Sample viewer

vx.netlux.org/Virus.DOS.Jerusalem.a2

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T23:06:23.161994922Z	14	PC: 12adc \| Set default drive (Drive = '@')
2018-12-17T23:06:23.171204987Z	14	PC: 12b30 \| Set default drive (Drive = '@')
2018-12-17T23:06:23.173232529Z	74	PC: 12bb2 \| Reallocate memory
2018-12-17T23:06:23.175191262Z	53	PC: 12bb7 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:06:23.176949447Z	37	PC: 12bcb \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T23:06:23.179726608Z	53	PC: 12c1d \| Get interrupt vector (Interrupt = '22' AKA 'Create or truncate file')
2018-12-17T23:06:23.181526462Z	37	PC: 12c37 \| Set interrupt vector (Interrupt = '22' AKA 'Create or truncate file')
2018-12-17T23:06:23.183242068Z	75	PC: 12c43 \| Execute program
2018-12-17T23:06:23.200281554Z	9	PC: 13302 \| Display string (String= 'ABCDE - This is a 100 byte COM test, 1994 ')
2018-12-17T23:06:23.207512158Z	73	PC: 12c49 \| Release memory
2018-12-17T23:06:23.209655788Z	44	PC: 1306c \| Get time 0x1306c: and dl, 0x49 0x1306f: cmp dl, 0x49 0x13072: je 0x1307b 0x13074: pop dx 0x13075: pop cx 0x13076: pop bx 0x13077: pop ax 0x13078: jmp 0x12d74 0x1307b: pop dx 0x1307c: pop cx 0x1307d: pop bx 0x1307e: pop ax 0x1307f: jmp 0x12d58 0x13082: inc bx 0x13083: dec di 0x13084: dec bp 0x13085: push bx 0x13086: push ax 0x13087: inc bp 0x13088: inc bx
2018-12-17T23:06:23.21338045Z	54	PC: 12da8 \| Get free disk space
2018-12-17T23:06:23.224861286Z	75	PC: 130aa \| Execute program
2018-12-17T23:06:23.253073938Z	80	PC: 14829 \| Set current PSP
2018-12-17T23:06:23.255041577Z	48	PC: 1482e \| Get DOS version
2018-12-17T23:06:23.257379823Z	101	PC: 148b4 \| Get extended country info
2018-12-17T23:06:23.259052108Z	99	PC: 148ba \| Get DBCS lead byte table pointer
2018-12-17T23:06:23.261328087Z	74	PC: 1491c \| Reallocate memory
2018-12-17T23:06:23.265440408Z	25	PC: 14953 \| Get default drive
2018-12-17T23:06:23.267277512Z	37	PC: 14413 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T23:06:23.269715786Z	37	PC: 1441a \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T23:06:23.272373343Z	37	PC: 14421 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T23:06:23.277168067Z	2	PC: 146dc \| Character output (Char = '0d')
2018-12-17T23:06:23.282531932Z	2	PC: 146dc \| Character output (Char = '0a')
2018-12-17T23:06:23.304976219Z	2	PC: 146dc \| Character output (Char = '0d')
2018-12-17T23:06:23.3086946Z	2	PC: 146dc \| Character output (Char = '0a')
2018-12-17T23:06:23.313378375Z	2	PC: 146dc \| Character output (Char = '4d')
2018-12-17T23:06:23.317067321Z	2	PC: 146dc \| Character output (Char = '69')
2018-12-17T23:06:23.31958245Z	2	PC: 146dc \| Character output (Char = '63')
2018-12-17T23:06:23.322486029Z	2	PC: 146dc \| Character output (Char = '72')
2018-12-17T23:06:23.326089293Z	2	PC: 146dc \| Character output (Char = '6f')
2018-12-17T23:06:23.32900244Z	2	PC: 146dc \| Character output (Char = '73')
2018-12-17T23:06:23.331901972Z	2	PC: 146dc \| Character output (Char = '6f')
2018-12-17T23:06:23.33568281Z	2	PC: 146dc \| Character output (Char = '66')
2018-12-17T23:06:23.340156521Z	2	PC: 146dc \| Character output (Char = '74')
2018-12-17T23:06:23.342968778Z	2	PC: 146dc \| Character output (Char = '28')
2018-12-17T23:06:23.345901532Z	2	PC: 146dc \| Character output (Char = '52')
2018-12-17T23:06:23.349040494Z	2	PC: 146dc \| Character output (Char = '29')
2018-12-17T23:06:23.351886133Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.354656131Z	2	PC: 146dc \| Character output (Char = '4d')
2018-12-17T23:06:23.358084747Z	2	PC: 146dc \| Character output (Char = '53')
2018-12-17T23:06:23.361370004Z	2	PC: 146dc \| Character output (Char = '2d')
2018-12-17T23:06:23.365662384Z	2	PC: 146dc \| Character output (Char = '44')
2018-12-17T23:06:23.370746633Z	2	PC: 146dc \| Character output (Char = '4f')
2018-12-17T23:06:23.375634192Z	2	PC: 146dc \| Character output (Char = '53')
2018-12-17T23:06:23.378435799Z	2	PC: 146dc \| Character output (Char = '28')
2018-12-17T23:06:23.381937152Z	2	PC: 146dc \| Character output (Char = '52')
2018-12-17T23:06:23.384782762Z	2	PC: 146dc \| Character output (Char = '29')
2018-12-17T23:06:23.388884073Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.39232935Z	2	PC: 146dc \| Character output (Char = '56')
2018-12-17T23:06:23.395120017Z	2	PC: 146dc \| Character output (Char = '65')
2018-12-17T23:06:23.397877882Z	2	PC: 146dc \| Character output (Char = '72')
2018-12-17T23:06:23.401331865Z	2	PC: 146dc \| Character output (Char = '73')
2018-12-17T23:06:23.404186543Z	2	PC: 146dc \| Character output (Char = '69')
2018-12-17T23:06:23.407207803Z	2	PC: 146dc \| Character output (Char = '6f')
