Sample viewer

vx.netlux.org/Virus.DOS.Inquisitor.1287

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:30:18.838712283Z 71 PC: 12a9b | Get current directory
2018-12-17T22:30:18.841269093Z 78 PC: 12aa4 | Find first file
2018-12-17T22:30:18.848388246Z 67 PC: 12abe | Get or set file attributes
2018-12-17T22:30:18.854535813Z 61 PC: 12ad0 | Open file (Filename = 'W’')
2018-12-17T22:30:18.868311474Z 67 PC: 12bd3 | Get or set file attributes
2018-12-17T22:30:18.873752843Z 79 PC: 12aa4 | Find next file
2018-12-17T22:30:18.876239526Z 67 PC: 12abe | Get or set file attributes
2018-12-17T22:30:18.881994416Z 61 PC: 12ad0 | Open file (Filename = 'W’')
2018-12-17T22:30:18.885825217Z 67 PC: 12bd3 | Get or set file attributes
2018-12-17T22:30:18.891543488Z 79 PC: 12aa4 | Find next file
2018-12-17T22:30:18.894290278Z 67 PC: 12abe | Get or set file attributes
2018-12-17T22:30:18.897961511Z 61 PC: 12ad0 | Open file (Filename = 'W’')
2018-12-17T22:30:18.901739861Z 67 PC: 12bd3 | Get or set file attributes
2018-12-17T22:30:18.905225525Z 79 PC: 12aa4 | Find next file
2018-12-17T22:30:18.917759262Z 67 PC: 12abe | Get or set file attributes
2018-12-17T22:30:18.923073941Z 61 PC: 12ad0 | Open file (Filename = 'W’')
2018-12-17T22:30:18.928864587Z 67 PC: 12bd3 | Get or set file attributes
2018-12-17T22:30:18.935537469Z 79 PC: 12aa4 | Find next file
2018-12-17T22:30:18.937932472Z 67 PC: 12abe | Get or set file attributes
2018-12-17T22:30:18.943377091Z 61 PC: 12ad0 | Open file (Filename = 'W’')
2018-12-17T22:30:18.956358259Z 67 PC: 12bd3 | Get or set file attributes
2018-12-17T22:30:18.961921967Z 79 PC: 12aa4 | Find next file
2018-12-17T22:30:18.964357547Z 67 PC: 12abe | Get or set file attributes
2018-12-17T22:30:18.979195132Z 61 PC: 12ad0 | Open file (Filename = 'W’')
2018-12-17T22:30:18.985563419Z 67 PC: 12bd3 | Get or set file attributes
2018-12-17T22:30:18.991925923Z 79 PC: 12aa4 | Find next file
2018-12-17T22:30:18.995346001Z 67 PC: 12abe | Get or set file attributes
2018-12-17T22:30:19.001213484Z 61 PC: 12ad0 | Open file (Filename = 'W’')
2018-12-17T22:30:19.007450492Z 67 PC: 12bd3 | Get or set file attributes
2018-12-17T22:30:19.014446141Z 79 PC: 12aa4 | Find next file
2018-12-17T22:30:19.017155378Z 67 PC: 12abe | Get or set file attributes
2018-12-17T22:30:19.022588637Z 61 PC: 12ad0 | Open file (Filename = 'W’')
2018-12-17T22:30:19.029623493Z 67 PC: 12bd3 | Get or set file attributes
2018-12-17T22:30:19.035177238Z 79 PC: 12aa4 | Find next file
2018-12-17T22:30:19.037377944Z 78 PC: 12bfa | Find first file
2018-12-17T22:30:19.043154945Z 78 PC: 12bfa | Find first file
2018-12-17T22:30:19.048908051Z 78 PC: 12bfa | Find first file
2018-12-17T22:30:19.054489606Z 78 PC: 12bfa | Find first file
2018-12-17T22:30:19.06031081Z 78 PC: 12bfa | Find first file
2018-12-17T22:30:19.065977776Z 78 PC: 12bfa | Find first file
2018-12-17T22:30:19.07193505Z 78 PC: 12bfa | Find first file
2018-12-17T22:30:19.078100975Z 78 PC: 12bfa | Find first file
2018-12-17T22:30:19.083881952Z 78 PC: 12bfa | Find first file
2018-12-17T22:30:19.089416978Z 59 PC: 12c2f | Change current directory
2018-12-17T22:30:19.093285015Z 42 PC: 12c86 | Get date 0x12c86: cmp dh, 4
0x12c89: jne 0x12cbd
0x12c8b: cmp dl, 0x19
0x12c8e: jne 0x12cbd
0x12c90: mov al, 2
0x12c92: out 0x21, al
0x12c94: mov ah, 9
0x12c96: mov dx, 0x4f3
0x12c99: int 0x21
0x12c9b: mov dx, 0x37e
0x12c9e: mov cx, 7
0x12ca1: mov ah, 0x4e
0x12ca3: int 0x21
0x12ca5: jb 0x12cbb
0x12ca7: call 0x12cc2
0x12caa: jb 0x12cb7
0x12cac: xchg ax, bx
0x12cad: xor cx, cx
0x12caf: mov ah, 0x40
0x12cb1: int 0x21
2018-12-17T22:30:19.096031473Z 26 PC: 12c4d | Set disk transfer address
2018-12-17T22:30:19.096973524Z 59 PC: 12c58 | Change current directory

{"DateBased":true,"Day":1,"Month":1,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5416,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:54:29.792250695Z 71 PC: 12a9b | Get current directory
2018-12-25T11:54:29.795433165Z 78 PC: 12aa4 | Find first file
2018-12-25T11:54:29.801261324Z 67 PC: 12abe | Get or set file attributes
2018-12-25T11:54:29.811525507Z 61 PC: 12ad0 | Open file (Filename = 'W’')
