Sample viewer

vx.netlux.org/Virus.DOS.LittBrother.346

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:49:58.243621327Z 42 PC: 12b8e | Get date 0x12b8e: mov al, dl
0x12b90: cwde
0x12b91: ret
0x12b92: mov ah, 0x2a
0x12b94: int 0x21
0x12b96: mov al, dh
0x12b98: cwde
0x12b99: ret
0x12b9a: stc
0x12b9b: pushf
0x12b9c: mov ah, 0x3e
0x12b9e: int 0x21
0x12ba0: popf
0x12ba1: mov di, dx
0x12ba3: jmp 0x12bad
0x12ba5: mov di, word ptr es:[di]
0x12ba8: or di, di
0x12baa: jne 0x12bad
0x12bac: stc
0x12bad: pop si
2018-12-17T22:49:58.246575849Z 37 PC: 12a83 | Set interrupt vector (Interrupt = '33' AKA 'Random read')