Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Izvrat.5555

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:54:59.4119817Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:54:59.413856917Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:54:59.41525146Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:54:59.416621418Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:54:59.418325323Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:54:59.420472902Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:59.421879137Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:54:59.423273811Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:54:59.425643328Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:54:59.426992877Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:54:59.428699446Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:54:59.431143935Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:54:59.432535282Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:54:59.433814418Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:54:59.435772301Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:54:59.437165783Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:54:59.438807801Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:54:59.441864531Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:54:59.44312903Z 53 PC: 13a62 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:54:59.44429336Z 37 PC: 13a77 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:54:59.445969874Z 37 PC: 13a7f | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:54:59.447600831Z 37 PC: 13a87 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:59.455671703Z 37 PC: 13a8f | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:54:59.458171064Z 68 PC: 13dff | I/O control for devices (Set for = '')
2018-12-17T22:54:59.460844724Z 48 PC: 1457e | Get DOS version
2018-12-17T22:54:59.462765957Z 48 PC: 1457e | Get DOS version
2018-12-17T22:54:59.464372028Z 26 PC: 137b9 | Set disk transfer address
2018-12-17T22:54:59.46626576Z 78 PC: 137c5 | Find first file
2018-12-17T22:54:59.473078676Z 60 PC: 143ca | Create or truncate file
2018-12-17T22:54:59.686391416Z 65 PC: 14513 | Delete file (Filename = '\�')
2018-12-17T22:54:59.699653593Z 60 PC: 143ca | Create or truncate file
2018-12-17T22:54:59.711801674Z 65 PC: 14513 | Delete file (Filename = 'A:\�')
2018-12-17T22:54:59.72448409Z 48 PC: 1457e | Get DOS version
2018-12-17T22:54:59.728922559Z 61 PC: 143ca | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:54:59.736237368Z 63 PC: 1449d | Read file or device (Read 5555 bytes on handle 7)
2018-12-17T22:54:59.745151035Z 62 PC: 1441a | Close file
2018-12-17T22:54:59.749568425Z 253 PC: 12f09 | UNKNOWN!
2018-12-17T22:54:59.751023341Z 48 PC: 1457e | Get DOS version
2018-12-17T22:54:59.753022902Z 26 PC: 137b9 | Set disk transfer address
2018-12-17T22:54:59.755662879Z 78 PC: 137c5 | Find first file
2018-12-17T22:54:59.762618883Z 48 PC: 1457e | Get DOS version
2018-12-17T22:54:59.76588675Z 67 PC: 13742 | Get or set file attributes
2018-12-17T22:54:59.778010595Z 61 PC: 143ca | Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:54:59.785322709Z 66 PC: 144fc | Move file pointer
2018-12-17T22:54:59.786932598Z 63 PC: 1449d | Read file or device (Read 5555 bytes on handle 7)
2018-12-17T22:54:59.795122894Z 66 PC: 144fc | Move file pointer
2018-12-17T22:54:59.798330979Z 64 PC: 143fb | Write file or device (Write 0 bytes on handle 7)
2018-12-17T22:54:59.809147095Z 66 PC: 144fc | Move file pointer
2018-12-17T22:54:59.811190007Z 64 PC: 1449d | Write file or device (Write 5555 bytes on handle 7)
2018-12-17T22:54:59.821509689Z 87 PC: 13789 | Get or set file date and time
2018-12-17T22:54:59.823215468Z 67 PC: 13742 | Get or set file attributes
2018-12-17T22:54:59.8330996Z 62 PC: 1441a | Close file
2018-12-17T22:54:59.84251468Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:54:59.843883355Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:54:59.845391832Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:54:59.848349105Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:54:59.849792621Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:54:59.852096354Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:54:59.854583702Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:54:59.85627293Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:54:59.85798447Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:54:59.859789395Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:54:59.862088038Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:59.863782496Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:59.865782057Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:54:59.868637368Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:54:59.870644473Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:54:59.872505664Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:54:59.87534753Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:54:59.877146754Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:54:59.87901599Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:54:59.881832469Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:54:59.883414394Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:54:59.885051214Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:54:59.887488498Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:54:59.889260341Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:54:59.890882111Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:54:59.89365067Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:54:59.89543747Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:54:59.897066384Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:54:59.899414471Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:54:59.900938709Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:54:59.902178691Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:54:59.903574426Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:54:59.905602761Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:54:59.907061125Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:54:59.908926023Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:54:59.911532556Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:54:59.912917611Z 53 PC: 138c7 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:54:59.914532489Z 37 PC: 138d0 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:54:59.9175474Z 41 PC: 1396a | Parse filename
2018-12-17T22:54:59.919513849Z 41 PC: 13978 | Parse filename
2018-12-17T22:54:59.92224159Z 75 PC: 13983 | Execute program
2018-12-17T22:54:59.9483867Z 80 PC: 1a889 | Set current PSP
2018-12-17T22:54:59.949313924Z 48 PC: 1a88e | Get DOS version
2018-12-17T22:54:59.951047635Z 99 PC: 21070 | Get DBCS lead byte table pointer
2018-12-17T22:54:59.954106829Z 101 PC: 1a914 | Get extended country info
2018-12-17T22:54:59.957075424Z 99 PC: 1a91a | Get DBCS lead byte table pointer
2018-12-17T22:54:59.958453887Z 74 PC: 1a97c | Reallocate memory
2018-12-17T22:54:59.960264934Z 25 PC: 1a9b3 | Get default drive
2018-12-17T22:54:59.963533261Z 37 PC: 1a473 | Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:54:59.966248649Z 37 PC: 1a47a | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:54:59.96747212Z 37 PC: 1a481 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:54:59.972918696Z 74 PC: 1961c | Reallocate memory
2018-12-17T22:54:59.974555805Z 72 PC: 1965d | Allocate memory
2018-12-17T22:54:59.976293634Z 72 PC: 19695 | Allocate memory
2018-12-17T22:54:59.980580868Z 72 PC: 1969d | Allocate memory