Sample viewer

vx.netlux.org/Virus.DOS.Riot.RedMercury.823

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T23:11:51.681662388Z 26 PC: 12a92 | Set disk transfer address
2018-12-17T23:11:51.683661882Z 25 PC: 12aa8 | Get default drive
2018-12-17T23:11:51.684941987Z 44 PC: 12b9e | Get time 0x12b9e: cmp dl, 0x32
0x12ba1: ja 0x12ba6
0x12ba3: jmp 0x12c29
0x12ba6: mov ax, 0x301
0x12ba9: mov cx, 1
0x12bac: mov dx, 0x80
0x12baf: lea bx, word ptr [bp + 0x100]
0x12bb3: int 0x13
0x12bb5: mov dx, 0x3fe
0x12bb8: call 0x12bca
0x12bbb: mov dx, 0x40e
0x12bbe: call 0x12bca
0x12bc1: mov dx, 0x41c
0x12bc4: call 0x12bca
0x12bc7: call 0x12c04
0x12bca: mov ah, 0x3c
0x12bcc: mov cx, 6
0x12bcf: int 0x21
0x12bd1: jb 0x12bd4
0x12bd3: ret
2018-12-17T23:11:52.023482881Z 60 PC: 12bd1 | Create or truncate file
2018-12-17T23:11:52.036178183Z 60 PC: 12bd1 | Create or truncate file
2018-12-17T23:11:52.047838315Z 60 PC: 12bd1 | Create or truncate file
2018-12-17T23:11:52.059316747Z 59 PC: 12c15 | Change current directory