Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Lcamtuf.3888

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:59:01.630043688Z 53 PC: 131ca | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:59:01.63221211Z 53 PC: 131ca | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:59:01.63374813Z 53 PC: 131ca | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:59:01.635229611Z 53 PC: 131ca | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:59:01.637374331Z 53 PC: 131ca | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:59:01.638446963Z 53 PC: 131ca | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:59:01.639481958Z 53 PC: 131ca | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:59:01.641699421Z 53 PC: 131ca | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:59:01.642894218Z 53 PC: 131ca | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:59:01.644743351Z 53 PC: 131ca | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:59:01.653749925Z 53 PC: 131ca | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:59:01.655224876Z 53 PC: 131ca | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:59:01.656622857Z 53 PC: 131ca | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:59:01.663806706Z 53 PC: 131ca | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:59:01.664995761Z 53 PC: 131ca | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:59:01.666161117Z 53 PC: 131ca | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:59:01.668010591Z 53 PC: 131ca | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:59:01.669157234Z 53 PC: 131ca | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:59:01.670254122Z 53 PC: 131ca | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:59:01.676547427Z 37 PC: 131df | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:59:01.677982882Z 37 PC: 131e7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:59:01.680086205Z 37 PC: 131ef | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:59:01.682096903Z 37 PC: 131f7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:59:01.683583794Z 68 PC: 13bc5 | I/O control for devices (Set for = '')
2018-12-17T21:59:01.685032041Z 9 PC: 12ace | Display string (String= 'WiRuS LcAmTuF ')
2018-12-17T21:59:01.689548989Z 51 PC: 12ad5 | Get or set Ctrl-Break
2018-12-17T21:59:01.690303128Z 48 PC: 137db | Get DOS version
2018-12-17T21:59:01.691803596Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:01.698617008Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:01.719195073Z 61 PC: 1368d | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:59:01.729240258Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:01.738279803Z 66 PC: 13cc4 | Move file pointer
2018-12-17T21:59:01.740389824Z 66 PC: 13cd2 | Move file pointer
2018-12-17T21:59:01.7426901Z 66 PC: 13ce0 | Move file pointer
2018-12-17T21:59:01.745560164Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:01.747863144Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:01.758154261Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:01.761687969Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:01.767484633Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:01.769213814Z 64 PC: 136be | Write file or device (Write 0 bytes on handle 5)
2018-12-17T21:59:01.776281962Z 62 PC: 136dd | Close file
2018-12-17T21:59:01.781228601Z 75 PC: 12be7 | Execute program
2018-12-17T21:59:01.784493915Z 71 PC: 12c03 | Get current directory
2018-12-17T21:59:01.787476607Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:01.799818718Z 61 PC: 1368d | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:59:01.812785777Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:01.821603969Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:01.824234623Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:01.835034909Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:01.837593768Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:01.846805926Z 62 PC: 136dd | Close file
2018-12-17T21:59:01.855044458Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:01.866680815Z 26 PC: 130a7 | Set disk transfer address
2018-12-17T21:59:01.868587667Z 78 PC: 130b3 | Find first file
2018-12-17T21:59:01.871171756Z 26 PC: 130a7 | Set disk transfer address
2018-12-17T21:59:01.878796094Z 78 PC: 130b3 | Find first file
2018-12-17T21:59:01.882441726Z 26 PC: 130a7 | Set disk transfer address
2018-12-17T21:59:01.883678914Z 78 PC: 130b3 | Find first file
2018-12-17T21:59:01.891016676Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:01.897736627Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:01.907789519Z 61 PC: 1368d | Open file (Filename = '\TEST.EXE')
2018-12-17T21:59:01.916070047Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:01.924116418Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:01.934711505Z 62 PC: 136dd | Close file
2018-12-17T21:59:01.937444854Z 26 PC: 130cb | Set disk transfer address
2018-12-17T21:59:01.938706019Z 79 PC: 130d0 | Find next file
2018-12-17T21:59:01.94172894Z 26 PC: 130a7 | Set disk transfer address
2018-12-17T21:59:01.944013062Z 78 PC: 130b3 | Find first file
