Sample viewer

vx.netlux.org/Virus.DOS.Deicide.Comment.2404

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:35:41.365634976Z	26	PC: 12a63 \| Set disk transfer address
2018-12-17T22:35:41.367314366Z	78	PC: 12a6d \| Find first file
2018-12-17T22:35:41.382135552Z	79	PC: 12aac \| Find next file
2018-12-17T22:35:41.384524078Z	79	PC: 12aac \| Find next file
2018-12-17T22:35:41.388241778Z	79	PC: 12aac \| Find next file
2018-12-17T22:35:41.3945738Z	79	PC: 12aac \| Find next file
2018-12-17T22:35:41.396989052Z	79	PC: 12aac \| Find next file
2018-12-17T22:35:41.399155669Z	79	PC: 12aac \| Find next file
2018-12-17T22:35:41.402126784Z	79	PC: 12aac \| Find next file
2018-12-17T22:35:41.405338491Z	61	PC: 12a8c \| Open file (Filename = 'TEST.COM')
2018-12-17T22:35:41.411695467Z	63	PC: 12a9b \| Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:35:41.414392058Z	62	PC: 12a9f \| Close file
2018-12-17T22:35:41.416935687Z	79	PC: 12aac \| Find next file
2018-12-17T22:35:41.42010234Z	26	PC: 12b3d \| Set disk transfer address
2018-12-17T22:35:41.423025337Z	44	PC: 12b41 \| Get time 0x12b41: xor dl, dl 0x12b43: xchg dl, dh 0x12b45: add dx, dx 0x12b47: add dx, 0x219 0x12b4b: mov si, dx 0x12b4d: mov dx, word ptr cs:[si] 0x12b50: mov ah, 9 0x12b52: int 0x21 0x12b54: jmp word ptr cs:[0xa2a] 0x12b59: xchg ax, cx 0x12b5a: add ch, byte ptr [bp + si - 0x34fe] 0x12b5e: add ch, cl 0x12b60: add al, byte ptr [bx + si] 0x12b62: add sp, word ptr [bx + di] 0x12b64: add ax, word ptr [di + 3] 0x12b67: insb byte ptr es:[di], dx 0x12b68: add dx, word ptr [bp + si - 0x40fd] 0x12b6c: add bx, sp 0x12b6e: add di, ax 0x12b70: add bx, word ptr [si]
2018-12-17T22:35:41.426471085Z	9	PC: 12b54 \| Display string (String= ' Righard Zwienenberg is a cowboy ')