2018-12-17T23:06:23.410225476Z	2	PC: 146dc \| Character output (Char = '6e')
2018-12-17T23:06:23.426860532Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.429710891Z	2	PC: 146dc \| Character output (Char = '36')
2018-12-17T23:06:23.432347367Z	2	PC: 146dc \| Character output (Char = '2e')
2018-12-17T23:06:23.435705952Z	2	PC: 146dc \| Character output (Char = '32')
2018-12-17T23:06:23.438100784Z	2	PC: 146dc \| Character output (Char = '32')
2018-12-17T23:06:23.440645258Z	2	PC: 146dc \| Character output (Char = '0d')
2018-12-17T23:06:23.443759433Z	2	PC: 146dc \| Character output (Char = '0a')
2018-12-17T23:06:23.447871384Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.450231482Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.453336058Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.456463739Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.459174916Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.462891533Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.466147345Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.469268643Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.4733091Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.478103192Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.481131326Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.484171842Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.489054302Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.492057287Z	2	PC: 146dc \| Character output (Char = '28')
2018-12-17T23:06:23.495120657Z	2	PC: 146dc \| Character output (Char = '43')
2018-12-17T23:06:23.499322787Z	2	PC: 146dc \| Character output (Char = '29')
2018-12-17T23:06:23.502344739Z	2	PC: 146dc \| Character output (Char = '43')
2018-12-17T23:06:23.505111721Z	2	PC: 146dc \| Character output (Char = '6f')
2018-12-17T23:06:23.508816446Z	2	PC: 146dc \| Character output (Char = '70')
2018-12-17T23:06:23.511664711Z	2	PC: 146dc \| Character output (Char = '79')
2018-12-17T23:06:23.514406205Z	2	PC: 146dc \| Character output (Char = '72')
2018-12-17T23:06:23.518203665Z	2	PC: 146dc \| Character output (Char = '69')
2018-12-17T23:06:23.521252938Z	2	PC: 146dc \| Character output (Char = '67')
2018-12-17T23:06:23.524010252Z	2	PC: 146dc \| Character output (Char = '68')
2018-12-17T23:06:23.526750453Z	2	PC: 146dc \| Character output (Char = '74')
2018-12-17T23:06:23.530088449Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.532821127Z	2	PC: 146dc \| Character output (Char = '4d')
2018-12-17T23:06:23.53612065Z	2	PC: 146dc \| Character output (Char = '69')
2018-12-17T23:06:23.539473895Z	2	PC: 146dc \| Character output (Char = '63')
2018-12-17T23:06:23.546422439Z	2	PC: 146dc \| Character output (Char = '72')
2018-12-17T23:06:23.55216752Z	2	PC: 146dc \| Character output (Char = '6f')
2018-12-17T23:06:23.55592294Z	2	PC: 146dc \| Character output (Char = '73')
2018-12-17T23:06:23.558403434Z	2	PC: 146dc \| Character output (Char = '6f')
2018-12-17T23:06:23.562164806Z	2	PC: 146dc \| Character output (Char = '66')
2018-12-17T23:06:23.566549309Z	2	PC: 146dc \| Character output (Char = '74')
2018-12-17T23:06:23.573133538Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.5760014Z	2	PC: 146dc \| Character output (Char = '43')
2018-12-17T23:06:23.579938882Z	2	PC: 146dc \| Character output (Char = '6f')
2018-12-17T23:06:23.582613391Z	2	PC: 146dc \| Character output (Char = '72')
2018-12-17T23:06:23.585220603Z	2	PC: 146dc \| Character output (Char = '70')
2018-12-17T23:06:23.588069939Z	2	PC: 146dc \| Character output (Char = '20')
2018-12-17T23:06:23.591218609Z	2	PC: 146dc \| Character output (Char = '31')
2018-12-17T23:06:23.593889801Z	2	PC: 146dc \| Character output (Char = '39')
2018-12-17T23:06:23.596610326Z	2	PC: 146dc \| Character output (Char = '38')
2018-12-17T23:06:23.599679136Z	2	PC: 146dc \| Character output (Char = '31')
2018-12-17T23:06:23.602524155Z	2	PC: 146dc \| Character output (Char = '2d')
2018-12-17T23:06:23.60547922Z	2	PC: 146dc \| Character output (Char = '31')
2018-12-17T23:06:23.608820482Z	2	PC: 146dc \| Character output (Char = '39')
2018-12-17T23:06:23.611906063Z	2	PC: 146dc \| Character output (Char = '39')
2018-12-17T23:06:23.615146666Z	2	PC: 146dc \| Character output (Char = '34')
2018-12-17T23:06:23.619473541Z	2	PC: 146dc \| Character output (Char = '2e')
2018-12-17T23:06:23.622992136Z	2	PC: 146dc \| Character output (Char = '0d')
2018-12-17T23:06:23.62805274Z	2	PC: 146dc \| Character output (Char = '0a')
2018-12-17T23:06:23.637373534Z	74	PC: 135bc \| Reallocate memory
2018-12-17T23:06:23.640205559Z	72	PC: 135fd \| Allocate memory
2018-12-17T23:06:23.642483602Z	72	PC: 13635 \| Allocate memory
2018-12-17T23:06:23.645431424Z	72	PC: 1363d \| Allocate memory