Sample viewer

vx.netlux.org/Virus.DOS.LittBrother.361

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:06:43.447170652Z 42 PC: 12b9d | Get date 0x12b9d: mov al, dl
0x12b9f: cwde
0x12ba0: ret
0x12ba1: mov ah, 0x2a
0x12ba3: int 0x21
0x12ba5: mov al, dh
0x12ba7: cwde
0x12ba8: ret
0x12ba9: push word ptr [di + 1]
0x12bac: stc
0x12bad: pop si
0x12bae: pop dx
0x12baf: pop cx
0x12bb0: pop bx
0x12bb1: pop ax
0x12bb2: pop ds
0x12bb3: retf
0x12bb4: mov ch, al
0x12bb6: mov cl, al
0x12bb8: mov ax, 0x5800
2018-12-17T22:06:43.450073532Z 37 PC: 12aa6 | Set interrupt vector (Interrupt = '33' AKA 'Random read')