jne 0x1317f 0x1317c: jmp 0x13073 0x1317f: mov ax, 0x4b47 0x13182: int 0x21 0x13184: cmp al, 0x48 0x13186: jne 0x1318b 0x13188: jmp 0x1329a 0x1318b: pop si 0x1318c: push si 0x1318d: push si 0x1318e: pop di 0x1318f: xor ax, ax 0x13191: push ax 0x13192: pop ds 0x13193: les bx, ptr [0x84] 0x13197: mov word ptr cs:[di - 0x115], bx 0x1319c: mov word ptr cs:[di - 0x113], es 0x131a1: mov ax, word ptr [0x102] 0x131a4: cmp ax, 0xf000
2018-12-25T11:51:21.867456858Z	9	PC: 1316d \| Display string (String= ' Sua moglie aveva sempre odiato il lavoro di lui. "Non farai mai i soldi costruendo modellini di velieri", si lagnava. "Al contrario", dichiaro' lui. "I miei affari vanno a gonfie vele!" Lei lo inceneri' col tostapane elettrico. ')

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4251,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:51:21.915390582Z	42	PC: 13177 \| Get date 0x13177: cmp dl, 0x17 0x1317a: jne 0x1317f 0x1317c: jmp 0x13073 0x1317f: mov ax, 0x4b47 0x13182: int 0x21 0x13184: cmp al, 0x48 0x13186: jne 0x1318b 0x13188: jmp 0x1329a 0x1318b: pop si 0x1318c: push si 0x1318d: push si 0x1318e: pop di 0x1318f: xor ax, ax 0x13191: push ax 0x13192: pop ds 0x13193: les bx, ptr [0x84] 0x13197: mov word ptr cs:[di - 0x115], bx 0x1319c: mov word ptr cs:[di - 0x113], es 0x131a1: mov ax, word ptr [0x102] 0x131a4: cmp ax, 0xf000
2018-12-25T11:51:21.918753904Z	75	PC: 13184 \| Execute program
2018-12-25T11:51:21.920540956Z	98	PC: 1320a \| Get current PSP
2018-12-25T11:51:21.921602387Z	73	PC: 13210 \| Release memory
2018-12-25T11:51:21.923386873Z	72	PC: 13217 \| Allocate memory
2018-12-25T11:51:21.926109067Z	74	PC: 13225 \| Reallocate memory
2018-12-25T11:51:21.92821893Z	74	PC: 13235 \| Reallocate memory
2018-12-25T11:51:21.929898342Z	98	PC: 13276 \| Get current PSP

{"DateBased":true,"Day":23,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":4251,"SideJobID":0}

.

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-25T11:51:21.921296362Z	42	PC: 13177 \| Get date 0x13177: cmp dl, 0x17 0x1317a: jne 0x1317f 0x1317c: jmp 0x13073 0x1317f: mov ax, 0x4b47 0x13182: int 0x21 0x13184: cmp al, 0x48 0x13186: jne 0x1318b 0x13188: jmp 0x1329a 0x1318b: pop si 0x1318c: push si 0x1318d: push si 0x1318e: pop di 0x1318f: xor ax, ax 0x13191: push ax 0x13192: pop ds 0x13193: les bx, ptr [0x84] 0x13197: mov word ptr cs:[di - 0x115], bx 0x1319c: mov word ptr cs:[di - 0x113], es 0x131a1: mov ax, word ptr [0x102] 0x131a4: cmp ax, 0xf000
2018-12-25T11:51:21.924614341Z	9	PC: 1316d \| Display string (String= ' Sua moglie aveva sempre odiato il lavoro di lui. "Non farai mai i soldi costruendo modellini di velieri", si lagnava. "Al contrario", dichiaro' lui. "I miei affari vanno a gonfie vele!" Lei lo inceneri' col tostapane elettrico. ')