Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Inna.6640.c

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:50:28.565313492Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:50:28.566950947Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:50:28.568467514Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:50:28.56997504Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:50:28.571496858Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:50:28.573400873Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:50:28.574697916Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:50:28.575983563Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:50:28.578293338Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:50:28.57966369Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:50:28.581169138Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:50:28.583009975Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:50:28.584219431Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:50:28.585440315Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:50:28.587454904Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:50:28.588686163Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:50:28.589879858Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:50:28.592127303Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:50:28.593262266Z	53	PC: 136aa \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:50:28.594393453Z	37	PC: 136bf \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:50:28.596007077Z	37	PC: 136c7 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:50:28.59992016Z	37	PC: 136cf \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:50:28.600966285Z	37	PC: 136d7 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:50:28.602646123Z	68	PC: 1431c \| I/O control for devices (Set for = '')
2018-12-17T22:50:28.605226698Z	53	PC: 13420 \| Get interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:50:28.606484213Z	37	PC: 1343c \| Set interrupt vector (Interrupt = '9' AKA 'Display string')
2018-12-17T22:50:28.607758618Z	48	PC: 13f32 \| Get DOS version
2018-12-17T22:50:28.610030274Z	61	PC: 13d70 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:50:28.61758522Z	63	PC: 13e43 \| Read file or device (Read 6640 bytes on handle 5)
2018-12-17T22:50:28.625375607Z	62	PC: 13dc0 \| Close file
2018-12-17T22:50:28.629353634Z	26	PC: 133bf \| Set disk transfer address
2018-12-17T22:50:28.630566149Z	78	PC: 133cb \| Find first file
2018-12-17T22:50:28.637048634Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.638764018Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.641932038Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.6429878Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.65403365Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.655191324Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.658309054Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.660647549Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.664154063Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.66555555Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.669504847Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.670589729Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.673722393Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.676408518Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.679454803Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.680418774Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.684141352Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.685325725Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.688707433Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.690866214Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.693899168Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.69509276Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.699188459Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.700410221Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.703568472Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.70572186Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.709121871Z	26	PC: 133e3 \| Set disk transfer address
2018-12-17T22:50:28.710487902Z	79	PC: 133e8 \| Find next file
2018-12-17T22:50:28.714799678Z	64	PC: 13ac8 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:50:28.717166417Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:50:28.718229574Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:50:28.719495242Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:50:28.720922032Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:50:28.722032871Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:50:28.723257861Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:50:28.725353069Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:50:28.726507905Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:50:28.728265135Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:50:28.734112767Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:50:28.736780102Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:50:28.739527403Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:50:28.742587195Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:50:28.745075609Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:50:28.746393456Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:50:28.747528581Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:50:28.749587279Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:50:28.75096258Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:50:28.752321539Z	37	PC: 13801 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:50:28.753909207Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.756694568Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.758882637Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.761591215Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.764564774Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.766707628Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.76907327Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.771644184Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.773720077Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.775772618Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.778784409Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.780822258Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.782857141Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.785794947Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.787860675Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.789967647Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.793403838Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.795766701Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.79809027Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.801417535Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.803702046Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.806024311Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.809401608Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.811377923Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.81333917Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.815803635Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.817872244Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.820624137Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.823822125Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.825770823Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.827738416Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.830607603Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.832384014Z	6	PC: 13888 \| Direct console I/O
2018-12-17T22:50:28.845848323Z	76	PC: 13840 \| Terminate with return code (Return code = '202')