Sample viewer

vx.netlux.org/Virus.DOS.HLLO.4372

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:55:14.994953003Z 48 PC: 12a4c | Get DOS version
2018-12-17T22:55:14.99656109Z 53 PC: 12ba8 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:55:14.99836659Z 53 PC: 12bb5 | Get interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:55:15.000268189Z 53 PC: 12bc2 | Get interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:55:15.001767525Z 53 PC: 12bcf | Get interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:55:15.004032777Z 37 PC: 12be3 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:55:15.005628905Z 74 PC: 12b19 | Reallocate memory
2018-12-17T22:55:15.008889043Z 53 PC: 136a8 | Get interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:55:15.011466375Z 53 PC: 136a8 | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:55:15.013168236Z 53 PC: 136a8 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:55:15.01476998Z 53 PC: 136a8 | Get interrupt vector (Interrupt = '64' AKA 'Write file or device')
2018-12-17T22:55:15.019250713Z 37 PC: 136be | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:55:15.021215517Z 37 PC: 136be | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:55:15.023145928Z 37 PC: 136be | Set interrupt vector (Interrupt = '64' AKA 'Write file or device')
2018-12-17T22:55:15.025773143Z 61 PC: 13505 | Open file (Filename = '�')
2018-12-17T22:55:15.033382406Z 68 PC: 1353a | I/O control for devices (Set for = '')
2018-12-17T22:55:15.03481486Z 66 PC: 135f4 | Move file pointer
2018-12-17T22:55:15.036700043Z 63 PC: 13584 | Read file or device (Read 4372 bytes on handle 5)
2018-12-17T22:55:15.045667333Z 62 PC: 1355d | Close file
2018-12-17T22:55:15.047786923Z 26 PC: 13645 | Set disk transfer address
2018-12-17T22:55:15.049319285Z 78 PC: 1364f | Find first file
2018-12-17T22:55:15.05643036Z 67 PC: 1362e | Get or set file attributes
2018-12-17T22:55:15.063106446Z 67 PC: 1362e | Get or set file attributes
2018-12-17T22:55:15.082365649Z 61 PC: 13505 | Open file (Filename = 'TEST.EXE')
2018-12-17T22:55:15.091262784Z 68 PC: 1353a | I/O control for devices (Set for = '')
2018-12-17T22:55:15.094082345Z 87 PC: 13686 | Get or set file date and time
2018-12-17T22:55:15.096367169Z 66 PC: 135f4 | Move file pointer
2018-12-17T22:55:15.099220779Z 63 PC: 13584 | Read file or device (Read 4372 bytes on handle 5)
2018-12-17T22:55:15.107269048Z 67 PC: 1362e | Get or set file attributes
2018-12-17T22:55:15.114277103Z 26 PC: 13667 | Set disk transfer address
2018-12-17T22:55:15.116189754Z 79 PC: 1366b | Find next file
2018-12-17T22:55:15.119113025Z 37 PC: 136be | Set interrupt vector (Interrupt = '19' AKA 'Delete file')
2018-12-17T22:55:15.120408779Z 37 PC: 136be | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:55:15.12253405Z 37 PC: 136be | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:55:15.123833519Z 37 PC: 136be | Set interrupt vector (Interrupt = '64' AKA 'Write file or device')
2018-12-17T22:55:15.12513848Z 37 PC: 12bef | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:55:15.126949335Z 37 PC: 12bfa | Set interrupt vector (Interrupt = '4' AKA 'Auxiliary output')
2018-12-17T22:55:15.128715457Z 37 PC: 12c05 | Set interrupt vector (Interrupt = '5' AKA 'Printer output')
2018-12-17T22:55:15.129964511Z 37 PC: 12c10 | Set interrupt vector (Interrupt = '6' AKA 'Direct console I/O')
2018-12-17T22:55:15.131437555Z 76 PC: 12b98 | Terminate with return code (Return code = '64')