2018-12-25T11:54:29.8249947Z 67 PC: 12bd3 | Get or set file attributes
2018-12-25T11:54:29.830813681Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:29.83353745Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:29.839814573Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:29.846101218Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:29.851525639Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:29.853957189Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:29.864335326Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:29.878877196Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:29.884824037Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:29.893382342Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:29.898798529Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:29.90466235Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:29.910522037Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:29.912830658Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:29.922810821Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:29.927174673Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:29.932810334Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:29.935178495Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:29.941346878Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:29.947126048Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:29.953071525Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:29.955889925Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:29.961313302Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:29.967124091Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:29.972829028Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:29.975146735Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:29.980465721Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:29.986708207Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:29.992120784Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:29.994216892Z 78 PC: 12bfa | Find first file
2018-12-25T11:54:30.000254747Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.005751021Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.011901874Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.018209559Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.021861518Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.025345466Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.029652985Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.033885348Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.038914275Z 59 PC: 12c2f | Change current directory
2018-12-25T11:54:30.043716621Z 42 PC: 12c86 | Get date 0x12c86: cmp dh, 4
0x12c89: jne 0x12cbd
0x12c8b: cmp dl, 0x19
0x12c8e: jne 0x12cbd
0x12c90: mov al, 2
0x12c92: out 0x21, al
0x12c94: mov ah, 9
0x12c96: mov dx, 0x4f3
0x12c99: int 0x21
0x12c9b: mov dx, 0x37e
0x12c9e: mov cx, 7
0x12ca1: mov ah, 0x4e
0x12ca3: int 0x21
0x12ca5: jb 0x12cbb
0x12ca7: call 0x12cc2
0x12caa: jb 0x12cb7
0x12cac: xchg ax, bx
0x12cad: xor cx, cx
0x12caf: mov ah, 0x40
0x12cb1: int 0x21
2018-12-25T11:54:30.046081886Z 26 PC: 12c4d | Set disk transfer address
2018-12-25T11:54:30.047255163Z 59 PC: 12c58 | Change current directory

{"DateBased":true,"Day":1,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5416,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:54:30.252945427Z 71 PC: 12a9b | Get current directory
2018-12-25T11:54:30.256428784Z 78 PC: 12aa4 | Find first file
2018-12-25T11:54:30.263163506Z 67 PC: 12abe | Get or set file attributes
2018-12-25T11:54:30.269258715Z 61 PC: 12ad0 | Open file (Filename = 'W’')
2018-12-25T11:54:30.275826896Z 67 PC: 12bd3 | Get or set file attributes
