Sample viewer

vx.netlux.org/Virus.DOS.HLLP.7744

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:53:03.309804047Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:03.311262581Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:53:03.312252429Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:53:03.313260946Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:53:03.31473855Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:53:03.315733105Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:03.317150924Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:53:03.319329672Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:53:03.320284901Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:53:03.321099913Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:53:03.321945947Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:53:03.323482515Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:53:03.324499032Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:53:03.325432543Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:53:03.326746857Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:53:03.327616202Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:53:03.328501582Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:53:03.330144032Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:53:03.331150132Z	53	PC: 136f2 \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:53:03.332062885Z	37	PC: 13707 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:03.333467293Z	37	PC: 1370f \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:53:03.335005646Z	37	PC: 13717 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:03.335860623Z	37	PC: 1371f \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:53:03.337191425Z	68	PC: 13d1e \| I/O control for devices (Set for = '')
2018-12-17T22:53:03.338592687Z	48	PC: 14430 \| Get DOS version
2018-12-17T22:53:03.339779348Z	61	PC: 141ef \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:53:03.344052586Z	87	PC: 13430 \| Get or set file date and time
2018-12-17T22:53:03.345551895Z	60	PC: 141ef \| Create or truncate file
2018-12-17T22:53:03.605974039Z	66	PC: 1431f \| Move file pointer
2018-12-17T22:53:03.608217906Z	63	PC: 142c2 \| Read file or device (Read 8192 bytes on handle 5)
2018-12-17T22:53:03.615305491Z	64	PC: 142c2 \| Write file or device (Write 544 bytes on handle 6)
2018-12-17T22:53:03.623206995Z	66	PC: 14380 \| Move file pointer
2018-12-17T22:53:03.624930609Z	66	PC: 1438e \| Move file pointer
2018-12-17T22:53:03.626344592Z	66	PC: 1439c \| Move file pointer
2018-12-17T22:53:03.627696073Z	62	PC: 1423f \| Close file
2018-12-17T22:53:03.630374978Z	87	PC: 1345d \| Get or set file date and time
2018-12-17T22:53:03.631988501Z	62	PC: 1423f \| Close file
2018-12-17T22:53:03.640055261Z	67	PC: 133ef \| Get or set file attributes
2018-12-17T22:53:03.646404473Z	61	PC: 141ef \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:53:03.653053095Z	87	PC: 13430 \| Get or set file date and time
2018-12-17T22:53:03.654497494Z	63	PC: 142c2 \| Read file or device (Read 7200 bytes on handle 5)
2018-12-17T22:53:03.663396017Z	66	PC: 1431f \| Move file pointer
2018-12-17T22:53:03.664727021Z	64	PC: 142c2 \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:53:03.667177958Z	87	PC: 1345d \| Get or set file date and time
2018-12-17T22:53:03.668926739Z	62	PC: 1423f \| Close file
2018-12-17T22:53:03.676534628Z	67	PC: 13416 \| Get or set file attributes
2018-12-17T22:53:03.686985628Z	26	PC: 1348d \| Set disk transfer address
2018-12-17T22:53:03.68792509Z	78	PC: 13499 \| Find first file
2018-12-17T22:53:03.698007959Z	64	PC: 13e20 \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:53:03.69955233Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:03.70051579Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:53:03.701758058Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:53:03.702990129Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:53:03.703831652Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:53:03.704946351Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:03.705731615Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:53:03.706493224Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:53:03.707597955Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:53:03.708369014Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:53:03.709067623Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:53:03.710142149Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:53:03.711019413Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:53:03.711928391Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:53:03.713339649Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:53:03.714251274Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:53:03.715161588Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:53:03.716443685Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:53:03.717191894Z	37	PC: 13822 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:53:03.717979349Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.719770635Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.721093074Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.722335163Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.724506662Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.726188231Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.727958368Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.730188779Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.732014021Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.734176222Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.737308082Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.755016172Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.756897113Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.759564354Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.761648226Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.76385763Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.766475524Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.768591499Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.770568378Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.773061318Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.776128456Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.7781549Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.78063294Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.782612974Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.78449546Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.787227446Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.789176622Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.79105048Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.793956385Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.795998127Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.798005245Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.801115597Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.803079413Z	6	PC: 138a9 \| Direct console I/O
2018-12-17T22:53:03.806505295Z	76	PC: 13861 \| Terminate with return code (Return code = '202')