Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Proga.10536

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:52:42.647699537Z 48 PC: 12a4c | Get DOS version
2018-12-17T22:52:42.649371124Z 53 PC: 12bc0 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:42.650474486Z 53 PC: 12bcd | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:52:42.651671673Z 53 PC: 12bda | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:52:42.653404756Z 53 PC: 12be7 | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:52:42.654558301Z 37 PC: 12bfb | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:42.656077948Z 74 PC: 12ad6 | Reallocate memory
2018-12-17T22:52:42.658617898Z 68 PC: 13278 | I/O control for devices (Set for = '')
2018-12-17T22:52:42.660566294Z 74 PC: 1466d | Reallocate memory
2018-12-17T22:52:42.662436978Z 74 PC: 1466d | Reallocate memory
2018-12-17T22:52:42.664600285Z 68 PC: 13278 | I/O control for devices (Set for = 'Borland C++ - Copyright 1991 Borland Intl.')
2018-12-17T22:52:42.66821172Z 42 PC: 13041 | Get date 0x13041: les bx, ptr [bp + 6]
0x13044: mov byte ptr es:[bx + 4], al
0x13048: mov byte ptr es:[bx], dl
0x1304b: mov byte ptr es:[bx + 1], dh
0x1304f: mov word ptr es:[bx + 2], cx
0x13053: pop bp
0x13054: retf
0x13055: push bp
0x13056: mov bp, sp
0x13058: mov ah, 0x2c
0x1305a: int 0x21
0x1305c: les bx, ptr [bp + 6]
0x1305f: mov byte ptr es:[bx], ch
0x13062: mov byte ptr es:[bx + 1], cl
0x13066: mov byte ptr es:[bx + 2], dh
0x1306a: mov byte ptr es:[bx + 3], dl
0x1306e: pop bp
0x1306f: retf
0x13070: push bp
0x13071: mov bp, sp
2018-12-17T22:52:43.021387483Z 37 PC: 1319e | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:52:43.025002666Z 25 PC: 13077 | Get default drive
2018-12-17T22:52:43.026559005Z 71 PC: 1313a | Get current directory
2018-12-17T22:52:43.029769643Z 25 PC: 13077 | Get default drive
2018-12-17T22:52:43.031858952Z 59 PC: 12cdc | Change current directory
2018-12-17T22:52:43.036463927Z 14 PC: 1308e | Set default drive (Drive = 'C')
2018-12-17T22:52:43.038330155Z 25 PC: 13077 | Get default drive
2018-12-17T22:52:43.040354223Z 71 PC: 1313a | Get current directory
2018-12-17T22:52:43.043650093Z 47 PC: 12fe2 | Get disk transfer address
2018-12-17T22:52:43.044665323Z 26 PC: 12feb | Set disk transfer address
2018-12-17T22:52:43.047072968Z 78 PC: 12ff5 | Find first file
2018-12-17T22:52:43.052608794Z 26 PC: 12ffe | Set disk transfer address
2018-12-17T22:52:43.054389682Z 67 PC: 12fcd | Get or set file attributes
2018-12-17T22:52:43.063518891Z 67 PC: 14826 | Get or set file attributes
2018-12-17T22:52:43.06885729Z 61 PC: 14db2 | Open file (Filename = 'IO.SYS')
2018-12-17T22:52:43.074533966Z 68 PC: 14075 | I/O control for devices (Set for = '')
2018-12-17T22:52:43.076610786Z 66 PC: 1329c | Move file pointer
2018-12-17T22:52:43.094914821Z 63 PC: 132ec | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:52:43.10092135Z 62 PC: 14864 | Close file
2018-12-17T22:52:43.102697731Z 47 PC: 13015 | Get disk transfer address
2018-12-17T22:52:43.10413233Z 26 PC: 1301e | Set disk transfer address
2018-12-17T22:52:43.105141588Z 79 PC: 13022 | Find next file
2018-12-17T22:52:43.108519879Z 26 PC: 1302b | Set disk transfer address
2018-12-17T22:52:43.11058683Z 67 PC: 12fcd | Get or set file attributes
2018-12-17T22:52:43.12324805Z 67 PC: 14826 | Get or set file attributes
2018-12-17T22:52:43.128516241Z 61 PC: 14db2 | Open file (Filename = 'MSDOS.SYS')
2018-12-17T22:52:43.134962839Z 68 PC: 14075 | I/O control for devices (Set for = '')
2018-12-17T22:52:43.136670445Z 66 PC: 1329c | Move file pointer
