Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Infek.5488

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T21:59:12.867004399Z 53 PC: 1319a | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:59:12.87639846Z 53 PC: 1319a | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:59:12.877428043Z 53 PC: 1319a | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:59:12.879132151Z 53 PC: 1319a | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:59:12.880638559Z 53 PC: 1319a | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:59:12.881855088Z 53 PC: 1319a | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:59:12.882842054Z 53 PC: 1319a | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:59:12.883983827Z 53 PC: 1319a | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:59:12.885379427Z 53 PC: 1319a | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:59:12.886450096Z 53 PC: 1319a | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:59:12.88750891Z 53 PC: 1319a | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:59:12.889462103Z 53 PC: 1319a | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:59:12.890837325Z 53 PC: 1319a | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:59:12.892202972Z 53 PC: 1319a | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:59:12.893885087Z 53 PC: 1319a | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:59:12.894983259Z 53 PC: 1319a | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:59:12.896093112Z 53 PC: 1319a | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:59:12.898140523Z 53 PC: 1319a | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:59:12.910553953Z 53 PC: 1319a | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:59:12.911762165Z 37 PC: 131af | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:59:12.913416867Z 37 PC: 131b7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:59:12.914461435Z 37 PC: 131bf | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:59:12.915431174Z 37 PC: 131c7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:59:12.917001047Z 68 PC: 13d18 | I/O control for devices (Set for = '')
2018-12-17T21:59:12.919206961Z 64 PC: 135b8 | Write file or device (Write 10 bytes on handle 1)
2018-12-17T21:59:12.923793409Z 26 PC: 130e5 | Set disk transfer address
2018-12-17T21:59:12.925287039Z 78 PC: 130f1 | Find first file
2018-12-17T21:59:12.931541578Z 64 PC: 135b8 | Write file or device (Write 10 bytes on handle 1)
2018-12-17T21:59:12.936142251Z 48 PC: 13a3e | Get DOS version
2018-12-17T21:59:12.937690675Z 61 PC: 138f0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:59:12.944532375Z 61 PC: 138f0 | Open file (Filename = '\TEST.EXE')
2018-12-17T21:59:12.951073939Z 64 PC: 135b8 | Write file or device (Write 4 bytes on handle 1)
2018-12-17T21:59:12.954624868Z 64 PC: 135b8 | Write file or device (Write 11 bytes on handle 1)
2018-12-17T21:59:12.961517361Z 63 PC: 139c3 | Read file or device (Read 25 bytes on handle 5)
2018-12-17T21:59:12.964092841Z 63 PC: 139c3 | Read file or device (Read 25 bytes on handle 6)
2018-12-17T21:59:12.966543509Z 62 PC: 13940 | Close file
2018-12-17T21:59:12.971313446Z 62 PC: 13940 | Close file
2018-12-17T21:59:12.973665776Z 64 PC: 135b8 | Write file or device (Write 23 bytes on handle 1)
2018-12-17T21:59:12.979467977Z 26 PC: 13109 | Set disk transfer address
2018-12-17T21:59:12.981347229Z 79 PC: 1310e | Find next file
2018-12-17T21:59:12.984291226Z 26 PC: 130e5 | Set disk transfer address
2018-12-17T21:59:12.985622221Z 78 PC: 130f1 | Find first file
2018-12-17T21:59:12.992110845Z 26 PC: 13109 | Set disk transfer address
2018-12-17T21:59:12.993222537Z 79 PC: 1310e | Find next file
2018-12-17T21:59:12.995818435Z 26 PC: 13109 | Set disk transfer address
2018-12-17T21:59:12.99784624Z 79 PC: 1310e | Find next file
2018-12-17T21:59:13.000448218Z 26 PC: 13109 | Set disk transfer address
2018-12-17T21:59:13.001485424Z 79 PC: 1310e | Find next file
2018-12-17T21:59:13.004970074Z 26 PC: 13109 | Set disk transfer address
2018-12-17T21:59:13.006122597Z 79 PC: 1310e | Find next file
2018-12-17T21:59:13.008831009Z 26 PC: 13109 | Set disk transfer address
2018-12-17T21:59:13.011039612Z 79 PC: 1310e | Find next file
2018-12-17T21:59:13.013944309Z 26 PC: 13109 | Set disk transfer address
2018-12-17T21:59:13.015136803Z 79 PC: 1310e | Find next file
2018-12-17T21:59:13.018880641Z 26 PC: 13109 | Set disk transfer address
2018-12-17T21:59:13.019808913Z 79 PC: 1310e | Find next file
2018-12-17T21:59:13.022324806Z 26 PC: 13109 | Set disk transfer address
2018-12-17T21:59:13.023497451Z 79 PC: 1310e | Find next file
