Sample viewer

vx.netlux.org/Virus.DOS.Armageddon.1057

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:54:53.281805821Z 224 PC: 12d64 | UNKNOWN!
2018-12-17T22:54:53.282760206Z 53 PC: 12d73 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:54:53.285730855Z 37 PC: 12d83 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:54:53.287382622Z 53 PC: 12d88 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:54:53.289044799Z 37 PC: 12d98 | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:54:53.291336129Z 44 PC: 12d9c | Get time 0x12d9c: mov byte ptr [0x12c], ch
0x12da0: mov byte ptr [0x12d], cl
0x12da4: mov byte ptr [0x12e], dh
0x12da8: mov ax, word ptr cs:[0x2c]
0x12dac: mov ds, ax
0x12dae: xor si, si
0x12db0: mov al, byte ptr [si]
0x12db2: cmp al, 1
0x12db4: je 0x12db9
0x12db6: inc si
0x12db7: jmp 0x12db0
0x12db9: inc si
0x12dba: inc si
0x12dbb: mov dx, si
0x12dbd: mov ax, cs
0x12dbf: mov es, ax
0x12dc1: mov bx, 0x5a
0x12dc4: mov ah, 0x4a
0x12dc6: int 0x21
0x12dc8: mov bx, word ptr cs:[0x81]
2018-12-17T22:54:53.294128853Z 74 PC: 12dc8 | Reallocate memory
2018-12-17T22:54:53.295962612Z 75 PC: 12df0 | Execute program
2018-12-17T22:54:53.313299945Z 76 PC: 19fb8 | Terminate with return code (Return code = '235')
2018-12-17T22:54:53.316907982Z 49 PC: 12e05 | Terminate and stay resident (Return code = '0' | Memory size = '83')