Sample viewer

vx.netlux.org/Virus.DOS.HLLP.Merlin.3963

.

GIF

Syscalls:

Time Syscall Op Syscall Name
2018-12-17T22:55:40.769898215Z 53 PC: 1334b | Get interrupt vector (Interrupt = '144' AKA 'UNKNOWN!')
2018-12-17T22:55:40.772013045Z 53 PC: 1335a | Get interrupt vector (Interrupt = '145' AKA 'UNKNOWN!')
2018-12-17T22:55:40.773368136Z 37 PC: 1336c | Set interrupt vector (Interrupt = '144' AKA 'UNKNOWN!')
2018-12-17T22:55:40.774741257Z 37 PC: 13375 | Set interrupt vector (Interrupt = '145' AKA 'UNKNOWN!')
2018-12-17T22:55:40.778753436Z 53 PC: 149aa | Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:55:40.779965539Z 53 PC: 149aa | Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:55:40.781380891Z 53 PC: 149aa | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:55:40.783231595Z 53 PC: 149aa | Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:55:40.784342861Z 53 PC: 149aa | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:55:40.785469232Z 53 PC: 149aa | Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:55:40.787174627Z 53 PC: 149aa | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:55:40.793884914Z 53 PC: 149aa | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:55:40.795180715Z 53 PC: 149aa | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:55:40.808264725Z 53 PC: 149aa | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:55:40.811157903Z 53 PC: 149aa | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:55:40.812346649Z 53 PC: 149aa | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:55:40.813866591Z 53 PC: 149aa | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:55:40.815555837Z 53 PC: 149aa | Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:55:40.816629345Z 53 PC: 149aa | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:55:40.819052529Z 53 PC: 149aa | Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:55:40.821127178Z 53 PC: 149aa | Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:55:40.822584673Z 53 PC: 149aa | Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:55:40.823995885Z 53 PC: 149aa | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:55:40.826585466Z 37 PC: 149bf | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:55:40.827690111Z 37 PC: 149c7 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:55:40.828699061Z 37 PC: 149cf | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:55:40.830287767Z 37 PC: 149d7 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:55:40.832317847Z 68 PC: 15599 | I/O control for devices (Set for = '��>���')
2018-12-17T22:55:40.834349356Z 60 PC: 15070 | Create or truncate file
2018-12-17T22:55:40.857370909Z 62 PC: 150c0 | Close file
2018-12-17T22:55:40.859710684Z 65 PC: 151b9 | Delete file (Filename = '�')
2018-12-17T22:55:40.86710252Z 26 PC: 14887 | Set disk transfer address
2018-12-17T22:55:40.868116096Z 78 PC: 14893 | Find first file
2018-12-17T22:55:40.873700757Z 61 PC: 15070 | Open file (Filename = 'TEST.EXE')
2018-12-17T22:55:40.883246859Z 66 PC: 15698 | Move file pointer
2018-12-17T22:55:40.884519217Z 66 PC: 156a6 | Move file pointer
2018-12-17T22:55:40.89354845Z 66 PC: 156b4 | Move file pointer
2018-12-17T22:55:40.895646247Z 66 PC: 15698 | Move file pointer
2018-12-17T22:55:40.897395021Z 66 PC: 156a6 | Move file pointer
2018-12-17T22:55:40.900236285Z 66 PC: 156b4 | Move file pointer
2018-12-17T22:55:40.901886804Z 63 PC: 15143 | Read file or device (Read 28 bytes on handle 5)
2018-12-17T22:55:40.904575031Z 66 PC: 15698 | Move file pointer
2018-12-17T22:55:40.906904938Z 66 PC: 156a6 | Move file pointer
2018-12-17T22:55:40.908394786Z 66 PC: 156b4 | Move file pointer
2018-12-17T22:55:40.914082858Z 66 PC: 15698 | Move file pointer
2018-12-17T22:55:40.916241696Z 66 PC: 156a6 | Move file pointer
2018-12-17T22:55:40.917751581Z 66 PC: 156b4 | Move file pointer
2018-12-17T22:55:40.920685515Z 66 PC: 15698 | Move file pointer
2018-12-17T22:55:40.922090429Z 66 PC: 156a6 | Move file pointer
2018-12-17T22:55:40.924305494Z 66 PC: 156b4 | Move file pointer
2018-12-17T22:55:40.92609Z 66 PC: 15698 | Move file pointer
2018-12-17T22:55:40.92763417Z 66 PC: 156a6 | Move file pointer
2018-12-17T22:55:40.929843978Z 66 PC: 156b4 | Move file pointer
2018-12-17T22:55:40.931675553Z 66 PC: 15698 | Move file pointer
2018-12-17T22:55:40.933280202Z 66 PC: 156a6 | Move file pointer
2018-12-17T22:55:40.935368085Z 66 PC: 156b4 | Move file pointer
2018-12-17T22:55:40.936854596Z 66 PC: 15698 | Move file pointer
2018-12-17T22:55:40.93822096Z 66 PC: 156a6 | Move file pointer
2018-12-17T22:55:40.941066405Z 66 PC: 156b4 | Move file pointer
2018-12-17T22:55:40.942582029Z 66 PC: 15698 | Move file pointer
2018-12-17T22:55:40.943842088Z 66 PC: 156a6 | Move file pointer
2018-12-17T22:55:40.946132945Z 66 PC: 156b4 | Move file pointer
2018-12-17T22:55:40.947550487Z 66 PC: 151a2 | Move file pointer
2018-12-17T22:55:40.948999726Z 64 PC: 15143 | Write file or device (Write 3963 bytes on handle 5)
2018-12-17T22:55:40.959053554Z 66 PC: 151a2 | Move file pointer
2018-12-17T22:55:40.960970072Z 64 PC: 15143 | Write file or device (Write 28 bytes on handle 5)
2018-12-17T22:55:40.964278356Z 62 PC: 150c0 | Close file
2018-12-17T22:55:40.974348122Z 67 PC: 1482f | Get or set file attributes
2018-12-17T22:55:40.980446134Z 67 PC: 14856 | Get or set file attributes
2018-12-17T22:55:40.990504627Z 26 PC: 148ab | Set disk transfer address
2018-12-17T22:55:40.992966994Z 79 PC: 148b0 | Find next file
2018-12-17T22:55:40.996150039Z 64 PC: 14dc8 | Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:55:40.998313999Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:55:41.000691292Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:55:41.002553918Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:55:41.004086606Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:55:41.006457617Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:55:41.008340997Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:55:41.00985986Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:55:41.011987524Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:55:41.013970974Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:55:41.015481113Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:55:41.0179644Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:55:41.019282377Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:55:41.020409171Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:55:41.022241844Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:55:41.023392266Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:55:41.024514676Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:55:41.025610532Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:55:41.027560918Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:55:41.028664658Z 37 PC: 14b01 | Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:55:41.029762788Z 37 PC: 133c0 | Set interrupt vector (Interrupt = '144' AKA 'UNKNOWN!')
2018-12-17T22:55:41.031920765Z 37 PC: 133ca | Set interrupt vector (Interrupt = '145' AKA 'UNKNOWN!')
2018-12-17T22:55:41.032996352Z 98 PC: 133ce | Get current PSP
2018-12-17T22:55:41.03393464Z 26 PC: 133d9 | Set disk transfer address
2018-12-17T22:55:41.036209028Z 9 PC: 12f31 | Display string (Could not find end pointer)
2018-12-17T22:55:41.040159469Z 76 PC: 12f35 | Terminate with return code (Return code = '36')