2018-12-17T21:59:13.026488695Z 26 PC: 13109 | Set disk transfer address
2018-12-17T21:59:13.027583908Z 79 PC: 1310e | Find next file
2018-12-17T21:59:13.030865505Z 64 PC: 135b8 | Write file or device (Write 10 bytes on handle 1)
2018-12-17T21:59:13.036187487Z 26 PC: 130e5 | Set disk transfer address
2018-12-17T21:59:13.037233267Z 78 PC: 130f1 | Find first file
2018-12-17T21:59:13.044343845Z 64 PC: 135b8 | Write file or device (Write 11 bytes on handle 1)
2018-12-17T21:59:13.049502002Z 48 PC: 13a3e | Get DOS version
2018-12-17T21:59:13.050866524Z 61 PC: 138f0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:59:13.057380917Z 61 PC: 138f0 | Open file (Filename = '\SLEEP.COM')
2018-12-17T21:59:13.06400763Z 64 PC: 135b8 | Write file or device (Write 4 bytes on handle 1)
2018-12-17T21:59:13.066738621Z 64 PC: 135b8 | Write file or device (Write 12 bytes on handle 1)
2018-12-17T21:59:13.071750136Z 63 PC: 139c3 | Read file or device (Read 25 bytes on handle 5)
2018-12-17T21:59:13.074467137Z 63 PC: 139c3 | Read file or device (Read 25 bytes on handle 6)
2018-12-17T21:59:13.084065783Z 64 PC: 135b8 | Write file or device (Write 20 bytes on handle 1)
2018-12-17T21:59:13.088594153Z 62 PC: 13940 | Close file
2018-12-17T21:59:13.090578166Z 62 PC: 13940 | Close file
2018-12-17T21:59:13.092434993Z 64 PC: 135b8 | Write file or device (Write 16 bytes on handle 1)
2018-12-17T21:59:13.09880654Z 48 PC: 13a3e | Get DOS version
2018-12-17T21:59:13.100789282Z 61 PC: 138f0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:59:13.10768079Z 64 PC: 135b8 | Write file or device (Write 12 bytes on handle 1)
2018-12-17T21:59:13.117489643Z 61 PC: 138f0 | Open file (Filename = '\SLEEP.COM')
2018-12-17T21:59:13.124407618Z 63 PC: 139c3 | Read file or device (Read 5488 bytes on handle 5)
2018-12-17T21:59:13.134475275Z 64 PC: 139c3 | Write file or device (Write 5488 bytes on handle 6)
2018-12-17T21:59:14.057591697Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.060065343Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.070178273Z 64 PC: 135b8 | Write file or device (Write 3 bytes on handle 1)
2018-12-17T21:59:14.075265373Z 26 PC: 13109 | Set disk transfer address
2018-12-17T21:59:14.077539854Z 79 PC: 1310e | Find next file
2018-12-17T21:59:14.081715708Z 64 PC: 135b8 | Write file or device (Write 11 bytes on handle 1)
2018-12-17T21:59:14.086924196Z 48 PC: 13a3e | Get DOS version
2018-12-17T21:59:14.08986599Z 61 PC: 138f0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:59:14.097280941Z 61 PC: 138f0 | Open file (Filename = '\PRINT.COM')
2018-12-17T21:59:14.104343457Z 64 PC: 135b8 | Write file or device (Write 4 bytes on handle 1)
2018-12-17T21:59:14.108347043Z 64 PC: 135b8 | Write file or device (Write 12 bytes on handle 1)
2018-12-17T21:59:14.113198278Z 63 PC: 139c3 | Read file or device (Read 25 bytes on handle 5)
2018-12-17T21:59:14.116555817Z 63 PC: 139c3 | Read file or device (Read 25 bytes on handle 6)
2018-12-17T21:59:14.123938939Z 64 PC: 135b8 | Write file or device (Write 20 bytes on handle 1)
2018-12-17T21:59:14.132644543Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.134809957Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.138327861Z 64 PC: 135b8 | Write file or device (Write 16 bytes on handle 1)
2018-12-17T21:59:14.143210422Z 48 PC: 13a3e | Get DOS version
2018-12-17T21:59:14.14486045Z 61 PC: 138f0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:59:14.153332337Z 64 PC: 135b8 | Write file or device (Write 12 bytes on handle 1)
2018-12-17T21:59:14.158023211Z 61 PC: 138f0 | Open file (Filename = '\PRINT.COM')
2018-12-17T21:59:14.164746864Z 63 PC: 139c3 | Read file or device (Read 5488 bytes on handle 5)
2018-12-17T21:59:14.173356799Z 64 PC: 139c3 | Write file or device (Write 5488 bytes on handle 6)
2018-12-17T21:59:14.181947765Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.184003607Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.193291013Z 64 PC: 135b8 | Write file or device (Write 3 bytes on handle 1)
2018-12-17T21:59:14.197715831Z 26 PC: 13109 | Set disk transfer address
2018-12-17T21:59:14.19894506Z 79 PC: 1310e | Find next file
2018-12-17T21:59:14.204199095Z 64 PC: 135b8 | Write file or device (Write 11 bytes on handle 1)
2018-12-17T21:59:14.209250417Z 48 PC: 13a3e | Get DOS version
2018-12-17T21:59:14.211202575Z 61 PC: 138f0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:59:14.219442153Z 61 PC: 138f0 | Open file (Filename = '\HELLO.COM')
2018-12-17T21:59:14.226495386Z 64 PC: 135b8 | Write file or device (Write 4 bytes on handle 1)
2018-12-17T21:59:14.229657702Z 64 PC: 135b8 | Write file or device (Write 12 bytes on handle 1)
