Sample viewer

vx.netlux.org/Virus.DOS.HLLP.7200.b

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:56:13.592407398Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:56:13.594179831Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:56:13.597168762Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:56:13.598669474Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:56:13.600046774Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:56:13.60227812Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:13.603801494Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:56:13.605253324Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:56:13.607242184Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:56:13.609026028Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:56:13.6102235Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:56:13.61212759Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:56:13.613637469Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:56:13.614920101Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:56:13.617225997Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:56:13.618984514Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:56:13.620625119Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:56:13.622513911Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:56:13.62447049Z	53	PC: 1362a \| Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:56:13.626305Z	37	PC: 1363f \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:56:13.628000698Z	37	PC: 13647 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:56:13.630013482Z	37	PC: 1364f \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:13.63136285Z	37	PC: 13657 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:56:13.633231293Z	68	PC: 143f6 \| I/O control for devices (Set for = '')
2018-12-17T22:56:13.636237797Z	48	PC: 13f12 \| Get DOS version
2018-12-17T22:56:13.638641537Z	61	PC: 13d50 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:56:13.646044037Z	87	PC: 13360 \| Get or set file date and time
2018-12-17T22:56:13.648725148Z	60	PC: 13d50 \| Create or truncate file
2018-12-17T22:56:13.666714676Z	66	PC: 13e82 \| Move file pointer
2018-12-17T22:56:13.668454226Z	63	PC: 13e23 \| Read file or device (Read 8192 bytes on handle 5)
2018-12-17T22:56:13.672902861Z	64	PC: 13e23 \| Write file or device (Write 400 bytes on handle 6)
2018-12-17T22:56:13.678032548Z	66	PC: 144f5 \| Move file pointer
2018-12-17T22:56:13.679929394Z	66	PC: 14503 \| Move file pointer
2018-12-17T22:56:13.682672893Z	66	PC: 14511 \| Move file pointer
2018-12-17T22:56:13.68452684Z	62	PC: 13da0 \| Close file
2018-12-17T22:56:13.686611449Z	87	PC: 1338d \| Get or set file date and time
2018-12-17T22:56:13.689718331Z	62	PC: 13da0 \| Close file
2018-12-17T22:56:13.698503782Z	67	PC: 1331f \| Get or set file attributes
2018-12-17T22:56:13.704843152Z	61	PC: 13d50 \| Open file (Filename = 'A:\TEST.EXE')
2018-12-17T22:56:13.71203245Z	87	PC: 13360 \| Get or set file date and time
2018-12-17T22:56:13.714828669Z	63	PC: 13e23 \| Read file or device (Read 7200 bytes on handle 5)
2018-12-17T22:56:13.723880881Z	66	PC: 13e82 \| Move file pointer
2018-12-17T22:56:13.725958908Z	64	PC: 13e23 \| Write file or device (Write 1 bytes on handle 5)
2018-12-17T22:56:13.730707567Z	87	PC: 1338d \| Get or set file date and time
2018-12-17T22:56:13.732845297Z	62	PC: 13da0 \| Close file
2018-12-17T22:56:13.745596915Z	67	PC: 13346 \| Get or set file attributes
2018-12-17T22:56:13.758049651Z	26	PC: 133bd \| Set disk transfer address
2018-12-17T22:56:13.759384081Z	78	PC: 133c9 \| Find first file
2018-12-17T22:56:13.769472841Z	64	PC: 13cab \| Write file or device (Write 0 bytes on handle 1)
2018-12-17T22:56:13.772421025Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '0' AKA 'Program terminate')
2018-12-17T22:56:13.774364499Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '2' AKA 'Character output')
2018-12-17T22:56:13.775905958Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive')
2018-12-17T22:56:13.777700042Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '33' AKA 'Random read')
2018-12-17T22:56:13.780716915Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:56:13.782036256Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:56:13.783322675Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer')
2018-12-17T22:56:13.785625435Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '53' AKA 'Get interrupt vector')
2018-12-17T22:56:13.786804161Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '54' AKA 'Get free disk space')
2018-12-17T22:56:13.787973871Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '55' AKA 'Get or set switch character')
2018-12-17T22:56:13.790193334Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '56' AKA 'Get or set country info')
2018-12-17T22:56:13.791895144Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '57' AKA 'Create subdirectory')
2018-12-17T22:56:13.793423838Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '58' AKA 'Remove subdirectory')
2018-12-17T22:56:13.795573591Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '59' AKA 'Change current directory')
2018-12-17T22:56:13.797043064Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '60' AKA 'Create or truncate file')
2018-12-17T22:56:13.798512698Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '61' AKA 'Open file')
2018-12-17T22:56:13.800532706Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '62' AKA 'Close file')
2018-12-17T22:56:13.80204498Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '63' AKA 'Read file or device')
2018-12-17T22:56:13.803360504Z	37	PC: 13781 \| Set interrupt vector (Interrupt = '117' AKA 'UNKNOWN!')
2018-12-17T22:56:13.804730931Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.808303889Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.810655631Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.813206868Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.816407948Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.818744481Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.821054906Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.824259462Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.826779661Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.829365143Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.832841519Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.838225513Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.840782682Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.843596774Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.846707133Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.848967473Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.851196434Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.854646321Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.856890391Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.859541386Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.86330366Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.865738719Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.868023466Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.873847066Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.881032648Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.883329016Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.886589267Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.888755911Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.891098636Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.894699737Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.897220207Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.899012216Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.901867786Z	6	PC: 13808 \| Direct console I/O
2018-12-17T22:56:13.904668563Z	76	PC: 137c0 \| Terminate with return code (Return code = '202')