Sample viewer

vx.netlux.org/Virus.DOS.LittBrother.349

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:11:43.252039605Z 42 PC: 12b91 | Get date 0x12b91: mov al, dl
0x12b93: cwde
0x12b94: ret
0x12b95: mov ah, 0x2a
0x12b97: int 0x21
0x12b99: mov al, dh
0x12b9b: cwde
0x12b9c: ret
0x12b9d: int 0x21
0x12ba0: popf
0x12ba1: mov di, dx
0x12ba3: jmp 0x12bad
0x12ba5: mov di, word ptr es:[di]
0x12ba8: or di, di
0x12baa: jne 0x12bad
0x12bac: stc
0x12bad: pop si
0x12bae: pop dx
0x12baf: pop cx
0x12bb0: pop bx
2018-12-17T23:11:43.254661265Z 37 PC: 12a83 | Set interrupt vector (Interrupt = '33' AKA 'Random read')