Sample viewer

vx.netlux.org/Virus.DOS.Riot.RedMercury.825

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:31:32.779743177Z 26 PC: 12a92 | Set disk transfer address
2018-12-17T22:31:32.781389124Z 25 PC: 12aa8 | Get default drive
2018-12-17T22:31:32.79502574Z 44 PC: 12b9e | Get time 0x12b9e: cmp dl, 0x32
0x12ba1: ja 0x12ba6
0x12ba3: jmp 0x12c29
0x12ba6: mov ax, 0x301
0x12ba9: mov cx, 1
0x12bac: mov dx, 0x80
0x12baf: lea bx, word ptr [bp + 0x100]
0x12bb3: int 0x13
0x12bb5: mov dx, 0x400
0x12bb8: call 0x12bca
0x12bbb: mov dx, 0x410
0x12bbe: call 0x12bca
0x12bc1: mov dx, 0x41e
0x12bc4: call 0x12bca
0x12bc7: call 0x12c04
0x12bca: mov ah, 0x3c
0x12bcc: mov cx, 6
0x12bcf: int 0x21
0x12bd1: jb 0x12bd4
0x12bd3: ret
2018-12-17T22:31:33.617023057Z 60 PC: 12bd1 | Create or truncate file
2018-12-17T22:31:33.632507384Z 60 PC: 12bd1 | Create or truncate file
2018-12-17T22:31:33.647363155Z 60 PC: 12bd1 | Create or truncate file
2018-12-17T22:31:33.667385854Z 59 PC: 12c15 | Change current directory