Sample viewer

vx.netlux.org/Virus.DOS.Jerusalem.Kylie

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:03:43.731816846Z 176 PC: 12ad9 | UNKNOWN!
2018-12-17T22:03:43.733573367Z 176 PC: 12b2a | UNKNOWN!
2018-12-17T22:03:43.73479002Z 74 PC: 12ba8 | Reallocate memory
2018-12-17T22:03:43.73651086Z 53 PC: 12bad | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:03:43.738604935Z 37 PC: 12bc1 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:03:43.739874206Z 42 PC: 12c6f | Get date 0x12c6f: and byte ptr cs:[0x78], 0xf6
0x12c75: cmp cx, 0x7c6
0x12c79: jb 0x12c96
0x12c7b: ja 0x12c8f
0x12c7d: cmp dx, 0x114
0x12c81: jb 0x12c96
0x12c83: or byte ptr cs:[0x78], 8
0x12c89: cmp dx, 0x70d
0x12c8d: jb 0x12c96
0x12c8f: or byte ptr cs:[0x78], 1
0x12c95: ret
0x12c96: call 0x12c9a
0x12c99: ret
0x12c9a: ret
0x12c9b: push ds
0x12c9c: push es
0x12c9d: push ax
0x12c9e: push bx
0x12c9f: push cx
0x12ca0: push dx
2018-12-17T22:03:43.742047069Z 75 PC: 12bf6 | Execute program
2018-12-17T22:03:43.757294367Z 73 PC: 12bfc | Release memory
2018-12-17T22:03:43.759048072Z 77 PC: 12c00 | Get program return code
2018-12-17T22:03:43.760329966Z 49 PC: 12c0f | Terminate and stay resident (Return code = '0' | Memory size = '158')