Sample viewer

vx.netlux.org/Virus.DOS.Grog.283

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:46:52.01885269Z 78 PC: 12a70 | Find first file
2018-12-17T22:46:52.024157156Z 61 PC: 12a7a | Open file (Filename = 'ldibranda Crapomena´,Í!€þ:r#Í NOCCIOLA (C) '93 by Grog - Italy ¹"')
2018-12-17T22:46:52.031624115Z 63 PC: 12a87 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:46:52.038574744Z 66 PC: 12a9f | Move file pointer
2018-12-17T22:46:52.040199306Z 87 PC: 12aaf | Get or set file date and time
2018-12-17T22:46:52.042057748Z 64 PC: 12abc | Write file or device (Write 690 bytes on handle 5)
2018-12-17T22:46:52.284218883Z 87 PC: 12ac3 | Get or set file date and time
2018-12-17T22:46:52.285906614Z 62 PC: 12ac7 | Close file
2018-12-17T22:46:52.294607001Z 79 PC: 12a70 | Find next file
2018-12-17T22:46:52.298035011Z 61 PC: 12a7a | Open file (Filename = 'ldibranda Crapomena´,Í!€þ:r#Í NOCCIOLA (C) '93 by Grog - Italy ¹"')
2018-12-17T22:46:52.305464249Z 63 PC: 12a87 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:46:52.314375762Z 66 PC: 12a9f | Move file pointer
2018-12-17T22:46:52.326345221Z 87 PC: 12aaf | Get or set file date and time
2018-12-17T22:46:52.328206848Z 64 PC: 12abc | Write file or device (Write 310 bytes on handle 5)
2018-12-17T22:46:52.333517095Z 87 PC: 12ac3 | Get or set file date and time
2018-12-17T22:46:52.335473561Z 62 PC: 12ac7 | Close file
2018-12-17T22:46:52.346184405Z 79 PC: 12a70 | Find next file
2018-12-17T22:46:52.352503497Z 61 PC: 12a7a | Open file (Filename = 'ldibranda Crapomena´,Í!€þ:r#Í NOCCIOLA (C) '93 by Grog - Italy ¹"')
2018-12-17T22:46:52.361339548Z 63 PC: 12a87 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:46:52.374085747Z 66 PC: 12a9f | Move file pointer
2018-12-17T22:46:52.3760674Z 87 PC: 12aaf | Get or set file date and time
2018-12-17T22:46:52.379337293Z 64 PC: 12abc | Write file or device (Write 375 bytes on handle 5)
2018-12-17T22:46:52.382578332Z 87 PC: 12ac3 | Get or set file date and time
2018-12-17T22:46:52.385288584Z 62 PC: 12ac7 | Close file
2018-12-17T22:46:52.394816796Z 79 PC: 12a70 | Find next file
2018-12-17T22:46:52.39826294Z 61 PC: 12a7a | Open file (Filename = 'ldibranda Crapomena´,Í!€þ:r#Í NOCCIOLA (C) '93 by Grog - Italy ¹"')
2018-12-17T22:46:52.40574582Z 63 PC: 12a87 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:46:52.413977736Z 66 PC: 12a9f | Move file pointer
2018-12-17T22:46:52.415747501Z 87 PC: 12aaf | Get or set file date and time
2018-12-17T22:46:52.417421235Z 64 PC: 12abc | Write file or device (Write 312 bytes on handle 5)
2018-12-17T22:46:52.42216622Z 87 PC: 12ac3 | Get or set file date and time
2018-12-17T22:46:52.426728382Z 62 PC: 12ac7 | Close file
2018-12-17T22:46:52.435728962Z 79 PC: 12a70 | Find next file
2018-12-17T22:46:52.439308808Z 61 PC: 12a7a | Open file (Filename = 'ldibranda Crapomena´,Í!€þ:r#Í NOCCIOLA (C) '93 by Grog - Italy ¹"')
2018-12-17T22:46:52.447936237Z 63 PC: 12a87 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:46:52.456072734Z 66 PC: 12a9f | Move file pointer
2018-12-17T22:46:52.458181096Z 87 PC: 12aaf | Get or set file date and time
2018-12-17T22:46:52.460781512Z 64 PC: 12abc | Write file or device (Write 312 bytes on handle 5)
2018-12-17T22:46:52.464200655Z 87 PC: 12ac3 | Get or set file date and time
2018-12-17T22:46:52.466334504Z 62 PC: 12ac7 | Close file
2018-12-17T22:46:52.475163091Z 79 PC: 12a70 | Find next file
2018-12-17T22:46:52.478505731Z 61 PC: 12a7a | Open file (Filename = 'ldibranda Crapomena´,Í!€þ:r#Í NOCCIOLA (C) '93 by Grog - Italy ¹"')
2018-12-17T22:46:52.486309073Z 63 PC: 12a87 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:46:52.494931633Z 66 PC: 12a9f | Move file pointer
2018-12-17T22:46:52.496937241Z 87 PC: 12aaf | Get or set file date and time
2018-12-17T22:46:52.498902273Z 64 PC: 12abc | Write file or device (Write 784 bytes on handle 5)
2018-12-17T22:46:52.509775872Z 87 PC: 12ac3 | Get or set file date and time
2018-12-17T22:46:52.512048031Z 62 PC: 12ac7 | Close file
