Sample viewer

vx.netlux.org/Virus.DOS.HLLC.Halv.10192

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:53:27.512200446Z 53 PC: 13dba | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:27.514433035Z 53 PC: 13dba | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:53:27.515975083Z 53 PC: 13dba | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:53:27.517516877Z 53 PC: 13dba | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:53:27.520907117Z 53 PC: 13dba | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:53:27.522847353Z 53 PC: 13dba | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:27.524126672Z 53 PC: 13dba | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:53:27.525379513Z 53 PC: 13dba | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:53:27.527731219Z 53 PC: 13dba | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:53:27.529906883Z 53 PC: 13dba | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:53:27.531496994Z 53 PC: 13dba | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:53:27.534125054Z 53 PC: 13dba | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:53:27.535296325Z 53 PC: 13dba | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:53:27.536440786Z 53 PC: 13dba | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:53:27.538324254Z 53 PC: 13dba | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:53:27.539607026Z 53 PC: 13dba | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:53:27.540905179Z 53 PC: 13dba | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:53:27.542926428Z 53 PC: 13dba | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:53:27.544335702Z 53 PC: 13dba | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:53:27.545609284Z 37 PC: 13dcf | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:27.547413566Z 37 PC: 13dd7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:53:27.548839057Z 37 PC: 13ddf | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:27.550237386Z 37 PC: 13de7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:53:27.552657849Z 68 PC: 14d25 | I/O control for devices (Set for = '����3��þ隬��2������!�����')
2018-12-17T22:53:27.602696212Z 37 PC: 137e1 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:53:27.604158943Z 48 PC: 14936 | Get DOS version
2018-12-17T22:53:27.605749002Z 61 PC: 14774 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:53:27.614146349Z 66 PC: 14e24 | Move file pointer
2018-12-17T22:53:27.616178329Z 66 PC: 14e32 | Move file pointer
2018-12-17T22:53:27.617430385Z 66 PC: 14e40 | Move file pointer
2018-12-17T22:53:27.619889591Z 66 PC: 14e24 | Move file pointer
2018-12-17T22:53:27.621318283Z 66 PC: 14e32 | Move file pointer
2018-12-17T22:53:27.622781397Z 66 PC: 14e40 | Move file pointer
2018-12-17T22:53:27.624764187Z 63 PC: 14847 | Read file or device (Read 10192 bytes on handle 5)
2018-12-17T22:53:27.634101109Z 26 PC: 136d9 | Set disk transfer address
2018-12-17T22:53:27.635071663Z 78 PC: 136e5 | Find first file
2018-12-17T22:53:27.639907648Z 61 PC: 14774 | Open file (Filename = 'SLEEP.COM')
2018-12-17T22:53:27.647883563Z 86 PC: 14901 | Rename file
2018-12-17T22:53:27.666747273Z 67 PC: 136a6 | Get or set file attributes
2018-12-17T22:53:27.677841238Z 62 PC: 147c4 | Close file
2018-12-17T22:53:27.679940079Z 60 PC: 14774 | Create or truncate file
2018-12-17T22:53:27.691750426Z 66 PC: 14e24 | Move file pointer
2018-12-17T22:53:27.69368654Z 66 PC: 14e32 | Move file pointer
2018-12-17T22:53:27.695147228Z 66 PC: 14e40 | Move file pointer
2018-12-17T22:53:27.696707219Z 64 PC: 14847 | Write file or device (Write 10192 bytes on handle 6)
2018-12-17T22:53:27.706262143Z 62 PC: 147c4 | Close file
2018-12-17T22:53:27.715148393Z 26 PC: 136ff | Set disk transfer address
2018-12-17T22:53:27.716180255Z 79 PC: 13704 | Find next file
2018-12-17T22:53:27.719472496Z 61 PC: 14774 | Open file (Filename = 'PRINT.COM')
2018-12-17T22:53:27.728690676Z 86 PC: 14901 | Rename file
2018-12-17T22:53:27.741816658Z 67 PC: 136a6 | Get or set file attributes
2018-12-17T22:53:27.752649929Z 62 PC: 147c4 | Close file
2018-12-17T22:53:27.755106922Z 60 PC: 14774 | Create or truncate file
2018-12-17T22:53:27.767606451Z 66 PC: 14e24 | Move file pointer
2018-12-17T22:53:27.769109031Z 66 PC: 14e32 | Move file pointer
2018-12-17T22:53:27.771562484Z 66 PC: 14e40 | Move file pointer
2018-12-17T22:53:27.773353323Z 64 PC: 14847 | Write file or device (Write 10192 bytes on handle 6)
2018-12-17T22:53:27.782883097Z 62 PC: 147c4 | Close file
2018-12-17T22:53:27.793865585Z 26 PC: 136ff | Set disk transfer address
