Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Kremlin.5055

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:54:00.646827382Z 98 PC: 18646 | Get current PSP
2018-12-17T22:54:00.649137171Z 71 PC: 12c94 | Get current directory
2018-12-17T22:54:00.653732743Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:00.660767608Z 65 PC: 13cc9 | Delete file (Filename = 'anti-vir.dat')
2018-12-17T22:54:00.667396339Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:00.674589911Z 65 PC: 13cc9 | Delete file (Filename = 'chklist.ms')
2018-12-17T22:54:00.681266863Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:00.687672726Z 65 PC: 13cc9 | Delete file (Filename = 'chklist.cps')
2018-12-17T22:54:00.695113032Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:00.701440868Z 65 PC: 13cc9 | Delete file (Filename = 'vs.vsn')
2018-12-17T22:54:00.708170079Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:00.715525405Z 65 PC: 13cc9 | Delete file (Filename = 'ivb.ntz')
2018-12-17T22:54:00.722489125Z 26 PC: 12d55 | Set disk transfer address
2018-12-17T22:54:00.723725037Z 78 PC: 12d67 | Find first file
2018-12-17T22:54:00.731183738Z 67 PC: 1354e | Get or set file attributes
2018-12-17T22:54:00.737963443Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:00.760931737Z 61 PC: 1369c | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:54:00.768902618Z 63 PC: 1373e | Read file or device (Read 5055 bytes on handle 5)
2018-12-17T22:54:00.780097978Z 62 PC: 13784 | Close file
2018-12-17T22:54:00.782118965Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:00.793581997Z 61 PC: 12dd9 | Open file (Filename = '\kremlin.dat')
2018-12-17T22:54:00.801765899Z 47 PC: 18485 | Get disk transfer address
2018-12-17T22:54:00.80312376Z 26 PC: 18490 | Set disk transfer address
2018-12-17T22:54:00.804668441Z 78 PC: 1849c | Find first file
2018-12-17T22:54:00.812306539Z 26 PC: 184ae | Set disk transfer address
2018-12-17T22:54:00.815866035Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:00.817415916Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:00.82515341Z 67 PC: 1354e | Get or set file attributes
2018-12-17T22:54:00.83111044Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:00.841253122Z 61 PC: 1369c | Open file (Filename = 'TEST.EXE')
2018-12-17T22:54:00.855719897Z 66 PC: 1876b | Move file pointer
2018-12-17T22:54:00.858701117Z 63 PC: 1373e | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:00.865714932Z 62 PC: 13784 | Close file
2018-12-17T22:54:00.868049076Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:00.879077832Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:00.880262257Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:00.881391228Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:00.885005928Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:00.887179511Z 47 PC: 18485 | Get disk transfer address
2018-12-17T22:54:00.888563079Z 26 PC: 18490 | Set disk transfer address
2018-12-17T22:54:00.89045317Z 78 PC: 1849c | Find first file
2018-12-17T22:54:00.897445354Z 26 PC: 184ae | Set disk transfer address
2018-12-17T22:54:00.901122751Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:00.903179365Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:00.90913967Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:00.910304408Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:00.911805979Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:00.914143751Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:00.916571861Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:00.918135047Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:00.923154486Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:00.924415905Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:00.926193745Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:00.928560561Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:00.932897427Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:00.934450475Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:00.94296108Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:00.944697773Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:00.946327224Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:00.950325414Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:00.952802116Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:00.954021166Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:00.959611056Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:00.961256337Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:00.962866111Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:00.965791025Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:00.968457814Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:00.96955274Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:00.975303112Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:00.976524867Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:00.977717798Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:00.980209629Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:00.983688143Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:00.984726864Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:00.986016837Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:00.993336546Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:00.996978236Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:00.998623497Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:01.006704026Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:01.008376738Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:01.010235049Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:01.0154373Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:01.018289588Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.026375797Z 65 PC: 13cc9 | Delete file (Filename = 'anti-vir.dat')
