Sample viewer

vx.netlux.org/Virus.DOS.HLLP.6480

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:49:49.180005189Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:49:49.205937479Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:49:49.208487129Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:49:49.209918809Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:49:49.218347475Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:49:49.220435918Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:49:49.222008984Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:49:49.223514132Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:49:49.230437509Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:49:49.232503541Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:49:49.233863786Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:49:49.241948415Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:49:49.252597772Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:49:49.254478937Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:49:49.256071829Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:49:49.258865759Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:49:49.260522551Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:49:49.262134049Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:49:49.265406818Z	53	PC: 1353a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:49:49.267443274Z	37	PC: 1354f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:49:49.268862861Z	37	PC: 13557 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:49:49.270949621Z	37	PC: 1355f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:49:49.272565277Z	37	PC: 13567 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:49:49.274692143Z	68	PC: 13fae \| I/O control for devices (Set for = '')
2018-12-17T22:49:49.276941509Z	44	PC: 140e5 \| Get time 0x140e5: mov word ptr [0x40], cx 0x140e9: mov word ptr [0x42], dx 0x140ed: retf 0x140ee: call 0x14135 0x140f1: jb 0x14102 0x140f3: mov cx, word ptr es:[di + 4] 0x140f7: cmp cx, 1 0x140fa: je 0x14102 0x140fc: xor bx, bx 0x140fe: push cs 0x140ff: call 0x23c71 0x14102: retf 4 0x14105: call 0x14135 0x14108: jb 0x1411d 0x1410a: mov ax, cx 0x1410c: mov dx, bx 0x1410e: mov cx, word ptr es:[di + 4] 0x14112: cmp cx, 1 0x14115: je 0x1411d 0x14117: xor bx, bx
2018-12-17T22:49:49.282901757Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.284201078Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.290481968Z	60	PC: 139fd \| Create or truncate file
2018-12-17T22:49:49.63732875Z	62	PC: 13a4d \| Close file
2018-12-17T22:49:49.639843294Z	65	PC: 13b46 \| Delete file (Filename = 'C:\#')
2018-12-17T22:49:49.647991522Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.650149566Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.652672026Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.653878142Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.657055892Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.658647001Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.661377792Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.663892857Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.666629619Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.668714195Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.672653296Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.674330357Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.677148742Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.678779796Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.682230349Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.683745596Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.686483219Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.688991702Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.691566981Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.693087477Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.696696156Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.699494363Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.702256834Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.70485747Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.707581537Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.70904106Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.712313878Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.714606686Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.717223462Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.718672274Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.722365002Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.724592497Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.727357011Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.729612088Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.73263624Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.734103967Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.737439524Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.739160768Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.741851914Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.743567126Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.746593492Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.748128646Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.750900233Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.753469951Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.756158792Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.757703144Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.76179974Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.763341046Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.769551003Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.771840375Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.775500471Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.777024094Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.78104581Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.782609568Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.785821091Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.787336969Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.791624284Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.793615145Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.79679046Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.799200417Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.802237363Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.803473976Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.808201889Z	26	PC: 1336d \| Set disk transfer address
2018-12-17T22:49:49.809482846Z	78	PC: 13379 \| Find first file
2018-12-17T22:49:49.819922369Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.822202834Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.826113882Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.827371023Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.831195328Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.832993397Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.83680595Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.838061258Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.842668223Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.843939372Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.850829947Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.852936835Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.856540175Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.857773402Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.863387229Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.864540245Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.868041924Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.871262054Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.875531696Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.877794978Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.884846186Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.887376049Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.891002051Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.893362857Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.897008385Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.898473527Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.902272385Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.903697662Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.907142194Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.908416809Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.915552735Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.916733303Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.920388471Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.921977306Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.925586156Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.927343367Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.931644007Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.933209619Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.937253877Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.938791316Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.942339622Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.94367442Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.947567704Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.948979536Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.952644091Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.953976474Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.960550946Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.962943651Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.967305306Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.968796157Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.972525564Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.974405045Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.978439815Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.979633959Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.983167317Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.98472846Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.988770785Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:49.991094561Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:49.998756445Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:50.000321155Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:50.008867421Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:50.010226985Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:50.01738849Z	26	PC: 13391 \| Set disk transfer address
2018-12-17T22:49:50.02010296Z	79	PC: 13396 \| Find next file
2018-12-17T22:49:50.028056704Z	48	PC: 13bbf \| Get DOS version
2018-12-17T22:49:50.030211612Z	67	PC: 132cf \| Get or set file attributes
2018-12-17T22:49:50.038449028Z	67	PC: 132f6 \| Get or set file attributes
2018-12-17T22:49:50.055925201Z	61	PC: 139fd \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:49:50.064058863Z	87	PC: 13310 \| Get or set file date and time
2018-12-17T22:49:50.067092612Z	66	PC: 13b2f \| Move file pointer
2018-12-17T22:49:50.071408351Z	63	PC: 13ad0 \| Read file or device (Read 6480 bytes on handle 5)
2018-12-17T22:49:50.083664157Z	66	PC: 1414f \| Move file pointer
2018-12-17T22:49:50.086365682Z	66	PC: 1415d \| Move file pointer
2018-12-17T22:49:50.088143912Z	66	PC: 1416b \| Move file pointer
2018-12-17T22:49:50.089775207Z	66	PC: 13b2f \| Move file pointer
2018-12-17T22:49:50.091913645Z	63	PC: 13ad0 \| Read file or device (Read 6480 bytes on handle 5)
2018-12-17T22:49:50.094743521Z	66	PC: 13b2f \| Move file pointer
2018-12-17T22:49:50.096723622Z	66	PC: 13b2f \| Move file pointer
2018-12-17T22:49:50.099077945Z	64	PC: 13a2e \| Write file or device (Write 0 bytes on handle 5)
2018-12-17T22:49:50.10840571Z	87	PC: 1333d \| Get or set file date and time
2018-12-17T22:49:50.110516155Z	62	PC: 13a4d \| Close file
2018-12-17T22:49:50.119384857Z	67	PC: 132f6 \| Get or set file attributes
2018-12-17T22:49:50.130570733Z	41	PC: 134a1 \| Parse filename
2018-12-17T22:49:50.132441538Z	41	PC: 134af \| Parse filename
2018-12-17T22:49:50.134555469Z	75	PC: 134ba \| Execute program
2018-12-17T22:49:50.145076355Z	67	PC: 132cf \| Get or set file attributes
2018-12-17T22:49:50.151547953Z	67	PC: 132f6 \| Get or set file attributes
2018-12-17T22:49:50.162417405Z	61	PC: 139fd \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:49:50.176462713Z	87	PC: 13310 \| Get or set file date and time
2018-12-17T22:49:50.178506592Z	66	PC: 13b2f \| Move file pointer
2018-12-17T22:49:50.180375644Z	63	PC: 13ad0 \| Read file or device (Read 6480 bytes on handle 5)
2018-12-17T22:49:50.1838867Z	66	PC: 13b2f \| Move file pointer
2018-12-17T22:49:50.186331663Z	64	PC: 13ad0 \| Write file or device (Write 6480 bytes on handle 5)
2018-12-17T22:49:50.196427421Z	66	PC: 1414f \| Move file pointer
2018-12-17T22:49:50.199442776Z	66	PC: 1415d \| Move file pointer
2018-12-17T22:49:50.201320444Z	66	PC: 1416b \| Move file pointer
2018-12-17T22:49:50.203259607Z	66	PC: 13b2f \| Move file pointer
2018-12-17T22:49:50.2074342Z	87	PC: 1333d \| Get or set file date and time
2018-12-17T22:49:50.209254049Z	62	PC: 13a4d \| Close file
2018-12-17T22:49:50.217680531Z	67	PC: 132f6 \| Get or set file attributes
2018-12-17T22:49:50.230385329Z	67	PC: 132cf \| Get or set file attributes
2018-12-17T22:49:50.237609322Z	67	PC: 132f6 \| Get or set file attributes
2018-12-17T22:49:50.249233631Z	61	PC: 139fd \| Open file (Filename = 'C:\WINDOWS\SETUP.EXE')
2018-12-17T22:49:50.258139764Z	87	PC: 13310 \| Get or set file date and time
2018-12-17T22:49:50.26051704Z	66	PC: 13b2f \| Move file pointer
2018-12-17T22:49:50.262636041Z	63	PC: 13ad0 \| Read file or device (Read 6480 bytes on handle 5)
2018-12-17T22:49:50.272155466Z	66	PC: 13b2f \| Move file pointer
2018-12-17T22:49:50.274374294Z	64	PC: 13ad0 \| Write file or device (Write 6480 bytes on handle 5)
2018-12-17T22:49:50.28293618Z	66	PC: 1414f \| Move file pointer
2018-12-17T22:49:50.285622266Z	66	PC: 1415d \| Move file pointer
2018-12-17T22:49:50.287775332Z	66	PC: 1416b \| Move file pointer
2018-12-17T22:49:50.29006846Z	66	PC: 13b2f \| Move file pointer
2018-12-17T22:49:50.293295563Z	64	PC: 13ad0 \| Write file or device (Write 6480 bytes on handle 5)
2018-12-17T22:49:50.306404872Z	87	PC: 1333d \| Get or set file date and time
2018-12-17T22:49:50.30833573Z	62	PC: 13a4d \| Close file
2018-12-17T22:49:50.317066983Z	67	PC: 132f6 \| Get or set file attributes
2018-12-17T22:49:50.329249942Z	77	PC: 134d8 \| Get program return code
2018-12-17T22:49:50.330988659Z	64	PC: 13958 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:49:50.337174441Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:49:50.338550536Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:49:50.33983555Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:49:50.341162363Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:49:50.342913042Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:49:50.344193327Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:49:50.345483291Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:49:50.34767017Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:49:50.348939154Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:49:50.350298748Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:49:50.352816759Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:49:50.35409495Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:49:50.355357703Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:49:50.357463169Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:49:50.359103039Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:49:50.36064724Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:49:50.363140624Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:49:50.364518603Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:49:50.365835307Z	37	PC: 13691 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:49:50.368251036Z	76	PC: 136d0 \| Terminate with return code (Return code = '0')