Sample viewer

vx.netlux.org/Virus.DOS.Jerusalem.Plastique.3012.b

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:24:45.12391657Z 75 PC: 13319 | Execute program
2018-12-17T22:24:45.125906351Z 75 PC: 1336a | Execute program
2018-12-17T22:24:45.189189468Z 74 PC: 1341e | Reallocate memory
2018-12-17T22:24:45.195017074Z 53 PC: 13423 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:24:45.196894227Z 37 PC: 13437 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:24:45.199111583Z 42 PC: 13469 | Get date 0x13469: sub cx, 0x7bc
0x1346d: mov ax, cx
0x1346f: mov bx, dx
0x13471: mov cx, 0x168
0x13474: mul cx
0x13476: xchg ax, bx
0x13477: add bl, al
0x13479: adc bh, 0
0x1347c: mov al, ah
0x1347e: mov cl, 0x1e
0x13480: mul cl
0x13482: add ax, bx
0x13484: sub ax, word ptr [0x30]
0x13488: ja 0x1348d
0x1348a: jmp 0x13510
0x1348d: add word ptr [0x30], ax
0x13491: cmp ax, 7
0x13494: ja 0x13499
0x13496: jmp 0x13510
0x13498: nop
2018-12-17T22:24:45.212629331Z 75 PC: 1351c | Execute program
2018-12-17T22:24:45.242528494Z 0 PC: 13838 | Program terminate
2018-12-17T22:24:45.246910208Z 73 PC: 13522 | Release memory
2018-12-17T22:24:45.248580941Z 77 PC: 13526 | Get program return code
2018-12-17T22:24:45.25006139Z 49 PC: 13534 | Terminate and stay resident (Return code = '0' | Memory size = '204')