Sample viewer

vx.netlux.org/Virus.DOS.Deicide.Comment.2403

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:26:00.744334535Z	26	PC: 12a63 \| Set disk transfer address
2018-12-17T22:26:00.746834632Z	78	PC: 12a6d \| Find first file
2018-12-17T22:26:00.757893906Z	79	PC: 12aac \| Find next file
2018-12-17T22:26:00.761053847Z	79	PC: 12aac \| Find next file
2018-12-17T22:26:00.764293239Z	79	PC: 12aac \| Find next file
2018-12-17T22:26:00.767988251Z	79	PC: 12aac \| Find next file
2018-12-17T22:26:00.771079209Z	79	PC: 12aac \| Find next file
2018-12-17T22:26:00.774249003Z	79	PC: 12aac \| Find next file
2018-12-17T22:26:00.778154924Z	79	PC: 12aac \| Find next file
2018-12-17T22:26:00.78156781Z	61	PC: 12a8c \| Open file (Filename = 'TEST.COM')
2018-12-17T22:26:00.789176564Z	63	PC: 12a9b \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:26:00.793767466Z	62	PC: 12a9f \| Close file
2018-12-17T22:26:00.800217429Z	79	PC: 12aac \| Find next file
2018-12-17T22:26:00.803213043Z	26	PC: 12b3c \| Set disk transfer address
2018-12-17T22:26:00.805220942Z	44	PC: 12b40 \| Get time 0x12b40: xor dl, dl 0x12b42: xchg dl, dh 0x12b44: add dx, dx 0x12b46: add dx, 0x218 0x12b4a: mov si, dx 0x12b4c: mov dx, word ptr cs:[si] 0x12b4f: mov ah, 9 0x12b51: int 0x21 0x12b53: jmp word ptr cs:[0xa29] 0x12b58: nop 0x12b59: add ch, byte ptr [bx + di - 0x35fe] 0x12b5d: add ch, al 0x12b5f: add bh, bh 0x12b61: add ah, byte ptr [bx + si] 0x12b63: add ax, word ptr [si + 3] 0x12b66: imul ax, word ptr [bp + di], -0x6f 0x12b69: add di, word ptr [bp - 0x24fd] 0x12b6d: add si, di 0x12b6f: add bx, word ptr [bp + di] 0x12b71: add al, 0x3c
2018-12-17T22:26:00.81293916Z	9	PC: 12b53 \| Display string (String= ' Why dont you play with something else? ')