2018-12-17T22:46:52.520408579Z 79 PC: 12a70 | Find next file
2018-12-17T22:46:52.52465635Z 61 PC: 12a7a | Open file (Filename = 'ldibranda Crapomena´,Í!€þ:r#Í NOCCIOLA (C) '93 by Grog - Italy ¹"')
2018-12-17T22:46:52.532676178Z 63 PC: 12a87 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:46:52.539784082Z 66 PC: 12a9f | Move file pointer
2018-12-17T22:46:52.541533159Z 87 PC: 12aaf | Get or set file date and time
2018-12-17T22:46:52.54411543Z 64 PC: 12abc | Write file or device (Write 312 bytes on handle 5)
2018-12-17T22:46:52.547320111Z 87 PC: 12ac3 | Get or set file date and time
2018-12-17T22:46:52.549192679Z 62 PC: 12ac7 | Close file
2018-12-17T22:46:52.558451034Z 79 PC: 12a70 | Find next file
2018-12-17T22:46:52.561526472Z 61 PC: 12a7a | Open file (Filename = 'ldibranda Crapomena´,Í!€þ:r#Í NOCCIOLA (C) '93 by Grog - Italy ¹"')
2018-12-17T22:46:52.567391732Z 63 PC: 12a87 | Read file or device (Read 65535 bytes on handle 5)
2018-12-17T22:46:52.573572655Z 62 PC: 12ac7 | Close file
2018-12-17T22:46:52.575184593Z 79 PC: 12a70 | Find next file
2018-12-17T22:46:52.57751408Z 44 PC: 12af5 | Get time 0x12af5: cmp dh, 0x3a
0x12af8: jb 0x12b1d
0x12afa: int 0x20
0x12afc: dec si
0x12afd: dec di
0x12afe: inc bx
0x12aff: inc bx
0x12b00: dec cx
0x12b01: dec di
0x12b02: dec sp
0x12b03: inc cx
0x12b04: and byte ptr [bx + si], ch
0x12b06: inc bx
0x12b07: sub word ptr [bx + si], sp
0x12b09: daa
0x12b0a: cmp word ptr [bp + di], si
0x12b0c: and byte ptr [bp + si + 0x79], ah
0x12b0f: and byte ptr [bx + 0x72], al
0x12b12: outsw dx, word ptr [si]
0x12b13: and byte ptr [0x61744920], ch

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":9031,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:22:21.154726719Z 78 PC: 12a70 | Find first file
2018-12-25T12:22:21.161772038Z 61 PC: 12a7a | Open file (Filename = 'ldibranda Crapomena´,Í!€þ:r#Í NOCCIOLA (C) '93 by Grog - Italy ¹"')
2018-12-25T12:22:21.168303546Z 63 PC: 12a87 | Read file or device (Read 65535 bytes on handle 5)
2018-12-25T12:22:21.178461493Z 66 PC: 12a9f | Move file pointer
2018-12-25T12:22:21.181391278Z 87 PC: 12aaf | Get or set file date and time
2018-12-25T12:22:21.183092992Z 64 PC: 12abc | Write file or device (Write 690 bytes on handle 5)
2018-12-25T12:22:21.206014467Z 87 PC: 12ac3 | Get or set file date and time
2018-12-25T12:22:21.208779203Z 62 PC: 12ac7 | Close file
2018-12-25T12:22:21.217550923Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.220561445Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.227837718Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.234657225Z 66 PC: 12a9f | Move file pointer (See above)
2018-12-25T12:22:21.236111202Z 87 PC: 12aaf | Get or set file date and time (See above)
2018-12-25T12:22:21.237588495Z 64 PC: 12abc | Write file or device (See above)
2018-12-25T12:22:21.241009779Z 87 PC: 12ac3 | Get or set file date and time (See above)
2018-12-25T12:22:21.242784249Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.250461378Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.254171717Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.260888404Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.267390968Z 66 PC: 12a9f | Move file pointer (See above)
2018-12-25T12:22:21.269513652Z 87 PC: 12aaf | Get or set file date and time (See above)
2018-12-25T12:22:21.279130646Z 64 PC: 12abc | Write file or device (See above)
2018-12-25T12:22:21.282066343Z 87 PC: 12ac3 | Get or set file date and time (See above)
2018-12-25T12:22:21.284580101Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.293158531Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.296888291Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.30432702Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.311668531Z 66 PC: 12a9f | Move file pointer (See above)
2018-12-25T12:22:21.313267408Z 87 PC: 12aaf | Get or set file date and time (See above)
2018-12-25T12:22:21.315179216Z 64 PC: 12abc | Write file or device (See above)
