Sample viewer

vx.netlux.org/Virus.DOS.NRLG-based

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:46:18.753934435Z 202 PC: 12aa5 | UNKNOWN!
2018-12-17T22:46:18.761169975Z 42 PC: 12ccb | Get date 0x12ccb: cmp dl, byte ptr cs:[bp + 0x4f6]
0x12cd0: je 0x12cda
0x12cd2: cmp byte ptr cs:[bp + 0x4f6], 0x20
0x12cd8: jne 0x12d07
0x12cda: cmp dh, byte ptr cs:[bp + 0x4f7]
0x12cdf: je 0x12ce9
0x12ce1: cmp byte ptr cs:[bp + 0x4f7], 0xd
0x12ce7: jne 0x12d07
0x12ce9: mov ax, 0x351c
0x12cec: int 0x21
0x12cee: mov word ptr ds:[bp + 0x3d9], bx
0x12cf3: mov word ptr ds:[bp + 0x3db], es
0x12cf8: mov ax, 0x251c
0x12cfb: push cs
0x12cfc: pop ds
0x12cfd: mov dx, 0x3c8
0x12d00: int 0x21
0x12d02: mov dx, 0x4fb
0x12d05: int 0x27
0x12d07: ret
2018-12-17T22:46:19.098392754Z 45 PC: 12dc0 | Set time
2018-12-17T22:46:19.09988857Z 250 PC: 12dea | UNKNOWN!
2018-12-17T22:46:19.101301043Z 53 PC: 12abb | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:46:19.102812441Z 74 PC: 12add | Reallocate memory
2018-12-17T22:46:19.104392373Z 72 PC: 12ae4 | Allocate memory
2018-12-17T22:46:19.106435887Z 37 PC: 12b09 | Set interrupt vector (Interrupt = '33' AKA 'Random read')