Sample viewer

vx.netlux.org/Virus.DOS.NRLG.1270

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:52:35.74741863Z 170 PC: 1331e | UNKNOWN!
2018-12-17T22:52:35.751451582Z 42 PC: 1356f | Get date 0x1356f: cwde
0x13570: cmp dl, 9
0x13573: jne 0x1357f
0x13575: mov al, 2
0x13577: mov cx, 9
0x1357a: cli
0x1357b: cdq
0x1357c: int 0x26
0x1357e: sti
0x1357f: ret
0x13580: mov ah, 0x2a
0x13582: int 0x21
0x13584: cwde
0x13585: cli
0x13586: cmp dl, 0xc
0x13589: jne 0x1358e
0x1358b: jmp 0x1358f
0x1358d: nop
0x1358e: ret
0x1358f: mov ax, 0x9e81
2018-12-17T22:52:35.754134397Z 42 PC: 13584 | Get date 0x13584: cwde
0x13585: cli
0x13586: cmp dl, 0xc
0x13589: jne 0x1358e
0x1358b: jmp 0x1358f
0x1358d: nop
0x1358e: ret
0x1358f: mov ax, 0x9e81
0x13592: mov es, ax
0x13594: mov ax, 0x201
0x13597: mov cx, 1
0x1359a: mov dx, 0x80
0x1359d: xor bx, bx
0x1359f: int 0x13
0x135a1: push cs
0x135a2: pop ds
0x135a3: mov ax, 0x9e81
0x135a6: mov es, ax
0x135a8: mov si, 0x455
0x135ab: xor di, di
2018-12-17T22:52:35.758684849Z 250 PC: 1362b | UNKNOWN!
2018-12-17T22:52:35.760054815Z 53 PC: 13331 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:52:35.76216398Z 74 PC: 13351 | Reallocate memory
2018-12-17T22:52:35.764167906Z 72 PC: 13358 | Allocate memory
2018-12-17T22:52:35.766475982Z 37 PC: 1337d | Set interrupt vector (Interrupt = '33' AKA 'Random read')