2018-12-25T12:22:21.318635329Z 87 PC: 12ac3 | Get or set file date and time (See above)
2018-12-25T12:22:21.320077327Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.330589412Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.333920446Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.340589895Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.347088192Z 66 PC: 12a9f | Move file pointer (See above)
2018-12-25T12:22:21.349200869Z 87 PC: 12aaf | Get or set file date and time (See above)
2018-12-25T12:22:21.350897986Z 64 PC: 12abc | Write file or device (See above)
2018-12-25T12:22:21.353893948Z 87 PC: 12ac3 | Get or set file date and time (See above)
2018-12-25T12:22:21.356487285Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.363850777Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.366756086Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.374609453Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.380580407Z 66 PC: 12a9f | Move file pointer (See above)
2018-12-25T12:22:21.382472477Z 87 PC: 12aaf | Get or set file date and time (See above)
2018-12-25T12:22:21.385042872Z 64 PC: 12abc | Write file or device (See above)
2018-12-25T12:22:21.393624344Z 87 PC: 12ac3 | Get or set file date and time (See above)
2018-12-25T12:22:21.395590707Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.407806063Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.409746528Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.413734969Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.421186937Z 66 PC: 12a9f | Move file pointer (See above)
2018-12-25T12:22:21.422258723Z 87 PC: 12aaf | Get or set file date and time (See above)
2018-12-25T12:22:21.423298172Z 64 PC: 12abc | Write file or device (See above)
2018-12-25T12:22:21.425633556Z 87 PC: 12ac3 | Get or set file date and time (See above)
2018-12-25T12:22:21.426746493Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.431764105Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.434320863Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.438482748Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.443090571Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.445942263Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.448184993Z 44 PC: 12af5 | Get time 0x12af5: cmp dh, 0x3a
0x12af8: jb 0x12b1d
0x12afa: int 0x20
0x12afc: dec si
0x12afd: dec di
0x12afe: inc bx
0x12aff: inc bx
0x12b00: dec cx
0x12b01: dec di
0x12b02: dec sp
0x12b03: inc cx
0x12b04: and byte ptr [bx + si], ch
0x12b06: inc bx
0x12b07: sub word ptr [bx + si], sp
0x12b09: daa
0x12b0a: cmp word ptr [bp + di], si
0x12b0c: and byte ptr [bp + si + 0x79], ah
0x12b0f: and byte ptr [bx + 0x72], al
0x12b12: outsw dx, word ptr [si]
0x12b13: and byte ptr [0x61744920], ch

{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":58,"TimeBased":true,"OriginalID":9031,"SideJobID":0}

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-25T12:22:21.255731779Z 78 PC: 12a70 | Find first file
2018-12-25T12:22:21.261503718Z 61 PC: 12a7a | Open file (Filename = 'ldibranda Crapomena´,Í!€þ:r#Í NOCCIOLA (C) '93 by Grog - Italy ¹"')
2018-12-25T12:22:21.268119217Z 63 PC: 12a87 | Read file or device (Read 65535 bytes on handle 5)
2018-12-25T12:22:21.275455092Z 66 PC: 12a9f | Move file pointer
2018-12-25T12:22:21.277084025Z 87 PC: 12aaf | Get or set file date and time
2018-12-25T12:22:21.278834681Z 64 PC: 12abc | Write file or device (Write 690 bytes on handle 5)
2018-12-25T12:22:21.294068646Z 87 PC: 12ac3 | Get or set file date and time
2018-12-25T12:22:21.295598738Z 62 PC: 12ac7 | Close file
2018-12-25T12:22:21.302788714Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.305563873Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.31700816Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.327823388Z 66 PC: 12a9f | Move file pointer (See above)
2018-12-25T12:22:21.329810574Z 87 PC: 12aaf | Get or set file date and time (See above)
2018-12-25T12:22:21.331574662Z 64 PC: 12abc | Write file or device (See above)
