Sample viewer

vx.netlux.org/Virus.DOS.Jerusalem.1459

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:17:22.646716904Z	224	PC: 12a98 \| UNKNOWN!
2018-12-17T22:17:22.64844258Z	224	PC: 12aec \| UNKNOWN!
2018-12-17T22:17:22.649399181Z	74	PC: 12b70 \| Reallocate memory
2018-12-17T22:17:22.650699761Z	53	PC: 12b75 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:17:22.652182468Z	37	PC: 12b89 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:17:22.653720432Z	42	PC: 12bb9 \| Get date 0x12bb9: mov byte ptr cs:[0xb], 0 0x12bbf: cmp cx, 0x7c3 0x12bc3: je 0x12bf5 0x12bc5: cmp al, 5 0x12bc7: jne 0x12bd6 0x12bc9: cmp dl, 0x1f 0x12bcc: jne 0x12bd6 0x12bce: inc byte ptr cs:[0xb] 0x12bd3: jmp 0x12bf5 0x12bd5: nop 0x12bd6: mov ax, 0x3508 0x12bd9: int 0x21 0x12bdb: mov word ptr cs:[0x10], bx 0x12be0: mov word ptr cs:[0x12], es 0x12be5: push cs 0x12be6: pop ds 0x12be7: mov word ptr [0x1c], 0x7e90 0x12bed: mov ax, 0x2508 0x12bf0: mov dx, 0x1dc 0x12bf3: int 0x21
2018-12-17T22:17:22.656162513Z	53	PC: 12bdb \| Get interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:17:22.657538531Z	37	PC: 12bf5 \| Set interrupt vector (Interrupt = '8' AKA 'Console input without echo')
2018-12-17T22:17:22.659022002Z	75	PC: 12c01 \| Execute program
2018-12-17T22:17:22.675587764Z	9	PC: 13415 \| Display string (String= '')
2018-12-17T22:17:22.677690334Z	9	PC: 1341c \| Display string (Could not find end pointer)
2018-12-17T22:17:22.689307687Z	76	PC: 13432 \| Terminate with return code (Return code = '0')
2018-12-17T22:17:22.692595392Z	73	PC: 12c07 \| Release memory
2018-12-17T22:17:22.693943279Z	77	PC: 12c0b \| Get program return code
2018-12-17T22:17:22.696242655Z	49	PC: 12c19 \| Terminate and stay resident (Return code = '0' \| Memory size = '112')