2018-12-17T21:59:01.950987981Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:01.956806903Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:01.970249186Z 61 PC: 1368d | Open file (Filename = '\SLEEP.COM')
2018-12-17T21:59:01.978466965Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:01.985250455Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:01.996494538Z 62 PC: 136dd | Close file
2018-12-17T21:59:01.998699134Z 26 PC: 130cb | Set disk transfer address
2018-12-17T21:59:02.000052967Z 79 PC: 130d0 | Find next file
2018-12-17T21:59:02.004026045Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:02.010983387Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.021682973Z 61 PC: 1368d | Open file (Filename = '\PRINT.COM')
2018-12-17T21:59:02.03387616Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:02.04062555Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.050781555Z 62 PC: 136dd | Close file
2018-12-17T21:59:02.05430576Z 26 PC: 130cb | Set disk transfer address
2018-12-17T21:59:02.05570604Z 79 PC: 130d0 | Find next file
2018-12-17T21:59:02.059222959Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:02.065217849Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.075161498Z 61 PC: 1368d | Open file (Filename = '\HELLO.COM')
2018-12-17T21:59:02.082314649Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:02.089149802Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.10066221Z 62 PC: 136dd | Close file
2018-12-17T21:59:02.102670758Z 26 PC: 130cb | Set disk transfer address
2018-12-17T21:59:02.104125738Z 79 PC: 130d0 | Find next file
2018-12-17T21:59:02.107852405Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:02.113634418Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.124612561Z 61 PC: 1368d | Open file (Filename = '\PHANG.COM')
2018-12-17T21:59:02.131421808Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:02.13790697Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.149232696Z 62 PC: 136dd | Close file
2018-12-17T21:59:02.150970845Z 26 PC: 130cb | Set disk transfer address
2018-12-17T21:59:02.152054083Z 79 PC: 130d0 | Find next file
2018-12-17T21:59:02.156065013Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:02.162166668Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.172019819Z 61 PC: 1368d | Open file (Filename = '\PRINTA~1.COM')
2018-12-17T21:59:02.179008194Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:02.185743902Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.195623477Z 62 PC: 136dd | Close file
2018-12-17T21:59:02.198010449Z 26 PC: 130cb | Set disk transfer address
2018-12-17T21:59:02.199962325Z 79 PC: 130d0 | Find next file
2018-12-17T21:59:02.204003773Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:02.211380562Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.222523288Z 61 PC: 1368d | Open file (Filename = '\MANDEL.COM')
2018-12-17T21:59:02.229406538Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:02.236739408Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.24710008Z 62 PC: 136dd | Close file
2018-12-17T21:59:02.248991469Z 26 PC: 130cb | Set disk transfer address
2018-12-17T21:59:02.251637126Z 79 PC: 130d0 | Find next file
2018-12-17T21:59:02.255126613Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:02.260986673Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.271091139Z 61 PC: 1368d | Open file (Filename = '\PAH.COM')
2018-12-17T21:59:02.282959097Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:02.290062729Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.300495762Z 62 PC: 136dd | Close file
2018-12-17T21:59:02.302656322Z 26 PC: 130cb | Set disk transfer address
2018-12-17T21:59:02.304087105Z 79 PC: 130d0 | Find next file
2018-12-17T21:59:02.308510441Z 26 PC: 130a7 | Set disk transfer address
2018-12-17T21:59:02.309763057Z 78 PC: 130b3 | Find first file
2018-12-17T21:59:02.319268052Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:02.32628519Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.672638735Z 61 PC: 1368d | Open file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T21:59:02.691170557Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:02.700520879Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:02.701967807Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:02.712336798Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:02.714714082Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:02.722195156Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.732724383Z 62 PC: 136dd | Close file
2018-12-17T21:59:02.74017844Z 26 PC: 130cb | Set disk transfer address
2018-12-17T21:59:02.74132106Z 79 PC: 130d0 | Find next file
2018-12-17T21:59:02.745127456Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:02.752054904Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.761728937Z 61 PC: 1368d | Open file (Filename = 'C:\DOS\CHKDSK.EXE')
2018-12-17T21:59:02.767936388Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:02.773492734Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:02.774739855Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:02.782398303Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:02.783740083Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:02.789411403Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.797612547Z 62 PC: 136dd | Close file
