Sample viewer

vx.netlux.org/Virus.DOS.Jerusalem.Plastique.3012.e

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:54:43.150748201Z 75 PC: 13319 | Execute program
2018-12-17T22:54:43.154563892Z 75 PC: 1336a | Execute program
2018-12-17T22:54:43.234362659Z 74 PC: 1341e | Reallocate memory
2018-12-17T22:54:43.235997785Z 53 PC: 13423 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:54:43.238362519Z 37 PC: 13437 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:54:43.242073706Z 42 PC: 13469 | Get date 0x13469: sub cx, 0x7bc
0x1346d: mov ax, cx
0x1346f: mov bx, dx
0x13471: mov cx, 0x168
0x13474: mul cx
0x13476: xchg ax, bx
0x13477: add bl, al
0x13479: adc bh, 0
0x1347c: mov al, ah
0x1347e: mov cl, 0x1e
0x13480: mul cl
0x13482: add ax, bx
0x13484: sub ax, word ptr [0x30]
0x13488: ja 0x1348d
0x1348a: jmp 0x13510
0x1348d: add word ptr [0x30], ax
0x13491: cmp ax, 7
0x13494: ja 0x13499
0x13496: jmp 0x13510
0x13498: nop
2018-12-17T22:54:43.244580693Z 75 PC: 1351c | Execute program
2018-12-17T22:54:43.253758046Z 0 PC: 13838 | Program terminate
2018-12-17T22:54:43.25597412Z 73 PC: 13522 | Release memory
2018-12-17T22:54:43.256968744Z 77 PC: 13526 | Get program return code
2018-12-17T22:54:43.25788924Z 49 PC: 13534 | Terminate and stay resident (Return code = '0' | Memory size = '204')