Sample viewer

vx.netlux.org/Virus.DOS.HLLO.JJJ.3816

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:50:49.268293452Z	48	PC: 12a4b \| Get DOS version
2018-12-17T22:50:49.270031321Z	53	PC: 12b86 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:50:49.271346122Z	53	PC: 12b93 \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:50:49.272663585Z	53	PC: 12ba0 \| Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:50:49.274960961Z	53	PC: 12bad \| Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:50:49.27686475Z	37	PC: 12bc1 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:50:49.278890942Z	74	PC: 12b18 \| Reallocate memory
2018-12-17T22:50:49.282333856Z	53	PC: 13694 \| Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:50:49.283567662Z	53	PC: 13694 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:50:49.284792524Z	53	PC: 13694 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:50:49.286356501Z	53	PC: 13694 \| Get interrupt vector (Interrupt = '64' AKA 'Write file or device')
2018-12-17T22:50:49.288140278Z	37	PC: 136aa \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:50:49.289303879Z	37	PC: 136aa \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:50:49.290724009Z	37	PC: 136aa \| Set interrupt vector (Interrupt = '64' AKA 'Write file or device')
2018-12-17T22:50:49.293491051Z	61	PC: 134f1 \| Open file (Filename = '�')
2018-12-17T22:50:49.301501017Z	68	PC: 13526 \| I/O control for devices (Set for = '�1&:Mv�1�62��&:ur2��3�62��:v')
2018-12-17T22:50:49.303491032Z	66	PC: 135e0 \| Move file pointer
2018-12-17T22:50:49.305639842Z	63	PC: 13570 \| Read file or device (Read 3816 bytes on handle 5)
2018-12-17T22:50:49.312856932Z	62	PC: 13549 \| Close file
2018-12-17T22:50:49.314524862Z	26	PC: 13631 \| Set disk transfer address
2018-12-17T22:50:49.316204675Z	78	PC: 1363b \| Find first file
2018-12-17T22:50:49.323067936Z	26	PC: 13653 \| Set disk transfer address
2018-12-17T22:50:49.323949354Z	79	PC: 13657 \| Find next file
2018-12-17T22:50:49.328445421Z	26	PC: 13653 \| Set disk transfer address
2018-12-17T22:50:49.342734455Z	79	PC: 13657 \| Find next file
2018-12-17T22:50:49.345642972Z	26	PC: 13653 \| Set disk transfer address
2018-12-17T22:50:49.347290718Z	79	PC: 13657 \| Find next file
2018-12-17T22:50:49.350054747Z	26	PC: 13653 \| Set disk transfer address
2018-12-17T22:50:49.351097716Z	79	PC: 13657 \| Find next file
2018-12-17T22:50:49.355914922Z	26	PC: 13653 \| Set disk transfer address
2018-12-17T22:50:49.357040208Z	79	PC: 13657 \| Find next file
2018-12-17T22:50:49.35973981Z	26	PC: 13653 \| Set disk transfer address
2018-12-17T22:50:49.361555576Z	79	PC: 13657 \| Find next file
2018-12-17T22:50:49.364551382Z	26	PC: 13653 \| Set disk transfer address
2018-12-17T22:50:49.36560691Z	79	PC: 13657 \| Find next file
2018-12-17T22:50:49.368463397Z	67	PC: 1361a \| Get or set file attributes
2018-12-17T22:50:49.374394639Z	67	PC: 1361a \| Get or set file attributes
2018-12-17T22:50:49.402928345Z	61	PC: 134f1 \| Open file (Filename = 'TEST.COM')
2018-12-17T22:50:49.411232556Z	68	PC: 13526 \| I/O control for devices (Set for = '')
2018-12-17T22:50:49.413152339Z	87	PC: 13672 \| Get or set file date and time
2018-12-17T22:50:49.414765523Z	66	PC: 135e0 \| Move file pointer
2018-12-17T22:50:49.416035731Z	63	PC: 13570 \| Read file or device (Read 3816 bytes on handle 5)
2018-12-17T22:50:49.423562655Z	67	PC: 1361a \| Get or set file attributes
2018-12-17T22:50:49.433253978Z	26	PC: 13653 \| Set disk transfer address
2018-12-17T22:50:49.434171487Z	79	PC: 13657 \| Find next file
2018-12-17T22:50:49.442266055Z	37	PC: 136aa \| Set interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:50:49.443299207Z	37	PC: 136aa \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:50:49.444349314Z	37	PC: 136aa \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:50:49.446325303Z	37	PC: 136aa \| Set interrupt vector (Interrupt = '64' AKA 'Write file or device')
2018-12-17T22:50:49.447710222Z	37	PC: 12bcd \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:50:49.449025083Z	37	PC: 12bd8 \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:50:49.450961028Z	37	PC: 12be3 \| Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:50:49.452050476Z	37	PC: 12bee \| Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:50:49.453102037Z	76	PC: 12b76 \| Terminate with return code (Return code = '64')