2018-12-17T22:54:01.03661999Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.046817695Z 65 PC: 13cc9 | Delete file (Filename = 'chklist.ms')
2018-12-17T22:54:01.054588101Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.061249915Z 65 PC: 13cc9 | Delete file (Filename = 'chklist.cps')
2018-12-17T22:54:01.068233423Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.074885698Z 65 PC: 13cc9 | Delete file (Filename = 'vs.vsn')
2018-12-17T22:54:01.082595801Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.090140473Z 65 PC: 13cc9 | Delete file (Filename = 'ivb.ntz')
2018-12-17T22:54:01.097012752Z 47 PC: 18485 | Get disk transfer address
2018-12-17T22:54:01.098635851Z 26 PC: 18490 | Set disk transfer address
2018-12-17T22:54:01.10146779Z 78 PC: 1849c | Find first file
2018-12-17T22:54:01.108118924Z 26 PC: 184ae | Set disk transfer address
2018-12-17T22:54:01.111750535Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:01.114312127Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:01.120881036Z 67 PC: 1354e | Get or set file attributes
2018-12-17T22:54:01.127149371Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.138428828Z 61 PC: 1369c | Open file (Filename = 'TEST.EXE')
2018-12-17T22:54:01.14871558Z 66 PC: 1876b | Move file pointer
2018-12-17T22:54:01.151592605Z 63 PC: 1373e | Read file or device (Read 4 bytes on handle 5)
2018-12-17T22:54:01.155007019Z 62 PC: 13784 | Close file
2018-12-17T22:54:01.158281429Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.169434539Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:01.171055834Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:01.173590085Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:01.176509759Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:01.178719279Z 47 PC: 18485 | Get disk transfer address
2018-12-17T22:54:01.181158611Z 26 PC: 18490 | Set disk transfer address
2018-12-17T22:54:01.183135184Z 78 PC: 1849c | Find first file
2018-12-17T22:54:01.189918556Z 26 PC: 184ae | Set disk transfer address
2018-12-17T22:54:01.194326867Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:01.19625573Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:01.203092723Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:01.204878888Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:01.20730264Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:01.210400199Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:01.217980918Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:01.221609335Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:01.228895911Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:01.230614589Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:01.232963762Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:01.236419133Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:01.23993663Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:01.242210993Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:01.250195912Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:01.251756132Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:01.25349058Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:01.257792881Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:01.261391712Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:01.262982049Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:01.270899201Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:01.272488886Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:01.274060478Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:01.278253114Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:01.281894123Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:01.28343613Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:01.292266497Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:01.294008669Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:01.295454135Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:01.299501127Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:01.303025416Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:01.304336629Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:01.306340814Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:01.3092186Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:01.312718313Z 26 PC: 13b6c | Set disk transfer address
2018-12-17T22:54:01.315217147Z 78 PC: 13b7e | Find first file
2018-12-17T22:54:01.322022871Z 47 PC: 184c2 | Get disk transfer address
2018-12-17T22:54:01.323546763Z 26 PC: 184cd | Set disk transfer address
2018-12-17T22:54:01.325988901Z 79 PC: 184d1 | Find next file
