Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Isow.6274

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:53:38.932413703Z 53 PC: 132ba | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:38.934483184Z 53 PC: 132ba | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:53:38.935890978Z 53 PC: 132ba | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:53:38.937294571Z 53 PC: 132ba | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:53:38.938994367Z 53 PC: 132ba | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:53:38.941135958Z 53 PC: 132ba | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:38.9425254Z 53 PC: 132ba | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:53:38.944526584Z 53 PC: 132ba | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:53:38.946836623Z 53 PC: 132ba | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:53:38.958627007Z 53 PC: 132ba | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:53:38.95995602Z 53 PC: 132ba | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:53:38.9616891Z 53 PC: 132ba | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:53:38.963851576Z 53 PC: 132ba | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:53:38.965278643Z 53 PC: 132ba | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:53:38.967471602Z 53 PC: 132ba | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:53:38.9690071Z 53 PC: 132ba | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:53:38.970365713Z 53 PC: 132ba | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:53:38.981937482Z 53 PC: 132ba | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:53:38.984211475Z 53 PC: 132ba | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:53:38.986400617Z 37 PC: 132cf | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:38.988955686Z 37 PC: 132d7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:53:38.990896137Z 37 PC: 132df | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:38.99293056Z 37 PC: 132e7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:53:38.996176609Z 68 PC: 13f1d | I/O control for devices (Set for = '�����')
2018-12-17T22:53:38.998775506Z 26 PC: 130c5 | Set disk transfer address
2018-12-17T22:53:39.000056356Z 78 PC: 130d1 | Find first file
2018-12-17T22:53:39.007733539Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.009958022Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.024220331Z 61 PC: 139e0 | Open file (Filename = '\SLEEP.COM')
2018-12-17T22:53:39.032084864Z 66 PC: 1401c | Move file pointer
2018-12-17T22:53:39.034659515Z 66 PC: 1402a | Move file pointer
2018-12-17T22:53:39.036765304Z 66 PC: 14038 | Move file pointer
2018-12-17T22:53:39.038945712Z 66 PC: 13b12 | Move file pointer
2018-12-17T22:53:39.041960586Z 63 PC: 13ab3 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:53:39.049364113Z 62 PC: 13a30 | Close file
2018-12-17T22:53:39.051802124Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.055576049Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.059407728Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.061026991Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.065410411Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.067000121Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.071305704Z 61 PC: 139e0 | Open file (Filename = '\PRINT.COM')
2018-12-17T22:53:39.079332872Z 66 PC: 1401c | Move file pointer
2018-12-17T22:53:39.081971673Z 66 PC: 1402a | Move file pointer
2018-12-17T22:53:39.08391018Z 66 PC: 14038 | Move file pointer
2018-12-17T22:53:39.085954536Z 66 PC: 13b12 | Move file pointer
2018-12-17T22:53:39.088637979Z 63 PC: 13ab3 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:53:39.096526331Z 62 PC: 13a30 | Close file
2018-12-17T22:53:39.098983093Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.100855665Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.104657332Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.106004263Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.119069271Z 61 PC: 139e0 | Open file (Filename = '\HELLO.COM')
2018-12-17T22:53:39.126823851Z 66 PC: 1401c | Move file pointer
2018-12-17T22:53:39.128829097Z 66 PC: 1402a | Move file pointer
2018-12-17T22:53:39.131434344Z 66 PC: 14038 | Move file pointer
2018-12-17T22:53:39.133203349Z 66 PC: 13b12 | Move file pointer
2018-12-17T22:53:39.135241282Z 63 PC: 13ab3 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:53:39.143911884Z 62 PC: 13a30 | Close file
2018-12-17T22:53:39.146076767Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.147325878Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.151753917Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.153165065Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.157275372Z 61 PC: 139e0 | Open file (Filename = '\PHANG.COM')
2018-12-17T22:53:39.164983524Z 66 PC: 1401c | Move file pointer
2018-12-17T22:53:39.166909218Z 66 PC: 1402a | Move file pointer
2018-12-17T22:53:39.168498523Z 66 PC: 14038 | Move file pointer
2018-12-17T22:53:39.170212051Z 66 PC: 13b12 | Move file pointer
2018-12-17T22:53:39.172212254Z 63 PC: 13ab3 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:53:39.194698018Z 62 PC: 13a30 | Close file
2018-12-17T22:53:39.19734539Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.199329224Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.20310129Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.205157366Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.209197741Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.210487106Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.214468502Z 61 PC: 139e0 | Open file (Filename = '\PRINTA~1.COM')
2018-12-17T22:53:39.222349746Z 66 PC: 1401c | Move file pointer
2018-12-17T22:53:39.22395308Z 66 PC: 1402a | Move file pointer
2018-12-17T22:53:39.239186468Z 66 PC: 14038 | Move file pointer
2018-12-17T22:53:39.24217881Z 66 PC: 13b12 | Move file pointer
2018-12-17T22:53:39.244564479Z 63 PC: 13ab3 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:53:39.25227175Z 62 PC: 13a30 | Close file
2018-12-17T22:53:39.255544512Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.257374258Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.261815274Z 61 PC: 139e0 | Open file (Filename = '\MANDEL.COM')
2018-12-17T22:53:39.270170484Z 66 PC: 1401c | Move file pointer
2018-12-17T22:53:39.272948276Z 66 PC: 1402a | Move file pointer
2018-12-17T22:53:39.278877299Z 66 PC: 14038 | Move file pointer
2018-12-17T22:53:39.281788723Z 66 PC: 13b12 | Move file pointer
