Sample viewer

vx.netlux.org/Virus.DOS.Jerusalem.Plastique.3012.a

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:02:12.443807261Z 75 PC: 13319 | Execute program
2018-12-17T22:02:12.445919474Z 75 PC: 1336a | Execute program
2018-12-17T22:02:12.538923293Z 74 PC: 1341e | Reallocate memory
2018-12-17T22:02:12.540957749Z 53 PC: 13423 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:02:12.543950209Z 37 PC: 13437 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:02:12.545834324Z 42 PC: 13469 | Get date 0x13469: sub cx, 0x7bc
0x1346d: mov ax, cx
0x1346f: mov bx, dx
0x13471: mov cx, 0x168
0x13474: mul cx
0x13476: xchg ax, bx
0x13477: add bl, al
0x13479: adc bh, 0
0x1347c: mov al, ah
0x1347e: mov cl, 0x1e
0x13480: mul cl
0x13482: add ax, bx
0x13484: sub ax, word ptr [0x30]
0x13488: ja 0x1348d
0x1348a: jmp 0x13510
0x1348d: add word ptr [0x30], ax
0x13491: cmp ax, 7
0x13494: ja 0x13499
0x13496: jmp 0x13510
0x13498: nop
2018-12-17T22:02:12.548453703Z 75 PC: 1351c | Execute program
2018-12-17T22:02:12.563872604Z 73 PC: 13522 | Release memory
2018-12-17T22:02:12.566172202Z 77 PC: 13526 | Get program return code
2018-12-17T22:02:12.567577086Z 49 PC: 13534 | Terminate and stay resident (Return code = '0' | Memory size = '204')