2018-12-17T21:59:14.237012444Z 63 PC: 139c3 | Read file or device (Read 25 bytes on handle 5)
2018-12-17T21:59:14.23985181Z 63 PC: 139c3 | Read file or device (Read 25 bytes on handle 6)
2018-12-17T21:59:14.24667922Z 64 PC: 135b8 | Write file or device (Write 20 bytes on handle 1)
2018-12-17T21:59:14.252458864Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.254908261Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.257241459Z 64 PC: 135b8 | Write file or device (Write 16 bytes on handle 1)
2018-12-17T21:59:14.263495156Z 48 PC: 13a3e | Get DOS version
2018-12-17T21:59:14.265526794Z 61 PC: 138f0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:59:14.272411205Z 64 PC: 135b8 | Write file or device (Write 12 bytes on handle 1)
2018-12-17T21:59:14.277116259Z 61 PC: 138f0 | Open file (Filename = '\HELLO.COM')
2018-12-17T21:59:14.281929635Z 63 PC: 139c3 | Read file or device (Read 5488 bytes on handle 5)
2018-12-17T21:59:14.286390744Z 64 PC: 139c3 | Write file or device (Write 5488 bytes on handle 6)
2018-12-17T21:59:14.29325827Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.295153105Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.300426349Z 64 PC: 135b8 | Write file or device (Write 3 bytes on handle 1)
2018-12-17T21:59:14.303170069Z 26 PC: 13109 | Set disk transfer address
2018-12-17T21:59:14.304728292Z 79 PC: 1310e | Find next file
2018-12-17T21:59:14.306999152Z 64 PC: 135b8 | Write file or device (Write 11 bytes on handle 1)
2018-12-17T21:59:14.311417516Z 48 PC: 13a3e | Get DOS version
2018-12-17T21:59:14.313097187Z 61 PC: 138f0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:59:14.31741746Z 61 PC: 138f0 | Open file (Filename = '\PHANG.COM')
2018-12-17T21:59:14.323427008Z 64 PC: 135b8 | Write file or device (Write 4 bytes on handle 1)
2018-12-17T21:59:14.326309662Z 64 PC: 135b8 | Write file or device (Write 12 bytes on handle 1)
2018-12-17T21:59:14.329402591Z 63 PC: 139c3 | Read file or device (Read 25 bytes on handle 5)
2018-12-17T21:59:14.33154356Z 63 PC: 139c3 | Read file or device (Read 25 bytes on handle 6)
2018-12-17T21:59:14.33615483Z 64 PC: 135b8 | Write file or device (Write 20 bytes on handle 1)
2018-12-17T21:59:14.339097005Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.340794085Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.342513643Z 64 PC: 135b8 | Write file or device (Write 16 bytes on handle 1)
2018-12-17T21:59:14.345383224Z 48 PC: 13a3e | Get DOS version
2018-12-17T21:59:14.346998121Z 61 PC: 138f0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T21:59:14.352554235Z 64 PC: 135b8 | Write file or device (Write 12 bytes on handle 1)
2018-12-17T21:59:14.356455409Z 61 PC: 138f0 | Open file (Filename = '\PHANG.COM')
2018-12-17T21:59:14.361217652Z 63 PC: 139c3 | Read file or device (Read 5488 bytes on handle 5)
2018-12-17T21:59:14.365972597Z 64 PC: 139c3 | Write file or device (Write 5488 bytes on handle 6)
2018-12-17T21:59:14.371690524Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.373625689Z 62 PC: 13940 | Close file
2018-12-17T21:59:14.378980139Z 64 PC: 135b8 | Write file or device (Write 34 bytes on handle 1)
2018-12-17T21:59:14.383051399Z 64 PC: 135b8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T21:59:14.384913857Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T21:59:14.385958043Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T21:59:14.386938369Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T21:59:14.388546945Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T21:59:14.389599029Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T21:59:14.39051278Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T21:59:14.392001204Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T21:59:14.393009688Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T21:59:14.394024238Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T21:59:14.395511128Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T21:59:14.396549734Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T21:59:14.397502389Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T21:59:14.398902046Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T21:59:14.399945268Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T21:59:14.400870673Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T21:59:14.402412931Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T21:59:14.403439093Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T21:59:14.404443424Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T21:59:14.40597545Z 37 PC: 132f1 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T21:59:14.406908553Z 76 PC: 13330 | Terminate with return code (Return code = '0')