2018-12-17T22:53:39.284259278Z 63 PC: 13ab3 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:53:39.292876295Z 62 PC: 13a30 | Close file
2018-12-17T22:53:39.295446125Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.298154813Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.302601105Z 61 PC: 139e0 | Open file (Filename = '\PAH.COM')
2018-12-17T22:53:39.310363751Z 66 PC: 1401c | Move file pointer
2018-12-17T22:53:39.313379Z 66 PC: 1402a | Move file pointer
2018-12-17T22:53:39.315373473Z 66 PC: 14038 | Move file pointer
2018-12-17T22:53:39.317445591Z 66 PC: 13b12 | Move file pointer
2018-12-17T22:53:39.32038212Z 63 PC: 13ab3 | Read file or device (Read 2 bytes on handle 5)
2018-12-17T22:53:39.328390103Z 62 PC: 13a30 | Close file
2018-12-17T22:53:39.331312127Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.333504216Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.337989737Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.339724978Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.343700956Z 26 PC: 130c5 | Set disk transfer address
2018-12-17T22:53:39.345602878Z 78 PC: 130d1 | Find first file
2018-12-17T22:53:39.353496675Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.355205203Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.359548848Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.361231583Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.364741506Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.36731176Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.371581259Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.373311242Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.377651185Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.37949213Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.382953035Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.385431303Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.388406543Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.389672844Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.393703981Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.395746467Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.399214857Z 26 PC: 130e9 | Set disk transfer address
2018-12-17T22:53:39.401911277Z 79 PC: 130ee | Find next file
2018-12-17T22:53:39.40792709Z 48 PC: 13b2e | Get DOS version
2018-12-17T22:53:39.41008626Z 61 PC: 139e0 | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:53:39.418507608Z 66 PC: 1401c | Move file pointer
2018-12-17T22:53:39.421614859Z 66 PC: 1402a | Move file pointer
2018-12-17T22:53:39.423644644Z 66 PC: 14038 | Move file pointer
2018-12-17T22:53:39.426687903Z 66 PC: 13b12 | Move file pointer
2018-12-17T22:53:39.429951618Z 63 PC: 13ab3 | Read file or device (Read 6272 bytes on handle 5)
2018-12-17T22:53:39.432581067Z 64 PC: 1393b | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:53:39.434973019Z 37 PC: 13411 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:39.437803869Z 37 PC: 13411 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:53:39.439576402Z 37 PC: 13411 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:53:39.441334425Z 37 PC: 13411 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:53:39.443935001Z 37 PC: 13411 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:53:39.445998044Z 37 PC: 13411 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:53:39.447972006Z 37 PC: 13411 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:53:39.450162195Z 37 PC: 13411 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:53:39.45196188Z 37 PC: 13411 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:53:39.453503036Z 37 PC: 13411 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:53:39.455460813Z 37 PC: 13411 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:53:39.456813984Z 37 PC: 13411 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:53:39.458181743Z 37 PC: 13411 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:53:39.460142246Z 37 PC: 13411 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:53:39.461538249Z 37 PC: 13411 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:53:39.463091762Z 37 PC: 13411 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:53:39.465778343Z 37 PC: 13411 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:53:39.471195342Z 37 PC: 13411 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:53:39.47288468Z 37 PC: 13411 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:53:39.4756115Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.478325141Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.481010933Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.483903302Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.487484753Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.490756611Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.493529877Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.497097698Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.499708468Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.502318476Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.505587244Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.508277316Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.511014725Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.514639886Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.51817129Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.520841779Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.524482869Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.527216901Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.529981689Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.533494421Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.536584459Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.539316886Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.542910163Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.545778589Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.548526279Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.552667975Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.555540259Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.558210619Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.561715485Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.564544385Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.567212999Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.570684707Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.573952774Z 6 PC: 13498 | Direct console I/O
2018-12-17T22:53:39.578409948Z 76 PC: 13450 | Terminate with return code (Return code = '100')