2018-12-25T11:54:30.287638046Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.290258295Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.301560318Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.314138749Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.321488983Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.324376857Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.331203075Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.337853986Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.3439708Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.347176683Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.354143518Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.361434007Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.369455569Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.371205708Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.377373707Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.384454364Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.390665567Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.393271343Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.399825639Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.411866665Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.423356899Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.426205267Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.433264453Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.43968701Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.445561648Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.448243759Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.454209815Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.460760869Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.467267748Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.469678973Z 78 PC: 12bfa | Find first file
2018-12-25T11:54:30.473915642Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.478275892Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.482047734Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.486140623Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.491515733Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.496117566Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.500820691Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.51060012Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.514330872Z 59 PC: 12c2f | Change current directory
2018-12-25T11:54:30.517047372Z 42 PC: 12c86 | Get date 0x12c86: cmp dh, 4
0x12c89: jne 0x12cbd
0x12c8b: cmp dl, 0x19
0x12c8e: jne 0x12cbd
0x12c90: mov al, 2
0x12c92: out 0x21, al
0x12c94: mov ah, 9
0x12c96: mov dx, 0x4f3
0x12c99: int 0x21
0x12c9b: mov dx, 0x37e
0x12c9e: mov cx, 7
0x12ca1: mov ah, 0x4e
0x12ca3: int 0x21
0x12ca5: jb 0x12cbb
0x12ca7: call 0x12cc2
0x12caa: jb 0x12cb7
0x12cac: xchg ax, bx
0x12cad: xor cx, cx
0x12caf: mov ah, 0x40
0x12cb1: int 0x21
2018-12-25T11:54:30.51891396Z 26 PC: 12c4d | Set disk transfer address
2018-12-25T11:54:30.519760217Z 59 PC: 12c58 | Change current directory

{"DateBased":true,"Day":25,"Month":4,"Year":1980,"Hour":0,"Min":0,"Second":0,"TimeBased":false,"OriginalID":5416,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T11:54:30.437716105Z 71 PC: 12a9b | Get current directory
2018-12-25T11:54:30.440857509Z 78 PC: 12aa4 | Find first file
2018-12-25T11:54:30.447374736Z 67 PC: 12abe | Get or set file attributes
2018-12-25T11:54:30.45776722Z 61 PC: 12ad0 | Open file (Filename = 'W’')
2018-12-25T11:54:30.47785615Z 67 PC: 12bd3 | Get or set file attributes
2018-12-25T11:54:30.488628623Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.490918352Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.497050623Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.502849057Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.508158279Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.510960314Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.517511666Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.528446436Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.538899874Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.541236638Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.547204936Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.553223614Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.558642499Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.560960786Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.566285284Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.572158352Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.577428642Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.579756933Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.585455585Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.591190342Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.596543647Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.599145948Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.605043757Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.610790286Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.616434523Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.617972904Z 