2018-12-17T21:59:02.802326606Z 26 PC: 130cb | Set disk transfer address
2018-12-17T21:59:02.803503268Z 79 PC: 130d0 | Find next file
2018-12-17T21:59:02.806900333Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:02.811331302Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.818189551Z 61 PC: 1368d | Open file (Filename = 'C:\DOS\DEBUG.EXE')
2018-12-17T21:59:02.823121232Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:02.828377474Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:02.82957062Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:02.838367681Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:02.840097675Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:02.845189956Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.853522545Z 62 PC: 136dd | Close file
2018-12-17T21:59:02.858160847Z 26 PC: 130cb | Set disk transfer address
2018-12-17T21:59:02.859658995Z 79 PC: 130d0 | Find next file
2018-12-17T21:59:02.863082531Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:02.867361117Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.874622886Z 61 PC: 1368d | Open file (Filename = 'C:\DOS\EXPAND.EXE')
2018-12-17T21:59:02.880986112Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:02.888153816Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:02.88984617Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:02.899347393Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:02.901019361Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:02.907928136Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.91844808Z 62 PC: 136dd | Close file
2018-12-17T21:59:02.925812915Z 26 PC: 130cb | Set disk transfer address
2018-12-17T21:59:02.926812548Z 79 PC: 130d0 | Find next file
2018-12-17T21:59:02.930473083Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:02.937520136Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.948119122Z 61 PC: 1368d | Open file (Filename = 'C:\DOS\FDISK.EXE')
2018-12-17T21:59:02.955210247Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:02.962634181Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:02.96495411Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:02.974736445Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:02.976664743Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:02.984604126Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:02.995276097Z 62 PC: 136dd | Close file
2018-12-17T21:59:03.00306303Z 26 PC: 130cb | Set disk transfer address
2018-12-17T21:59:03.004958135Z 79 PC: 130d0 | Find next file
2018-12-17T21:59:03.008591301Z 67 PC: 1304f | Get or set file attributes
2018-12-17T21:59:03.015041915Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:03.026198829Z 61 PC: 1368d | Open file (Filename = 'C:\DOS\MEM.EXE')
2018-12-17T21:59:03.033001844Z 63 PC: 13760 | Read file or device (Read 3888 bytes on handle 5)
2018-12-17T21:59:03.03770001Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:03.039950753Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:03.049354456Z 66 PC: 137bf | Move file pointer
2018-12-17T21:59:03.051148571Z 64 PC: 13760 | Write file or device (Write 3888 bytes on handle 5)
2018-12-17T21:59:03.061912828Z 67 PC: 13076 | Get or set file attributes
2018-12-17T21:59:03.070402482Z 62 PC: 136dd | Close file
2018-12-17T21:59:03.075543369Z 64 PC: 135e8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:59:03.077953605Z 37 PC: 13321 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:59:03.079356275Z 37 PC: 13321 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:59:03.080347716Z 37 PC: 13321 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:59:03.081608085Z 37 PC: 13321 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:59:03.082662703Z 37 PC: 13321 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:59:03.084001032Z 37 PC: 13321 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:59:03.086412942Z 37 PC: 13321 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:59:03.095319683Z 37 PC: 13321 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:59:03.097091438Z 37 PC: 13321 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:59:03.09928464Z 37 PC: 13321 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:59:03.100307266Z 37 PC: 13321 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:59:03.101940698Z 37 PC: 13321 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:59:03.103422203Z 37 PC: 13321 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:59:03.104680698Z 37 PC: 13321 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:59:03.106246533Z 37 PC: 13321 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:59:03.107229509Z 37 PC: 13321 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:59:03.108181726Z 37 PC: 13321 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:59:03.109703887Z 37 PC: 13321 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:59:03.110843324Z 37 PC: 13321 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:59:03.11189555Z 76 PC: 13360 | Terminate with return code (Return code = '0')