2018-12-17T22:54:01.328911491Z 26 PC: 184e1 | Set disk transfer address
2018-12-17T22:54:01.330849942Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.333622229Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.335803707Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.337834031Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.340645151Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.342864771Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.344861462Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.347728226Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.349818923Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.351816676Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.354389719Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.356490616Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.35854242Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.36133253Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.363693355Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.365698282Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.367957285Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.370459064Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.372443371Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.374463636Z 98 PC: 1867d | Get current PSP
2018-12-17T22:54:01.378681288Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.384988276Z 65 PC: 13cc9 | Delete file (Filename = 'anti-vir.dat')
2018-12-17T22:54:01.391721333Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.398888886Z 65 PC: 13cc9 | Delete file (Filename = 'chklist.ms')
2018-12-17T22:54:01.405427228Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.411811Z 65 PC: 13cc9 | Delete file (Filename = 'chklist.cps')
2018-12-17T22:54:01.419931162Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.426299054Z 65 PC: 13cc9 | Delete file (Filename = 'vs.vsn')
2018-12-17T22:54:01.43306353Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.441105426Z 65 PC: 13cc9 | Delete file (Filename = 'ivb.ntz')
2018-12-17T22:54:01.447566753Z 86 PC: 13fb5 | Rename file
2018-12-17T22:54:01.459373321Z 26 PC: 12ef6 | Set disk transfer address
2018-12-17T22:54:01.461721251Z 78 PC: 12f08 | Find first file
2018-12-17T22:54:01.468776082Z 67 PC: 1354e | Get or set file attributes
2018-12-17T22:54:01.475154905Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.486817361Z 61 PC: 1369c | Open file (Filename = 'A:\TEST.���')
2018-12-17T22:54:01.494779167Z 87 PC: 13609 | Get or set file date and time
2018-12-17T22:54:01.496918706Z 66 PC: 1876b | Move file pointer
2018-12-17T22:54:01.504681167Z 63 PC: 1373e | Read file or device (Read 5055 bytes on handle 5)
2018-12-17T22:54:01.513763567Z 66 PC: 1876b | Move file pointer
2018-12-17T22:54:01.528614333Z 64 PC: 136e8 | Write file or device (Write 5055 bytes on handle 5)
2018-12-17T22:54:01.538636989Z 87 PC: 1366b | Get or set file date and time
2018-12-17T22:54:01.54077726Z 62 PC: 13784 | Close file
2018-12-17T22:54:01.548964709Z 61 PC: 1369c | Open file (Filename = 'A:\TEST.���')
2018-12-17T22:54:01.557979783Z 66 PC: 1876b | Move file pointer
2018-12-17T22:54:01.56047486Z 64 PC: 136e8 | Write file or device (Write 0 bytes on handle 5)
2018-12-17T22:54:01.569167829Z 87 PC: 1366b | Get or set file date and time
2018-12-17T22:54:01.571743878Z 62 PC: 13784 | Close file
2018-12-17T22:54:01.580519943Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.591858451Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.598859081Z 65 PC: 13cc9 | Delete file (Filename = 'anti-vir.dat')
2018-12-17T22:54:01.606333651Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.612524089Z 65 PC: 13cc9 | Delete file (Filename = 'chklist.ms')
2018-12-17T22:54:01.625181986Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.638351744Z 65 PC: 13cc9 | Delete file (Filename = 'chklist.cps')
2018-12-17T22:54:01.645132301Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.651437565Z 65 PC: 13cc9 | Delete file (Filename = 'vs.vsn')
2018-12-17T22:54:01.659325401Z 67 PC: 13585 | Get or set file attributes
2018-12-17T22:54:01.66561184Z 65 PC: 13cc9 | Delete file (Filename = 'ivb.ntz')
2018-12-17T22:54:01.67714301Z 86 PC: 13fd1 | Rename file
2018-12-17T22:54:01.693845724Z 75 PC: 131cc | Execute program
2018-12-17T22:54:01.718300169Z 80 PC: 1b2c9 | Set current PSP
2018-12-17T22:54:01.719591565Z 48 PC: 1b2ce | Get DOS version
2018-12-17T22:54:01.722645462Z 99 PC: 21ab0 | Get DBCS lead byte table pointer
2018-12-17T22:54:01.726290598Z 101 PC: 1b354 | Get extended country info
2018-12-17T22:54:01.728139912Z 99 PC: 1b35a | Get DBCS lead byte table pointer
2018-12-17T22:54:01.730638425Z 74 PC: 1b3bc | Reallocate memory
2018-12-17T22:54:01.732815084Z 25 PC: 1b3f3 | Get default drive
2018-12-17T22:54:01.734359605Z 37 PC: 1aeb3 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:54:01.736603119Z 37 PC: 1aeba | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:54:01.738492138Z 37 PC: 1aec1 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:01.743411278Z 74 PC: 1a05c | Reallocate memory
2018-12-17T22:54:01.745474984Z 72 PC: 1a09d | Allocate memory
2018-12-17T22:54:01.747936087Z 72 PC: 1a0d5 | Allocate memory
2018-12-17T22:54:01.75003537Z 72 PC: 1a0dd | Allocate memory