2018-12-17T22:52:43.138917888Z 63 PC: 132ec | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:52:43.145228038Z 62 PC: 14864 | Close file
2018-12-17T22:52:43.146847696Z 47 PC: 13015 | Get disk transfer address
2018-12-17T22:52:43.1480839Z 26 PC: 1301e | Set disk transfer address
2018-12-17T22:52:43.149506583Z 79 PC: 13022 | Find next file
2018-12-17T22:52:43.152395456Z 26 PC: 1302b | Set disk transfer address
2018-12-17T22:52:43.154035721Z 47 PC: 13015 | Get disk transfer address
2018-12-17T22:52:43.156043354Z 26 PC: 1301e | Set disk transfer address
2018-12-17T22:52:43.156959278Z 79 PC: 13022 | Find next file
2018-12-17T22:52:43.158589214Z 26 PC: 1302b | Set disk transfer address
2018-12-17T22:52:43.160153644Z 67 PC: 12fcd | Get or set file attributes
2018-12-17T22:52:43.165877398Z 67 PC: 14826 | Get or set file attributes
2018-12-17T22:52:43.169233232Z 61 PC: 14db2 | Open file (Filename = 'COMMAND.COM')
2018-12-17T22:52:43.173367074Z 68 PC: 14075 | I/O control for devices (Set for = '')
2018-12-17T22:52:43.174490044Z 66 PC: 1329c | Move file pointer
2018-12-17T22:52:43.175895751Z 63 PC: 132ec | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:52:43.178463669Z 62 PC: 14864 | Close file
2018-12-17T22:52:43.179758086Z 47 PC: 13015 | Get disk transfer address
2018-12-17T22:52:43.180590097Z 26 PC: 1301e | Set disk transfer address
2018-12-17T22:52:43.181882383Z 79 PC: 13022 | Find next file
2018-12-17T22:52:43.184186611Z 26 PC: 1302b | Set disk transfer address
2018-12-17T22:52:43.185209625Z 47 PC: 13015 | Get disk transfer address
2018-12-17T22:52:43.186941796Z 26 PC: 1301e | Set disk transfer address
2018-12-17T22:52:43.187706987Z 79 PC: 13022 | Find next file
2018-12-17T22:52:43.18967236Z 26 PC: 1302b | Set disk transfer address
2018-12-17T22:52:43.204138749Z 67 PC: 12fcd | Get or set file attributes
2018-12-17T22:52:43.216173537Z 67 PC: 14826 | Get or set file attributes
2018-12-17T22:52:43.221618057Z 61 PC: 14db2 | Open file (Filename = 'CONFIG.SYS')
2018-12-17T22:52:43.22808335Z 68 PC: 14075 | I/O control for devices (Set for = '')
2018-12-17T22:52:43.229794726Z 66 PC: 1329c | Move file pointer
2018-12-17T22:52:43.232454056Z 63 PC: 132ec | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:52:43.238768362Z 62 PC: 14864 | Close file
2018-12-17T22:52:43.240562037Z 47 PC: 13015 | Get disk transfer address
2018-12-17T22:52:43.241677612Z 26 PC: 1301e | Set disk transfer address
2018-12-17T22:52:43.243127262Z 79 PC: 13022 | Find next file
2018-12-17T22:52:43.245625425Z 26 PC: 1302b | Set disk transfer address
2018-12-17T22:52:43.246816072Z 67 PC: 12fcd | Get or set file attributes
2018-12-17T22:52:43.254240299Z 67 PC: 14826 | Get or set file attributes
2018-12-17T22:52:43.257940513Z 61 PC: 14db2 | Open file (Filename = 'AUTOEXEC.BAT')
2018-12-17T22:52:43.2620445Z 68 PC: 14075 | I/O control for devices (Set for = '')
2018-12-17T22:52:43.264403645Z 66 PC: 1329c | Move file pointer
2018-12-17T22:52:43.266640468Z 63 PC: 132ec | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:52:43.268736154Z 62 PC: 14864 | Close file
2018-12-17T22:52:43.272430747Z 47 PC: 13015 | Get disk transfer address
2018-12-17T22:52:43.273396665Z 26 PC: 1301e | Set disk transfer address
2018-12-17T22:52:43.274160326Z 79 PC: 13022 | Find next file
2018-12-17T22:52:43.276438726Z 26 PC: 1302b | Set disk transfer address
2018-12-17T22:52:43.277474685Z 47 PC: 12fe2 | Get disk transfer address
2018-12-17T22:52:43.278360497Z 26 PC: 12feb | Set disk transfer address
2018-12-17T22:52:43.280000155Z 78 PC: 12ff5 | Find first file
2018-12-17T22:52:43.283409554Z 26 PC: 12ffe | Set disk transfer address