2018-12-25T12:22:21.334666134Z 87 PC: 12ac3 | Get or set file date and time (See above)
2018-12-25T12:22:21.336357004Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.346678383Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.349518622Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.356589471Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.363224942Z 66 PC: 12a9f | Move file pointer (See above)
2018-12-25T12:22:21.364795069Z 87 PC: 12aaf | Get or set file date and time (See above)
2018-12-25T12:22:21.366412459Z 64 PC: 12abc | Write file or device (See above)
2018-12-25T12:22:21.370005517Z 87 PC: 12ac3 | Get or set file date and time (See above)
2018-12-25T12:22:21.371812792Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.3791255Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.382473485Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.388853669Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.394954394Z 66 PC: 12a9f | Move file pointer (See above)
2018-12-25T12:22:21.396799403Z 87 PC: 12aaf | Get or set file date and time (See above)
2018-12-25T12:22:21.398141626Z 64 PC: 12abc | Write file or device (See above)
2018-12-25T12:22:21.400717275Z 87 PC: 12ac3 | Get or set file date and time (See above)
2018-12-25T12:22:21.402784723Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.41006357Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.413426286Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.420671088Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.427630842Z 66 PC: 12a9f | Move file pointer (See above)
2018-12-25T12:22:21.429261368Z 87 PC: 12aaf | Get or set file date and time (See above)
2018-12-25T12:22:21.431377113Z 64 PC: 12abc | Write file or device (See above)
2018-12-25T12:22:21.434461613Z 87 PC: 12ac3 | Get or set file date and time (See above)
2018-12-25T12:22:21.436241059Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.443898577Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.446859756Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.453562138Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.460158489Z 66 PC: 12a9f | Move file pointer (See above)
2018-12-25T12:22:21.462501329Z 87 PC: 12aaf | Get or set file date and time (See above)
2018-12-25T12:22:21.464031993Z 64 PC: 12abc | Write file or device (See above)
2018-12-25T12:22:21.472164868Z 87 PC: 12ac3 | Get or set file date and time (See above)
2018-12-25T12:22:21.474174377Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.481656238Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.484128947Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.491900396Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.498178077Z 66 PC: 12a9f | Move file pointer (See above)
2018-12-25T12:22:21.499465605Z 87 PC: 12aaf | Get or set file date and time (See above)
2018-12-25T12:22:21.50168776Z 64 PC: 12abc | Write file or device (See above)
2018-12-25T12:22:21.504509929Z 87 PC: 12ac3 | Get or set file date and time (See above)
2018-12-25T12:22:21.505898697Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.515636601Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.518221465Z 61 PC: 12a7a | Open file (See above)
2018-12-25T12:22:21.525401138Z 63 PC: 12a87 | Read file or device (See above)
2018-12-25T12:22:21.533204275Z 62 PC: 12ac7 | Close file (See above)
2018-12-25T12:22:21.535145618Z 79 PC: 12a70 | Find next file (See above)
2018-12-25T12:22:21.537542308Z 44 PC: 12af5 | Get time 0x12af5: cmp dh, 0x3a
0x12af8: jb 0x12b1d
0x12afa: int 0x20
0x12afc: dec si
0x12afd: dec di
0x12afe: inc bx
0x12aff: inc bx
0x12b00: dec cx
0x12b01: dec di
0x12b02: dec sp
0x12b03: inc cx
0x12b04: and byte ptr [bx + si], ch
0x12b06: inc bx
0x12b07: sub word ptr [bx + si], sp
0x12b09: daa
0x12b0a: cmp word ptr [bp + di], si
0x12b0c: and byte ptr [bp + si + 0x79], ah
0x12b0f: and byte ptr [bx + 0x72], al
0x12b12: outsw dx, word ptr [si]
0x12b13: and byte ptr [0x61744920], ch