67 PC: 12abe | Get or set file attributes (See above)
2018-12-25T11:54:30.621259115Z 61 PC: 12ad0 | Open file (See above)
2018-12-25T11:54:30.625268831Z 67 PC: 12bd3 | Get or set file attributes (See above)
2018-12-25T11:54:30.628576701Z 79 PC: 12aa4 | Find next file (See above)
2018-12-25T11:54:30.629942061Z 78 PC: 12bfa | Find first file
2018-12-25T11:54:30.633904989Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.639265843Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.644562973Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.65043053Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.655907134Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.661223613Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.6677896Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.673198451Z 78 PC: 12bfa | Find first file (See above)
2018-12-25T11:54:30.67863105Z 59 PC: 12c2f | Change current directory
2018-12-25T11:54:30.682683678Z 42 PC: 12c86 | Get date 0x12c86: cmp dh, 4
0x12c89: jne 0x12cbd
0x12c8b: cmp dl, 0x19
0x12c8e: jne 0x12cbd
0x12c90: mov al, 2
0x12c92: out 0x21, al
0x12c94: mov ah, 9
0x12c96: mov dx, 0x4f3
0x12c99: int 0x21
0x12c9b: mov dx, 0x37e
0x12c9e: mov cx, 7
0x12ca1: mov ah, 0x4e
0x12ca3: int 0x21
0x12ca5: jb 0x12cbb
0x12ca7: call 0x12cc2
0x12caa: jb 0x12cb7
0x12cac: xchg ax, bx
0x12cad: xor cx, cx
0x12caf: mov ah, 0x40
0x12cb1: int 0x21
2018-12-25T11:54:30.684484654Z 9 PC: 12c9b | Display string (Could not find end pointer)
2018-12-25T11:54:30.705047262Z 78 PC: 12ca5 | Find first file
2018-12-25T11:54:30.711117293Z 67 PC: 12cce | Get or set file attributes
2018-12-25T11:54:30.714468498Z 61 PC: 12cd4 | Open file (Filename = 'W’')
2018-12-25T11:54:30.718002265Z 79 PC: 12ca5 | Find next file (See above)
2018-12-25T11:54:30.719962801Z 67 PC: 12cce | Get or set file attributes (See above)
2018-12-25T11:54:30.723833838Z 61 PC: 12cd4 | Open file (See above)
2018-12-25T11:54:30.727398065Z 79 PC: 12ca5 | Find next file (See above)
2018-12-25T11:54:30.729369826Z 67 PC: 12cce | Get or set file attributes (See above)
2018-12-25T11:54:30.732713056Z 61 PC: 12cd4 | Open file (See above)
2018-12-25T11:54:30.736290834Z 79 PC: 12ca5 | Find next file (See above)
2018-12-25T11:54:30.738291279Z 67 PC: 12cce | Get or set file attributes (See above)
2018-12-25T11:54:30.741658445Z 61 PC: 12cd4 | Open file (See above)
2018-12-25T11:54:30.745249473Z 79 PC: 12ca5 | Find next file (See above)
2018-12-25T11:54:30.74720751Z 67 PC: 12cce | Get or set file attributes (See above)
2018-12-25T11:54:30.751313162Z 61 PC: 12cd4 | Open file (See above)
2018-12-25T11:54:30.757285956Z 79 PC: 12ca5 | Find next file (See above)
2018-12-25T11:54:30.760151353Z 67 PC: 12cce | Get or set file attributes (See above)
2018-12-25T11:54:30.765352231Z 61 PC: 12cd4 | Open file (See above)
2018-12-25T11:54:30.771063729Z 79 PC: 12ca5 | Find next file (See above)
2018-12-25T11:54:30.773777761Z 67 PC: 12cce | Get or set file attributes (See above)
2018-12-25T11:54:30.779042709Z 61 PC: 12cd4 | Open file (See above)
2018-12-25T11:54:30.784909449Z 79 PC: 12ca5 | Find next file (See above)
2018-12-25T11:54:30.788359913Z 67 PC: 12cce | Get or set file attributes (See above)
2018-12-25T11:54:30.793626664Z 61 PC: 12cd4 | Open file (See above)
2018-12-25T11:54:30.799381661Z 79 PC: 12ca5 | Find next file (See above)
2018-12-25T11:54:30.802097958Z 67 PC: 12cce | Get or set file attributes (See above)
2018-12-25T11:54:30.807369934Z 61 PC: 12cd4 | Open file (See above)
2018-12-25T11:54:30.81309618Z 79 PC: 12ca5 | Find next file (See above)