2018-12-17T22:52:43.284315835Z 47 PC: 13015 | Get disk transfer address
2018-12-17T22:52:43.285589057Z 26 PC: 1301e | Set disk transfer address
2018-12-17T22:52:43.286484447Z 79 PC: 13022 | Find next file
2018-12-17T22:52:43.288314711Z 26 PC: 1302b | Set disk transfer address
2018-12-17T22:52:43.289824499Z 47 PC: 13015 | Get disk transfer address
2018-12-17T22:52:43.290872224Z 26 PC: 1301e | Set disk transfer address
2018-12-17T22:52:43.29173128Z 79 PC: 13022 | Find next file
2018-12-17T22:52:43.294060669Z 26 PC: 1302b | Set disk transfer address
2018-12-17T22:52:43.295128066Z 59 PC: 12cdc | Change current directory
2018-12-17T22:52:43.29884974Z 25 PC: 13077 | Get default drive
2018-12-17T22:52:43.300378791Z 71 PC: 1313a | Get current directory
2018-12-17T22:52:43.302129805Z 47 PC: 12fe2 | Get disk transfer address
2018-12-17T22:52:43.302997369Z 26 PC: 12feb | Set disk transfer address
2018-12-17T22:52:43.304447476Z 78 PC: 12ff5 | Find first file
2018-12-17T22:52:43.309596533Z 26 PC: 12ffe | Set disk transfer address
2018-12-17T22:52:43.31050524Z 47 PC: 13015 | Get disk transfer address
2018-12-17T22:52:43.311927142Z 26 PC: 1301e | Set disk transfer address
2018-12-17T22:52:43.312864322Z 79 PC: 13022 | Find next file
2018-12-17T22:52:43.314913689Z 26 PC: 1302b | Set disk transfer address
2018-12-17T22:52:43.316339504Z 47 PC: 13015 | Get disk transfer address
2018-12-17T22:52:43.317232514Z 26 PC: 1301e | Set disk transfer address
2018-12-17T22:52:43.318227925Z 79 PC: 13022 | Find next file
2018-12-17T22:52:43.320760633Z 26 PC: 1302b | Set disk transfer address
2018-12-17T22:52:43.322008129Z 67 PC: 12fcd | Get or set file attributes
2018-12-17T22:52:43.32810259Z 67 PC: 14826 | Get or set file attributes
2018-12-17T22:52:43.335660112Z 61 PC: 14db2 | Open file (Filename = 'ATTRIB.EXE')
2018-12-17T22:52:43.342311657Z 68 PC: 14075 | I/O control for devices (Set for = '')
2018-12-17T22:52:43.343712138Z 66 PC: 1329c | Move file pointer
2018-12-17T22:52:43.34629495Z 63 PC: 132ec | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:52:43.352152021Z 62 PC: 14864 | Close file
2018-12-17T22:52:43.354039845Z 67 PC: 12fcd | Get or set file attributes
2018-12-17T22:52:43.364386846Z 67 PC: 14826 | Get or set file attributes
2018-12-17T22:52:43.370094291Z 61 PC: 14db2 | Open file (Filename = 'C:\DOS\ATTRIB.EXE')
2018-12-17T22:52:43.376584636Z 68 PC: 14075 | I/O control for devices (Set for = '')
2018-12-17T22:52:43.378497929Z 66 PC: 1329c | Move file pointer
2018-12-17T22:52:43.380510708Z 63 PC: 132ec | Read file or device (Read 5 bytes on handle 5)
2018-12-17T22:52:43.386669933Z 62 PC: 14864 | Close file
2018-12-17T22:52:43.38895167Z 67 PC: 14826 | Get or set file attributes
2018-12-17T22:52:43.395165634Z 61 PC: 14db2 | Open file (Filename = '')
2018-12-17T22:52:43.40220277Z 68 PC: 14075 | I/O control for devices (Set for = '��<|t<|t�')
2018-12-17T22:52:43.405924232Z 67 PC: 14826 | Get or set file attributes
2018-12-17T22:52:43.40881112Z 65 PC: 13302 | Delete file (Filename = 'A:\\vvvvvvvv.vvv')
2018-12-17T22:52:43.411279046Z 65 PC: 13302 | Delete file (Filename = 'A:\\proga.exe')
2018-12-17T22:52:43.414559233Z 37 PC: 12c07 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:52:43.41599671Z 37 PC: 12c12 | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:52:43.417448546Z 37 PC: 12c1d | Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:52:43.419649328Z 37 PC: 12c28 | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:52:43.421126733Z 76 PC: 12bb1 | Terminate with return code (Return code = '0')