Sample viewer

vx.netlux.org/Virus.DOS.HLLO.Nman.7424

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:53:41.828118977Z	48	PC: 12a4c \| Get DOS version
2018-12-17T22:53:41.830124147Z	53	PC: 12bf2 \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:41.831316075Z	53	PC: 12bff \| Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:53:41.832463315Z	53	PC: 12c0c \| Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:53:41.834732957Z	53	PC: 12c19 \| Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:53:41.835919288Z	37	PC: 12c2d \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:41.837102536Z	74	PC: 12af7 \| Reallocate memory
2018-12-17T22:53:41.839528269Z	68	PC: 12fac \| I/O control for devices (Set for = 'pyright 1991 Borland Intl.')
2018-12-17T22:53:41.841349912Z	68	PC: 12fac \| I/O control for devices (Set for = '')
2018-12-17T22:53:41.843623649Z	67	PC: 13641 \| Get or set file attributes
2018-12-17T22:53:41.849349451Z	61	PC: 14015 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:53:41.856076146Z	68	PC: 1328f \| I/O control for devices (Set for = '��')
2018-12-17T22:53:41.857624033Z	68	PC: 12fac \| I/O control for devices
2018-12-17T22:53:41.859689122Z	63	PC: 1312b \| Read file or device (Read 7168 bytes on handle 5)
2018-12-17T22:53:41.868356843Z	63	PC: 1312b \| Read file or device (Read 512 bytes on handle 5)
2018-12-17T22:53:41.875667391Z	62	PC: 1367c \| Close file
2018-12-17T22:53:41.877592996Z	47	PC: 13805 \| Get disk transfer address
2018-12-17T22:53:41.879591909Z	26	PC: 1380e \| Set disk transfer address
2018-12-17T22:53:41.880694355Z	78	PC: 13818 \| Find first file
2018-12-17T22:53:41.886645626Z	26	PC: 13821 \| Set disk transfer address
2018-12-17T22:53:41.889591895Z	67	PC: 13641 \| Get or set file attributes
2018-12-17T22:53:41.896190382Z	61	PC: 14015 \| Open file (Filename = '>')
2018-12-17T22:53:41.903034003Z	68	PC: 1328f \| I/O control for devices (Set for = 'i��O�Fv�')
2018-12-17T22:53:41.930615984Z	68	PC: 12fac \| I/O control for devices
2018-12-17T22:53:41.933064626Z	63	PC: 1312b \| Read file or device (Read 7168 bytes on handle 5)
2018-12-17T22:53:41.940763886Z	63	PC: 1312b \| Read file or device (Read 512 bytes on handle 5)
2018-12-17T22:53:41.94872369Z	47	PC: 13838 \| Get disk transfer address
2018-12-17T22:53:41.949943306Z	26	PC: 13841 \| Set disk transfer address
2018-12-17T22:53:41.950997463Z	79	PC: 13845 \| Find next file
2018-12-17T22:53:41.95411402Z	26	PC: 1384e \| Set disk transfer address
2018-12-17T22:53:41.955856934Z	37	PC: 12c39 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:53:41.957690921Z	37	PC: 12c44 \| Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:53:41.95971486Z	37	PC: 12c4f \| Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:53:41.961446998Z	37	PC: 12c5a \| Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:53:41.963166099Z	62	PC: 1367c \| Close file
2018-12-17T22:53:41.965699444Z	62	PC: 1367c \| Close file
2018-12-17T22:53:41.967667825Z	62	PC: 1367c \| Close file
2018-12-17T22:53:41.969648621Z	62	PC: 1367c \| Close file
2018-12-17T22:53:41.972000058Z	62	PC: 1367c \| Close file
2018-12-17T22:53:41.974132393Z	62	PC: 1367c \| Close file
2018-12-17T22:53:41.976093051Z	76	PC: 12be3 \| Terminate with return code (Return code = '0')