Sample viewer

vx.netlux.org/Virus.DOS.Blood.418

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:56:21.265855424Z 25 PC: 12ac6 | Get default drive
2018-12-17T21:56:21.268100203Z 14 PC: 12acd | Set default drive (Drive = 'C')
2018-12-17T21:56:21.269718057Z 26 PC: 12ad6 | Set disk transfer address
2018-12-17T21:56:21.271189047Z 78 PC: 12ae2 | Find first file
2018-12-17T21:56:21.27812649Z 79 PC: 12b0b | Find next file
2018-12-17T21:56:21.295543094Z 44 PC: 12b11 | Get time 0x12b11: and dl, 3
0x12b14: jne 0x12b30
0x12b16: mov dx, 0x38
0x12b19: add dx, bp
0x12b1b: mov ah, 9
0x12b1d: in al, 0x61
0x12b1f: or al, 3
0x12b21: out 0x61, al
0x12b23: int 0x21
0x12b25: mov cx, 0xffff
0x12b28: loop 0x12b28
0x12b2a: in al, 0x61
0x12b2c: and al, 0xfc
0x12b2e: out 0x61, al
0x12b30: pop ax
0x12b31: mov dl, al
0x12b33: mov ah, 0xe
0x12b35: int 0x21
0x12b37: mov ah, 0x1a
0x12b39: mov dx, 0x80
2018-12-17T21:56:21.297615604Z 14 PC: 12b37 | Set default drive (Drive = 'A')
2018-12-17T21:56:21.299541266Z 26 PC: 12b3e | Set disk transfer address
2018-12-17T21:56:21.301893569Z 76 PC: 12a48 | Terminate with return code (Return code = '0')