2018-12-17T22:53:27.794994717Z 79 PC: 13704 | Find next file
2018-12-17T22:53:27.798292395Z 61 PC: 14774 | Open file (Filename = 'HELLO.COM')
2018-12-17T22:53:27.806911178Z 86 PC: 14901 | Rename file
2018-12-17T22:53:27.820014072Z 67 PC: 136a6 | Get or set file attributes
2018-12-17T22:53:27.830654693Z 62 PC: 147c4 | Close file
2018-12-17T22:53:27.833296388Z 60 PC: 14774 | Create or truncate file
2018-12-17T22:53:27.848355885Z 66 PC: 14e24 | Move file pointer
2018-12-17T22:53:27.849837619Z 66 PC: 14e32 | Move file pointer
2018-12-17T22:53:27.852174466Z 66 PC: 14e40 | Move file pointer
2018-12-17T22:53:27.854175703Z 64 PC: 14847 | Write file or device (Write 10192 bytes on handle 6)
2018-12-17T22:53:27.864650164Z 62 PC: 147c4 | Close file
2018-12-17T22:53:27.874129253Z 26 PC: 136ff | Set disk transfer address
2018-12-17T22:53:27.875457936Z 79 PC: 13704 | Find next file
2018-12-17T22:53:27.878893817Z 61 PC: 14774 | Open file (Filename = 'PHANG.COM')
2018-12-17T22:53:27.887643707Z 86 PC: 14901 | Rename file
2018-12-17T22:53:27.901211645Z 67 PC: 136a6 | Get or set file attributes
2018-12-17T22:53:27.915433692Z 62 PC: 147c4 | Close file
2018-12-17T22:53:27.91820714Z 60 PC: 14774 | Create or truncate file
2018-12-17T22:53:27.931298827Z 66 PC: 14e24 | Move file pointer
2018-12-17T22:53:27.93284231Z 66 PC: 14e32 | Move file pointer
2018-12-17T22:53:27.950119181Z 66 PC: 14e40 | Move file pointer
2018-12-17T22:53:27.951813232Z 64 PC: 14847 | Write file or device (Write 10192 bytes on handle 6)
2018-12-17T22:53:27.961587328Z 62 PC: 147c4 | Close file
2018-12-17T22:53:27.971134146Z 26 PC: 136ff | Set disk transfer address
2018-12-17T22:53:27.972085032Z 79 PC: 13704 | Find next file
2018-12-17T22:53:27.975483555Z 61 PC: 14774 | Open file (Filename = 'PRINTA~1.COM')
2018-12-17T22:53:27.984355546Z 86 PC: 14901 | Rename file
2018-12-17T22:53:27.997511798Z 67 PC: 136a6 | Get or set file attributes
2018-12-17T22:53:28.008430784Z 62 PC: 147c4 | Close file
2018-12-17T22:53:28.01121626Z 60 PC: 14774 | Create or truncate file
2018-12-17T22:53:28.023459912Z 66 PC: 14e24 | Move file pointer
2018-12-17T22:53:28.024971205Z 66 PC: 14e32 | Move file pointer
2018-12-17T22:53:28.027567877Z 66 PC: 14e40 | Move file pointer
2018-12-17T22:53:28.029633605Z 64 PC: 14847 | Write file or device (Write 10192 bytes on handle 6)
2018-12-17T22:53:28.039465309Z 62 PC: 147c4 | Close file
2018-12-17T22:53:28.048773382Z 26 PC: 136ff | Set disk transfer address
2018-12-17T22:53:28.050089214Z 79 PC: 13704 | Find next file
2018-12-17T22:53:28.054273207Z 61 PC: 14774 | Open file (Filename = 'MANDEL.COM')
2018-12-17T22:53:28.064524627Z 86 PC: 14901 | Rename file
2018-12-17T22:53:28.077154106Z 67 PC: 136a6 | Get or set file attributes
2018-12-17T22:53:28.08845055Z 62 PC: 147c4 | Close file
2018-12-17T22:53:28.091650273Z 60 PC: 14774 | Create or truncate file
2018-12-17T22:53:28.10400362Z 66 PC: 14e24 | Move file pointer
2018-12-17T22:53:28.105534908Z 66 PC: 14e32 | Move file pointer
2018-12-17T22:53:28.107014533Z 66 PC: 14e40 | Move file pointer
2018-12-17T22:53:28.108718941Z 64 PC: 14847 | Write file or device (Write 10192 bytes on handle 6)
2018-12-17T22:53:28.118759153Z 62 PC: 147c4 | Close file
2018-12-17T22:53:28.127916575Z 26 PC: 136ff | Set disk transfer address
2018-12-17T22:53:28.129354289Z 79 PC: 13704 | Find next file
2018-12-17T22:53:28.132593631Z 61 PC: 14774 | Open file (Filename = 'PAH.COM')
2018-12-17T22:53:28.140736101Z 86 PC: 14901 | Rename file
2018-12-17T22:53:28.148662856Z 67 PC: 136a6 | Get or set file attributes
2018-12-17T22:53:28.162299945Z 62 PC: 147c4 | Close file
2018-12-17T22:53:28.164401647Z 60 PC: 14774 | Create or truncate file
2018-12-17T22:53:28.179905885Z 66 PC: 14e24 | Move file pointer
2018-12-17T22:53:28.181465146Z 66 PC: 14e32 | Move file pointer
2018-12-17T22:53:28.182905155Z 66 PC: 14e40 | Move file pointer
2018-12-17T22:53:28.185184164Z 64 PC: 14847 | Write file or device (Write 10192 bytes on handle 6)
2018-12-17T22:53:28.194695877Z 62 PC: 147c4 | Close file
2018-12-17T22:53:28.20338446Z 26 PC: 136ff | Set disk transfer address
2018-12-17T22:53:28.205683177Z 79 PC: 13704 | Find next file
2018-12-17T22:53:28.20907873Z 66 PC: 14e24 | Move file pointer
2018-12-17T22:53:28.210704256Z 66 PC: 14e32 | Move file pointer
2018-12-17T22:53:28.213322371Z 66 PC: 14e40 | Move file pointer
2018-12-17T22:53:28.215567929Z 62 PC: 147c4 | Close file
2018-12-17T22:53:28.220964246Z 76 PC: 12cfb | Terminate with return code (Return code = '85')