Sample viewer

vx.netlux.org/Virus.DOS.Armageddon.1066

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:56:10.227866401Z 224 PC: 12d6d | UNKNOWN!
2018-12-17T22:56:10.229124547Z 53 PC: 12d7c | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:56:10.230725784Z 37 PC: 12d8c | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:56:10.232149456Z 53 PC: 12d91 | Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:56:10.233659827Z 37 PC: 12da1 | Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:56:10.236638671Z 44 PC: 12da5 | Get time 0x12da5: mov byte ptr [0x12c], ch
0x12da9: mov byte ptr [0x12d], cl
0x12dad: mov byte ptr [0x12e], dh
0x12db1: mov ax, word ptr cs:[0x2c]
0x12db5: mov ds, ax
0x12db7: xor si, si
0x12db9: mov al, byte ptr [si]
0x12dbb: cmp al, 1
0x12dbd: je 0x12dc2
0x12dbf: inc si
0x12dc0: jmp 0x12db9
0x12dc2: inc si
0x12dc3: inc si
0x12dc4: mov dx, si
0x12dc6: mov ax, cs
0x12dc8: mov es, ax
0x12dca: mov bx, 0x5a
0x12dcd: mov ah, 0x4a
0x12dcf: int 0x21
0x12dd1: mov bx, word ptr cs:[0x81]
2018-12-17T22:56:10.239643209Z 74 PC: 12dd1 | Reallocate memory
2018-12-17T22:56:10.241685762Z 75 PC: 12df9 | Execute program
2018-12-17T22:56:10.259644963Z 76 PC: 19fb8 | Terminate with return code (Return code = '235')
2018-12-17T22:56:10.269484641Z 49 PC: 12e0e | Terminate and stay resident (Return code = '0' | Memory size = '83')